Microservices brought their own inherent complexities — the complexities inherent in working in any distributed system. View in browser »

ISSUE 277: Picking Apart the Microservice

“There is a lot of external peer pressure of what you’re expected to do, like everyone else does this so you should do this too. I think it’s OK to do what makes you happy.”

___
Mitchell Hashimoto, on stepping down from his HashiCorp CTO post, to concentrate on individual contributions.

Tools and Methods Used to Prevent Cloud Misconfiguration

Cloud engineers are looking to policy as code to prevent cloud misconfigurations, according to “The State of Cloud Security 2021 Report,” which surveyed 300 U.S. cloud engineering and security professionals. It found that adoption of open source policy as code has increased in the last year, going from 31% in last year’s study to 39%. While open source is popular, so too are vendor tools for compliance checking, which jumped from 41% to 47%.

Policy as code has risen to the fore due to concern about cloud misconfiguration, but also as part of a larger effort to automate the entire software and cloud development/deployment life cycle. How it is implemented remains to be seen. Writing a policy may be the easy part. Maintaining, testing and enforcing policies across multiple CI/CD pipelines and cloud environments will be trickier.

Many organizations are finding that shifting to cloud native environments has become easier than it was in the past. However, the complexities and ensuing challenges can still surmount once at-scale deployments begin.

In this episode of The New Stack Makers podcast, hosted by TNS’ Alex Williams, founder and publisher, and Joab Jackson, TNS editor-in-chief, application-deployment standards are the discussion of the day. The featured guests are Bruno Andrade, founder, Shipa, a provider of frameworks for Kubernetes; and Bassam Tabbara, founder and CEO, Upbound, which offers a universal control plane for multicluster management.

Cloud Native Deployments Bring New Complexities to the Developer

Picking Apart the Microservice

Microservices celebrates its tenth birthday this year, and now is as good a time as any to figure out what value it has brought to the world of IT and what work still needs to be done. And this is what Charles Humble — who by day is the editor-in-chief at IT consultancy Container Solutions — has done in a new feature article posted on The New Stack this week.

If today we look upon the idea of running a monolithic system, (a “monolith”) as a negative, we have microservices to blame. The concept has brought us much in terms of developer efficiency. Microservices allow developers to deploy code more rapidly, “favoring the replaceability of components over their maintainability,” Humble writes, and so many organizations have built out loosely-coupled systems composed of dozens or hundreds of microservices, maintained by small, autonomous teams and loosely coupled systems.

It must have been an idea whose time was coming. As Humble pointed out, Netflix, Amazon, Google and eBay had all pretty much arrived at this same architectural pattern at the same time.

But if microservices were successful, they also brought their own inherent complexities — the complexities inherent in working in any distributed system. In particular, there is the complexity that comes with Kubernetes, the open source container orchestration engine that has become almost synonymous with the idea of microservices. The hope has been that the application developers shouldn’t have to deal with Kubernetes at all, but this hasn’t been proven to be the case.

“It’s worth noting that the complexity isn’t just hidden under the hood. It’s spilling out into the interface and impacting users,” Container Solutions Chief Scientist Adrian Mouat said of Kubernetes. His views are echoed by industry consultant Sam Newman, who said “Kubernetes is not developer-friendly. It stuns me that we still don’t have a good, reliable, Heroku-like abstraction that is widely used on top of Kubernetes.”

True, there are many efforts to abstract away the complexities of Kubernetes for the developers, the Upbound universal control plane is one such effort. But will, as Mouat argues in the post, a competing technology come along to offer a simpler solution to managing microservices altogether?

You’ll have to keep reading The New Stack to find out!

Sysdig Aims for IaC Auto-Remediation with Apolicy Acquisition

Cloud security company Sysdig has begun the process of acquiring Apolicy as part of its efforts to continue shifting left its suite of security products, adding to the Sysdig platform the ability to not only parse Infrastructure-as-Code (IAC) configuration files for errors but also to help prioritize and remediate any issues found.

The AWS Shared Responsibility Model for Kubernetes

Amazon Web Services‘ Shared Responsibility Model clearly delineates the infrastructural security responsibilities covered by AWS and those responsibilities that fall on the enterprises themselves. Gary Duan, from container security company NeuVector, shows us in the contributed post how to apply this model to securing the AWS workloads run on our favorite container orchestration engine, Kubernetes.

Thundra Brings Observability Tracing to Continuous Integration

Observability tools provider Thundra has introduced Thundra Foresight, an automated observability platform for continuous integration (CI) pipelines. Thundra Foresight enables developers to easily add traces to CI environments in real time and on-demand.

Hats are us at The New Stack! Kudos to Sacha Labourey for bringing his team hat to the podcast party! From top left clockwise: Darryl Taft and Colleen Coll (TNS), with Bailey Math, AV Consultant, Sacha Labourey of CloudBees in the yellow hat, and Alex Williams (TNS).

SEPT. 27-30 // SEATTLE, WASHINGTON @ HYATT REGENCY

Open Source Summit

Open Source Summit is the leading conference for developers, architects and other technologists to collaborate, learn about the latest technologies and gain a competitive advantage by using innovative open solutions. Register now!

Apple Podcasts, Google Podcasts, Overcast, Pocket Casts, Simplecast, Spotify, Stitcher, TuneIn

Technologists building and managing new stack architectures join us for short conversations at conferences out on the tech conference circuit. These are the people defining how applications are developed and managed at scale.