Kubernetes has a learning curve, to be sure, but it can also bring big payoffs, and now it’s up to the K8s community to explain howView in browser »
The New Stack Update

ISSUE 200: How to Use Kubernetes on Your Infrastructure

Talk Talk Talk

The hidden costs of having your developers manually building their own languages are costing your organization far more than you think.”

Bart Copeland, CEO ActiveState
Add It Up
Although Tracing Is Critical, Only 19% Use a Distributed Tracing Tool

Using logs, metrics and traces together is part of the definition of “observability,” according to 83% of the nearly 1,000 respondents to’s annual DevOps Pulse study. Since the survey question had the option of “select all,” another finding is that two-thirds said observability is a measure of how well a system’s state can be inferred from output data. That latter definition is the one preferred by observability pioneer Charity Majors in her “Observability — A 3-Year Retrospective” post. End-users’ impressions of what these terms mean are important to because the company itself is a cloud observability platform built on top of the ELK stack.

The vague term “monitoring” is considered critical to achieving observability, but so is alerting, tracing, instrumentation and anomaly detection. Although these practices are prerequisites, companies have been slow to adopt specific tooling. Notably, only 19% are using a distributed tracing tooling like Jaeger. Whether or not this is the “correct tool” is an open question, but finding the right tool for the job is an observability challenge for more than a third of the study.

What's Happening

The lack of a definitive audit of the state of Kubernetes security set the stage for publication of the Kubernetes Security Audit Working Group. On hand to discuss the audit during KubeCon + CloudNativeCon were Jay Beale, chief technology officer of InGuardians, and Aaron Small, a product manager for Google, who are also both co-leads of the Kubernetes third-party assessment project. They discussed this and how Kubernetes, compared to Docker containers, represents a new, and ultimately, risky world of dependencies during a live recording in San Diego for this edition of The New Stack Makers podcast.

Real Data for a Proper Kubernetes Security Review

How to Use Kubernetes on your Infrastructure

Y Combinator’s news aggregation site, Hacker News, gets a lot of criticism for the sometimes questionable views expressed by its commenters, but at the same time, the HN fray can provide a lot of perspective into what is going on in the engine rooms of IT, sometimes providing as much insight as the article they discuss.

For instance, earlier this week, someone had posted an essay, “Maybe You Don't Need Kubernetes,” an interesting case study of a business that found Kubernetes too complicated for its own requirements. This development team, part of the Trivago travel service, went with HashiCorp’s Nomad instead. 

It is a good read, and what was even more fascinating was the debate that ensued on the comments page about where and when to use Kubernetes. We’ve long heard both complaints about Kubernetes being too complex for end users, as well as the value proposition of better managing your infrastructure that would make it all worthwhile But the HN comments bring something new. They vividly illustrate where the rubber meets the road, as military officers used to say. For instance, one observer wrote: “Kubernetes is really really cheap. I can run 20 low volume apps in a kubes cluster with a single VM. This is cheaper than any other hosting solution in the cloud if you want the same level of stability and isolation."

Sure, Kubernetes is great for Internet-facing services such as Airbnb that have crushing loads of traffic, yet we rarely hear about the benefits of K8s for smaller businesses, such as the one mentioned above, serving as a low-cost way of hosting multiple applications. Someone else pointed out about Kubernetes that “once you know it, is significantly easier than cobbling together an environment from ‘classical’ solutions that combine Puppet/Chef/Ansible, homegrown shell scripts, static VMs, and SSH.”

We like the specifics of that argument. 

In many ways, the Kubernetes community is off in a bit of a bubble, in regards to the rest of the work-a-day IT industry. With all the hype around Kubernetes, we all too rarely hear about how it would actually fit into today’s IT infrastructure — not the infra of giants like eBay, but the bulk of IT users that make up the IT market. Kubernetes has a learning curve, to be sure, but it can also bring big payoffs, and now it’s up to the K8s community to explain how. 

Linux Creator Linus Torvalds Disavows the ZFS Filesystem

Linux creator and principal developer Linus Torvalds has come out against the ZFS file system. The timing of this cannot be ignored, as only recently ZFS has found its first official implementation within a major distribution release. Said release was Ubuntu 19.10, wherein the ZFS filesystem was touted as one of the main features of the latest iteration of Canonical’s take on Linux. What is Torvalds’ beef with this cutting edge file system? Find out all the dirt here.

CNCF Bug Bounty Program Shines a Light on the Darker Corners of Kubernetes

After several months in beta testing with selected security researchers, the Kubernetes bug bounty program launched Tuesday. It is a joint effort of the Cloud Native Computing Foundation (CNCF), Google, HackerOne and the Kubernetes Product Security Committee. Google first proposed the program and defined the initial proposal in early 2018, with HackerOne winning a community-led request for proposal (RFP) and CNCF providing the funding. Bounties will range from $100 to $10,000 depending on the severity, and HackerOne will handle the initial triage and assessment of newly submitted bugs.

MariaDB Goes Cloud Native with AWS S3 API, and Introduces 'Smart' Transactions

This week, MariaDB has launched the latest version of its enterprise open source database for hybrid transactional/analytical processing at scale. The company explains that MariaDB Platform X4 is now cloud native by virtue of disaggregating storage from compute, with the introduction of support for Amazon Web Services' Simple Storage Service (Amazon S3) APIs. Amazon S3, they explain, is vastly cheaper and allows for unlimited storage capacity, which is better for analytics, and saves the cost of using more expensive block storage like AWS Elastic Block Store (Amazon EBS) for fast transactions.

Equinix Purchases Packet to Bring Bare Metal Provisioning to the Edge

Global interconnection and data center company Equinix is acquiring bare metal automation platform Packet to boost its interconnected edge services, the two companies announced Tuesday. The purchase will help Equinix address a growing enterprise user base interested in hybrid multicloud architectures, which the company supports with its Platform Equinix global interconnection fabric.

Party On

Jory Ruscio is a senior full-stack engineer at Vox Media. Joe Ruscio is a partner at Heavybit. And they were in their hometown of Portland last week for Heavybit’s Portland debut. You know what they say — the family that is in tech go to each other’s tech events, right Jory and Joe?

Mike Julian (left) of The Duckbill Group and Adam DuVander of EveryDeveloper share local PDX stories at the Heavybit party in Portland last week.

What a power group at the Heavybit party — from left to right: Paolo Moretto of cPacket Networks, Kelsey Hightower of Google and Ted Carstensen of Heavybit. 

On The Road
March 30 – April 2 // RAI Amsterdam @ Amsterdam, The Netherlands
March 30 – April 2, 2020 // RAI Amsterdam @ Amsterdam, The Netherlands
KubeCon+CloudNativeCon EU 2020
The Kubernetes and cloud native world is growing up so fast. Now here we come upon the big conference in Amsterdam for KubeCon + CloudNativeCon where the story will be all about the ongoing emergence of app-centric practices and how that affects developers, operations teams and DevOps pros everywhere. The world is transforming with software, and at its heart is Kubernetes and cloud native technologies, that more and more people are using to build at-scale development, deployment and management practices. Register Now!
The New Stack Makers podcast is available on: — Pocket CastsStitcher — Apple PodcastsOvercastSpotifyTuneIn

Technologists building and managing new stack architectures join us for short conversations at conferences out on the tech conference circuit. These are the people defining how applications are developed and managed at scale.

How are microservices deep systems? See for yourself with LightStep Sandbox — a free demo of their observability tool for engineers.

Copyright © 2020 The New Stack, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list