TL;DR May the 4TH Be With You – Last Week’s Container News (04/27/18-05/04/18)

Since it is May 4th, we figure we would lead off with a local post from the Innevation Center, that has a Star Wars theme. The Lenovo Star Wars AR Headset lets you have Lightsaber duels with friends. Full disclosure, since we are a partner of Lenovo and we are attending their partner summit next week here in Vegas, Accelerate 2018, the sent us a few of these VR headsets, and we have been having a lot of fun with them. Great way to celebrate May the 4th.

Post from KubeCon EU 2018

Of course, this week is KubeCon EU and there is a bunch of news coming from that conference.

First posting is from eWeek and it is a high-level overview of the major announcements from KubeCon, titled, Cloud-Native Technologies That Made an Impression at KubeCon EU 2018.

Here is a video interview at the KubeCon with Chris Aniszczyk, COO of the CNCF, detailing announcements the CNCF made at the event and provided insight into future developments. CNCF Expands Multi-Cloud Efforts at KubeCon EU

Some interesting news coming out of the conference is about Google launching gVisor, a sandboxed container runtime solution. As the name implies gVisor is a bit like a hypervisor that provides the isolation for containers. With a, rising interest in running more heterogeneous and less trusted workloads, there is a real desire for sandboxed containers. Containers that provide a secure isolation boundary between the host OS and the application running inside. gVisor provides an isolation boundary by intercepting application system calls and acting as a guest kernel, all while running entirely in user-space. To read more about this announcement from Google, here are there post about it from, ZDNet, TechCrunch, and The New Stack.

Google made another announcement at the KubeCon that it will bring in five container security startups to help secure Kubernetes. These security vendors that are part of the initial integration are Aqua Security, Capsule8, Stackrox, Sysdig Secure and Twistlock. In a video interview with eWeek, Maya Kaczorowski, product manager of security and privacy at Google, explains what the SCC expansion is all about and why Google decided to partner rather than build its own capabilities for additional container security.

Not to be left out, Red Hat Releases a Framework to Easily Package Applications for Kubernetes, called the Kubernetes Operator Framework Project. Red Hat is saying that Kubernetes is not just a container orchestration system, it can also be a platform for deploying and managing applications. The basic idea behind the Operator Framework comes to Red Hat from CoreOS, which had been working on the preliminary concepts. Red Hat acquired CoreOS that also brought CoreOS’ staff to Red Hat, including former CTO Brandon Philips. Here is a video interview with eWeek, Philips explained what the operator framework is all about and also detailed his view on where Kubernetes is headed next. Additionally, here is a post from The New Stack about it this framework as well.

DigitalOcean, launched a new hosted Kubernetes product at KubeCon. DigitalOcean Kubernetes will provide the container management and orchestration platform as a free service on top of its existing cloud compute and storage options. Users will not have to pay extra to use this Kubernetes management layer, and will only be charged standard compute rates.

Triton CLI on Windows Subsystem for Linux (WSL)

WSL is a complete Linux system inside Windows. In WSL, Ubuntu Linux runs directly on top of Windows, it is not a virtual machine. WSL runs the same binaries as Linux, but Linux isn’t the underlying OS kernel. Instead, WSL has the utilities and software available in a Bash shell, performing real-time translation of Linux syscalls into Windows OS syscalls. This post from Joyent will explore this tool in more detail and will walk you through some basic setup and uses for it.

The Complexity of Scaling a Microservices Architecture

Microservices architectures offer many clear benefits, but they also create challenges. Be aware of the compromises when you select a model to solve a problem. This post will cover the five challenges you need to deal with when scaling microservices.

Microsoft issues patches to fix Docker remote code execution flaw

Microsoft has released a patch for a critical remote code execution flaw affecting a Windows service used for importing Docker container images. The patch fixes an issue that could give an attacker the ability to execute arbitrary code on the host operating system, both ZDNetand itnews had post about it.

IT Needs to Break Its ‘Logo Addiction’

In our home town of Vegas this week, we had Interop ITX conference going on, and there was a talk present by Whole Food/Amazon IT infrastructure expert, Peyton Maynard-Koran, who said, Enterprise IT must shift away from buying products to building its own solutions based on open source software. We could not agree more.

How containers cut server costs for the Financial Times by 80 percent

The Financial Times’ content platform team has reduced its AWS server costs by 80 percent while moving to a much more stable tech infrastructure by adopting containers. This post show the benefits the team received, but the move wasn’t free of challenges.

Posting this week from Docker Inc.

Docker’s Blog was busy this week, and we found these interesting posts.

First, Docker talks about Automating Compliance for Highly Regulated Industries using Docker Enterprise Edition and OSCAL. This post shows how to use Docker EE for highly-regulated industries like financial services, insurance and government.

Then Docker had a post about how to secure the supply chain for a Kubernetes environment. This is a major consideration if you are looking to deploy containers using Kubernetes. Docker EE is the only current solution providing end to end security for supply management with Kubernetes.

In addition, Docker posted about how to use Docker Compose and Kubernetes with Docker for Desktop. This shows how easy it is to stand up a single-node Kubernetes cluster with the click of a button, as well as deploy applications into Kubernetes using Docker for Desktop.

Finally, Docker had this post about their Government Summit 2018. It has links to the videos and talks presented at the summit.


About the Author: