As Linux, and open source in general, enters into its third decade, we are finding that many of our initial assumptions need to be readjustedView in browser »
The New Stack Update

ISSUE 286: Trickle Down Open Source

Talk Talk Talk

“Vendors have long catered to the decision maker’s ego and positioned their tech as the ultimate resume builder.”

Add It Up
SmartBear’s 2021 State of Software Quality | Testing

Automating software and security testing is an ongoing process, yet truly reaching full automation may never happen. In SmartBear Software’s “2021 State of Software Quality | Testing” the percentage of tests that are manually conducted actually rose from 24% in 2019 to 37% in 2021. This does not mean that automation is not happening. To the contrary, both manual and automated tests are being conducted.

The biggest challenge to test automation is no longer dealing with changing functionality but instead not having enough time to create and conduct tests. Testers are not being challenged by demands to deploy more frequently but instead to test more frequently across more environments. Testing of the user interface layer is more common, and to address this 50% currently conduct some automated usability testing as compared to just 34% in 2019.

What's Happening

It’s that time of the year again when we gather to discuss all matters related to Kubernetes and the other assorted tooling necessary to make cloud native computing happen.

KubeCon+CloudNativeCon will be held in Los Angeles next month, October 11 -15. A key difference at this year’s event — the first onsite event from the Cloud Native Computing Foundation since the beginning of the pandemic — is that the flagship cloud native conference will offer a more significant virtual experience for those unable to travel to the venue in L.A.

The virtual aspect of this year’s KubeCon+CloudNativeCon “is expected to continue indefinitely,” Priyanka Sharma, general manager, CNCF, said in this edition of The New Stack Makers podcast. Sharma was joined by conference co-chair Jasmine James, who is the Twitter developer experience lead and manager for engineering effectiveness. They discussed this year’s schedule and agenda, how it will all compare to KubeCon+CloudNativeCon of years past and general cloud native trends. TNS editor-in-chief, Joab Jackson, hosted this episode of The New Stack Makers.

What to Expect at KubeCon+CloudNativeCon

Trickle Down Open Source

As Linux, and open source in general, enters into its third decade, we are finding that many of our initial assumptions should be readjusted. Software such as Linux and MySQL are no longer the scrappy outsiders rebelling against the Death Star of proprietary code, but rather a force all their own.

Not too long ago, one of the prevailing worries was that the large software and cloud companies would suck up all the open source software, make money selling it into enterprise IT, but leave the work of maintaining said software to the independent volunteers.

Well, the first part of that forecast has certainly come true, as everyone from Red Hat to Amazon Web Services uses open source software as fundamental components in their services and offerings. But, as it turns out, they also contribute heavily to the open source ecosystem as well. In fact, they have to in order to stay competitive, argued Wim Coekaerts, senior vice president of software development at Oracle, which is certainly one of the companies that benefits from free and open software.

Coekaerts made his case on stage at the Linux Foundation’s Open Source Summit, held in Seattle this week.

“One of the nice things with open source is that it forces companies that rely on it to actually contribute. If you don’t go upstream, you basically screw yourself long-term. You have a lot more work to do on maintenance,” he told the audience.

Software companies and cloud services are in a competitive market, and they must rely on open source to get their back-end operations up and running as quickly as possible. And once the developers get the service up and running, they will need to maintain it. As a result, “They really have to keep up with the upstream releases. No matter what the product is there are security updates, there's new functionality. And if folks don't contribute patches back upstream, it becomes harder and harder to maintain and house.”

There’s also the issue of responsibility. When something goes wrong with the software that a company is repackaging, the company can’t exactly shift the blame to some other party. Enterprises pay companies for, among other things, “a throat to choke” when something goes wrong.

“If your servers are compromised, it’s your customers, right? And you're losing face. So whenever these bigger companies are using open source components in their stack, they really have to take ownership of that and make sure that that's really well done,” Coekaerts said. And the only way to ensure security in these high-priority environments is to push fixes upstream as quickly as possible.

Certainly, this is true of Linux. In the latest survey of who contributed to the Linux kernel, Red Hat, IBM, Intel, Samsung, Oracle and Facebook all offered considerable updates.

Machine Learning Data Gets Type Checking, Validation with Flyte, Pandera

Machine learning has a data quality problem. A set of bad data can work its way through the entire modeling process before someone notices that it’s faulty, forcing a laborious debugging process. At the Open Source Summit this week, developer Neils Bantilan introduced two open source programs that he created that can help root out bad data before it is used in production, as well as standardize the process of data validation.

Docker Defends Desktop Pricing, Says Support Led to Faster Features

At the end of August, Docker announced that they would be changing the pricing for its popular Docker Desktop, a move that was met with a flurry of criticism on sites like Twitter and Hacker News, alongside discussions around potential alternatives. From the outside perspective, it might seem like an unpopular move, but last week, Docker begged to differ.

4 Forecasts for the Future of Developer Relations

Developer relations, or DevRel, is an ascendant role in many tech companies. Its rise is a reflection of software’s ubiquity in the business world — and the growing power of the developer to influence what products and platforms their employers use. If you’re looking to break into DevRel, it’s as good a time as any. But aspiring developer advocates, and their employers, should also expect the role to continue to evolve.

Party On


Sarah Novotny has taken on the role of Microsoft Azure's director of open source strategy and ecosystem, managed within the office of the CTO. 

“We want to give voice to the 18% who do not feel welcome in open source. What are their stories? What are the behaviors they’re encountering? Because that’s where the conversation starts.”
— Demetris Cheatham on a diversity survey's findings where 82% felt welcome in open source.

Sanath Ramesh told his story about how open source is the best hope to save his son from a rare disease whose treatment isn't funded by the pharmaceutical industry. His organization, @OpenTreatments, uses a software platform to streamline gene therapy for any rare disease.

Peter Zaitsev

An alternative to costly proprietary database services, the Kubernetes API could be a universal cloud controller to run open source databases as services — Peter Zaitsev at the Open Source Summit

Open Source Summit: Interview w/Royal O'Brien, Linux Foundation

Open Source Summit: Interview with Alex Williams of The New Stack and Royal O'Brien of the Linux Foundation.

On The Road

OCT. 6  // VIRTUAL @ 12 PM PDT

VMworld Virtual Pancake & Podcast Live w/ TNS

Join us live for a short stack with The New Stack @ VMworld 2021! A panel of experts will weigh in on the future of multicloud technology, providing a view into the innovations VMware is driving at the intersection of clouds and apps. Bring your questions and register now!

Click here to download the ebook: Cloud Native Observability for DevOps Teams
Now more than ever, it’s vital to know how your systems are performing. Outages can cripple e-commerce and alienate customers. Unpredicted surges in web traffic can cause havoc. Hackers can grind your business to a halt— and even hold it for ransom.

The best defense against all of these scenarios is observability—not just monitoring, but a holistic approach that includes metrics, logs, and tracing. These days, the responsibility for paying attention to all of this falls not just on operations engineers, but on the whole DevOps team.

In the ebook, you’ll learn about:
  • The role of observability in cloud native applications.
  • Why observability isn’t just metrics, tracing, and logs.
  • How observability enables DevOps.
  • Kubernetes observability challenges and how to overcome them.
  • Why developers should learn Kubernetes.
  • An overview of Kubernetes logging.
Download Ebook
Thanks to our exclusive ebook sponsor, LogDNA for making this work possible!

Copyright © 2021 The New Stack, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list

Email Marketing Powered by Mailchimp