The rules of the road: Don’t run over people, stay awake at the wheel and update the software. View in browser »
The New Stack Update

ISSUE 172: Safety First

Talk Talk Talk

“The fact of the matter is: the talent we need to develop cloud native applications doesn’t exist — yet.”

Abby Kearns, executive director of Cloud Foundry Foundation, in her article "What Home Depot Can Teach DevOps (and Anyone Else)"
Add It Up
Who Drives Container Adoption?
2019 Container Adoption Benchmark Survey from Kubernetes provider Diamanti corroborates three trends we’ve seen in recent market research about containers adoption: 1) IT operations teams have taken the lead; 2) security, not state, is the biggest obstacle to increased adoption; and 3) performance, not cost, is the reason to run containers on bare metal.
Of the over 500 IT leaders surveyed by Diamanti, 35% said IT operations teams were driving container adoption, doubling the amount answering that way in the 2018 study. IT operations’ increased influence is partly because many companies have made a strategic decision to move forward with Kubernetes even before they have widescale production use of containers.
What's Happening

Building a simulation of the human heart. Pooling and crunching data from public transportation and other sources from around the world to determine travel times between specific distances. These are two projects Alfonso Santiago, researcher at the Barcelona Supercomputing Center, and Charlie Davies, co-founder, technology and product director, iGeolise, are actively engaged in building. What they have in common is how they derive immense high-performance computing (HPC) workloads on a cloud native platform.

Santiago and Davies shared details about how HPC has helped to solve many of their respective projects’ struggles during a The New Stack Makers podcast hosted by Joab Jackson, managing editor, during KubeCon + CloudNativeCon in Barcelona. Also on hand was TJ Fontaine, a software engineer and consulting member of technical staff for Oracle, who offered some context about Oracle’s role in these projects and in HPC on the cloud in general.

How Two High-Performance Computing Projects Got a Boost on Cloud Native

Safety First

The rules of the road: Don’t run over people, stay awake at the wheel and update the software. That last rule, it’s a new one, but, increasingly, we face a changing view about the physical things in our lives. A car is not a car, it’s a software object. But it’s also a software object with considerable constraints. In particular, updating software means parking the car and doing the upload and installation. It’s not exactly seamless nor entirely safe, either.
The software on computers, on servers, on distributed infrastructure — it can be buggy and more so, insecure. Now think about a car with software: bugs can cause brake failures. That’s not a good thing. Actually, it’s terrifying.
JFrog views itself as a software company that updates software objects — even cars. At their JFrog swampUp event this week, the team there brought their own race track to show the workflow they have developed to provide over-the-air updates for autonomous vehicles. The concept is to use the JFrog Enterprise + platform to provide continuous delivery for a car, no matter where it may be.
The demo reflects why the current effort to make security more relevant to developers is increasingly important, and is fostering more discussion as reflected in several posts on The New Stack this week. We see the Cloud Native Computing Foundation is working towards baking in security into open source projects. And Docker is taking its lessons learned from the Docker Hub attack to think through its security posture. Also of note is the interview TNS writer Dave Cassel did with Rust creator Graydon Hoare who has a lot to say about safety and the history of insecure software and a post about how to secure a container host, with a focus on kernel-level security.
In the meantime. Kubernetes continues to be a focal aspect of our coverage this week. Let’s get on to the news.

Kubernetes 1.15 Aims to Extensibility with Custom Resource Definition Features

Kubernetes 1.15 is out and with it a bit of change in approach compared to previous releases over the past year. Instead of a focus on stable releases, the Kubernetes community leadership has instead added more alpha and beta features that they intend to build up before calling them stable. Custom resource definitions (CRD) continue to gain importance. Kubernetes 1.15 adds four new beta features and one alpha feature relating to CRDs. The stable releases include kubectl commands — get and describe — that should now work well with extensions, writes TNS correspondent Mike Melanson. The second stable enhancement is adding go module support, notable in terms of its importance for communities developing Kubernetes and third-party vendors.

NetApp Takes on the Hybrid Multicloud with Kubernetes Integration

Speaking of third-party vendors, NetApp has added managed Kubernetes service to its NetApp Hybrid Cloud Infrastructure (HCI) storage management package, with the idea of simplifying how customers deploy and manage services across on-premises and the public cloud, writes Melanson in another post in his continued coverage of the Kubernetes ecosystem.
Of note is NetApp’s acquisition of StackPoint Cloud last year and its direct influence on the storage provider’s hybrid approach. StackPath focused on the challenge of stateful applications in a Kubernetes environment and combined that with developer resource investment in Istio. The approach provides users with a consistent developer experience across multiple cloud environments.

Nirmata’s Kyverno: Kubernetes Configuration Via Policy

Nirmata has one of the deepest stories to tell about Kubernetes. The company’s history dates back to the earliest days of Kubernetes. Therefore, its emphasis on configuration via policy should be noted. The company has open sourced a project called Kyverno that enables users to validate, mutate and generate configurations through policy.
The focus is relatively straightforward. Their premise: It’s not just validating the configuration, but being able to update and edit configurations as they’re being applied, writes TNS correspondent Susan Hall.
The approach speaks to the core roots of Kubernetes in its vision of achieving a desired state, something that is not always easy to do in microservices environments with configurations that will often require changes once in production.

Party On

Talking about DevOps at JFrog swampUP with Quali’s Cindy Friedman (left) and Fidelity information Services Maria Charma Cabellero.

Nicole Forsgren, a researcher and strategist with Google, makes it clear at JFrog swampUP: There is no DevOps-in-a-box.

The wonderful Mayim Bialik, neuroscientist and actress, who shared her life experiences at the JFrog swampUP dinner in San Francisco.

On The Road


OSCON is where to go to understand what’s shaping software development—from AI and cloud technology to distributed computing—and learn how to put it to work for you. You’ll hear from industry heavy-weights like Holden Karau (Google), Rupa Dachere (CodeChix), Julien Simon (AWS), and Alison McCauley (Unblocked Future). 25% off bronze, silver & gold passes with code TNS. Register now!
The New Stack Makers podcast is available on: — Pocket CastsStitcher — Apple PodcastsOvercastSpotifyTuneIn

Technologists building and managing new stack architectures join us for short conversations at conferences out on the tech conference circuit. These are the people defining how applications are developed and managed at scale.
Free Guide to Cloud Native DevOps Ebook

Cloud native technologies — containers, microservices and serverless functions that run in multicloud environments and are managed through automated CI/CD pipelines — are built on DevOps principles. You cannot have one without the other. However, the interdepencies between DevOps culture and practices and cloud native software architectures are not always clearly defined.

This ebook helps practitioners, architects and business managers identify these emerging patterns and implement them within an organization. It informs organizational thinking around cloud native architectures by providing original research, context and insight around the evolution of DevOps as a profession, as a culture, and as an ecosystem of supporting tools and services. 

Download The Ebook
We are grateful for the support of our ebook sponsors:

Copyright © 2019 The New Stack, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list