DevSecOps emerged as a natural evolution of DevOps practices with a focus on integrating security into the software development and deployment process. The term “DevSecOps” represents the convergence of Development (Dev), Security (Sec), and Operations (Ops) practices, emphasizing the importance of security throughout the software development lifecycle. The diagram below shows the important concepts in DevSecOps.
Popular interview question: how to diagnose a mysterious process that’s taking too much CPU, memory, IO, etc?
The diagram above illustrates helpful tools in a Linux system.
‘vmstat’ – reports information about processes, memory, paging, block IO, traps, and CPU activity.
‘iostat’ – reports CPU and input/output statistics of the system.
‘netstat’ – displays statistical data related to IP, TCP, UDP, and ICMP protocols.
‘lsof’ – lists open files of the current system.
‘pidstat’ – monitors the utilization of system resources by all or specified processes, including CPU, memory, device IO, task switching, threads, etc.
This post is based on research from many Netflix engineering blogs and open-source projects. If you come across any inaccuracies, please feel free to inform us.
Mobile and web: Netflix has adopted Swift and Kotlin to build native mobile apps. For its web application, it uses React.
Frontend/server communication: GraphQL.
Backend services: Netflix relies on ZUUL, Eureka, the Spring Boot framework, and other technologies.
Databases: Netflix utilizes EV cache, Cassandra, CockroachDB, and other databases.
Messaging/streaming: Netflix employs Apache Kafka and Fink for messaging and streaming purposes.
Video storage: Netflix uses S3 and Open Connect for video storage.
Data processing: Netflix utilizes Flink and Spark for data processing, which is then visualized using Tableau. Redshift is used for processing structured data warehouse information.
CI/CD: Netflix employs various tools such as JIRA, Confluence, PagerDuty, Jenkins, Gradle, Chaos Monkey, Spinnaker, Altas, and more for CI/CD processes.
