Copy
This month, we looked at one of the ongoing challenges for Kubernetes, namely how to run stateful applicationsView in browser »
The New Stack Update

ISSUE 206: The State of Kubernetes’ Stateful Workloads

Talk Talk Talk

“The intentional gaps in Kubernetes offer flexibility in both infrastructure and application layers.”

Add It Up
Service Meshes Will Help Improve Distributed Systems' Operations in the Next Year

People familiar with service meshes say the technology is important to organizations’ efforts to improve the security, observability and traffic control of distributed systems over the next twelve months. That is one takeaway from 138 responses to an online poll The New Stack conducted Feb. 13-24. Access to the raw data and tabulated results are in a publicly available workbook.

A third of respondents’ organizations are using service meshes to control communications traffic between microservices in production Kubernetes environments. Another 34% use service mesh technology in a test environment, or are piloting or actively evaluating solutions. Instead of trying to gauge actual adoption, we are using this data to explore how decisions are being made in the near future.

What's Happening

The traditional role of the IT security professional in the past largely involved drafting and implementing policies and best practices, as well as managing security-vulnerability detection and remediation. Interaction with developers was usually relegated to the post-deployment stages of software development.

But in this new age of DevOps, security practices have evolved, especially for cloud native security. Many of the differences can be attributed to how software development underpins DevOps processes. Consequently, security team members have become more development focused and should play a role throughout the entire production pipeline (think of it as part of a shift to the left in CI/CD).

In this edition of The New Stack Makers podcast recorded live at Palo Alto Networks’ studio in Santa Clara, CA, how security practices have evolved and changed are discussed. The guests were:

  • Ben Bernstein, senior vice president of product and engineering at Palo Alto Networks.
  • Matt Chiodi, chief security officer of Public Cloud at Palo Alto Networks.
  • Xiaobo Long, senior vice president of cloud security at Citibank.

The New Stack Publisher Alex Williams hosted this episode.

Why Security Is Really Different in Today’s Cloud Native World

The State of Kubernetes’ Stateful Workloads

Each month on The New Stack, we pick a theme to devote a certain amount of coverage to, issues that we hear are important to our readers. This month, we looked at one of the ongoing challenges for Kubernetes, namely how to run stateful applications.

Kubernetes was originally designed for stateless workloads, or those that did not require keeping session information of the user. Most applications, however, require the application to keep some sort of state information, and hence, require some sort of persistent backend storage. 

The good news that we’ve found is that there are multiple approaches to running stateful workloads on K8s, even if we haven’t fully decided on which approaches to embrace — and codify.

There are a variety of ways of managing state, pointed out analyst Janakiram MSV in his post, “Different Approaches for Building Stateful Kubernetes Applications." You could do a shared cluster, either through native provisioning by Kubernetes itself, or by host-based provisioning at the cluster. Another approach is stateful sets, where Kubernetes manages backup copies of the data through the ReplicaSet, DaemonSet, and StatefulSet controllers. Or, you could look to the solutions offered by cloud native storage solution providers, such as NetApp, Red Hat or Portworx. These often involve additional proprietary schedulers, though they can save a lot of maintenance time. If you are looking for options, MSV’s post is a good starting point. 

In keeping with this theme, we also did a Q&A with Saad Ali, a software engineer at Google and the chair of the Kubernetes Storage Special Interest Group at the Cloud Native Computing Foundation, about the work already done to make run stateful workloads easier, as well as the challenges that remain and what to look for in the future. One preview: Work is being done to make better interfaces for CSI volume health checks.

Expect to see more posts about Kubernetes stateful workloads over the next week or so, including a contributed post (and podcast interview) with Ryan Staatz, head of DevOps at LogDNA, who writes that the “effectiveness with which you can run stateful services on Kubernetes begins with your infrastructure.” Check in daily at TheNewStack.io.

Microsoft’s Open Source Scalar Brings Large Repository Support for Git

Last week, Microsoft released the open source project Scalar, a .NET Core application for Windows and Mac (Linux pending) that works to support very large code repositories, maximizing Git performance by setting recommended config values and running background maintenance. Git is “one of the most used and important” DevOps tools at Microsoft, with the distributed code repository used to build products like Microsoft Office, Azure, and Windows, which the company believes to be the largest Git repo in existence. 

Digital Rebar Promises Distributed Site Automation from Enterprise to Edge

RackN has released the latest version of Digital Rebar Platform (DRP), its Infrastructure as Code provisioning and workflow system. DRP v4.3 — which integrates into data centers to manage physical and virtual compute, network and storage — introduces the ability to automate distributed sites with Infrastructure as Code, both in large enterprise environments and on the edge, using the same lightweight Golang-based service.

Introducing the GitHub CLI

Developers across the globe depend upon GitHub. It houses their repositories and serves as a version control system for individuals and teams. And although GitHub has a user-friendly web-based GUI, many developers tend to spend a good amount of their development time working from within the command-line interface (CLI). Given that, it makes perfect sense GitHub would finally begin work on a tool to make it easier to work with GitHub from the command line. That tool is the GitHub CLI and it’s now in beta. Our open source correspondent Jack Wallen does a walk-through of the new technology.

On The Road

MARCH 30 - APRIL 02 // AMSTERDAM, THE NETHERLANDS @ RAI AMSTERDAM

KubeCon + CloudNativeCon Europe 2020

The DevOps movement faces a new age of automation with machine learning for platform operations. Increasing efficiencies will play a central role in the ongoing evolution of Kubernetes and cloud native technologies, further enabling edge and improved security, for example. It’s a timely discussion for KubeCon + CloudNativeCon in Amsterdam where we will talk with technologists on these pertinent topics. 15% off with code KCEU20TNS15 for the first 50 people. Register now

The New Stack Makers podcast is available on:
SoundCloudFireside.fm — Pocket CastsStitcher — Apple PodcastsOvercastSpotifyTuneIn

Technologists building and managing new stack architectures join us for short conversations at conferences out on the tech conference circuit. These are the people defining how applications are developed and managed at scale.
Copyright © 2020 The New Stack, All rights reserved.


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list

Email Marketing Powered by Mailchimp