Copy
This week we were covering the news at events across two continents and three different time zones. View in browser »
The New Stack Update

ISSUE 188: Microservices the World Over
Talk Talk Talk

Kubernetes ‘done right’ can eliminate a big part of developer grievances, but on the flipside, ‘Kubernetes done wrong’ will come back to haunt you with a vengeance.”

___
GitLab’s Ashish Kuthiala
Add It Up
GitLab's Adoption Much Higher Compared to Cpmapnies Foused on Software Scanning

Is GitLab far and away the top tool being used for software scanning and software composition analysis of open source projects? Obviously the answer is no if you include GitHub’s default capabilities in your analysis, but for a long time, GitHub has not figured into many market analyses. That should change going forward.

According to a 2019 survey about open source in the enterprise The New Stack conducted with The Linux Foundation and TODO Group, almost a thousand people said they knew what their organization is using for scanning/composition analysis. Fifty-nine percent named GitLab based on a list of the top 10 providers, which was pulled from a recent security-focused Forrester report on the subject. Sonatype and JFrog tied for second place, followed by SynopsysFOSSA and Eclipse Oscano and several other companies.
What's Happening

In order to achieve its goals as both Switzerland’s largest telecom and as an IT provider, it became apparent to Swisscom three years ago that it had to find ways to scale across its entire operations in a way that remained consistent and robust. It would be a challenging task, given that it had a client-server dependency.

In this The New Stack Makers podcast recorded at Cloud Foundry Summit EULukas Lehmann, head of cloud services for Swisscom, discussed how his organization was able to achieve its shift to at-scale application development goals across cloud environments thanks largely to a partnership with Cloud Foundry. Stefan Voegele, expert middleware engineer for insurance provider Swiss Re, was also on hand to discuss how his firm uses Swisscom’s Platform as a Service (PaaS) in its shift to a cloud environment.
How Switzerland's Largest Telecom Met Its At-Scale-Development Goals

Microservices the World Over

It seems like only a few years ago when The New Stack was driven simply by founder Alex Williams traveling the world with his trusty recorder. These days, however, TNS is expanding its tentacles across the globe! This week we were covering the news at events across two continents and three different time zones.

In Austin, Williams and news reporter Mike Melanson were on the ground covering the SpringOne Platform conference. There, Pivotal and Microsoft unveiled the private preview of Azure Spring Cloud, a fully managed service for deploying Spring Boot applications on Microsoft Azure. Spring Boot offers the basis for creating modern microservice applications without developers having to worry about infrastructure.

In Barcelona, our European correspondent B. Cameron Gain learned, at SAP TechEd 2019 conference, how SAP is using Kubernetes and Cloud Foundry to power its enterprise cloud services. The new cloud offerings will run on Cloud Foundry services and microservices as well as Kubernetes clusters, SAP executives said during the conference. Ultimately, the new cloud offerings are largely intended to boost DevOps’ access times to data.

Back in Portland, at the Puppetize PDX event, TNS Editorial and Marketing Director Libby Clark brought us news of Puppet’s new Project Nebula, a cloud native tool that connects a DevOps team’s existing toolset into an end-to-end continuous delivery platform. The company aims to simplify deployment of microservices and serverless-based applications by connecting popular tools for infrastructure provisioning, application deployment, and notifications into a single, automated workflow. Project Nebula is built on top of Tekton, the open source project started at Google and donated to the Continuous Delivery Foundation (CDF) last March.

Stayed tuned to The New Stack for the news of microservices, DevOps, and cloud native computing — from the world over.

Amidst Controversy, the Knative Serverless Software Keeps Growing

The announcement last week that Knative would not be donated to a foundation anytime soon was met with disappointment from many. Nonetheless, the software is being increasingly adopted by major players in the cloud native space, including IBM, Red Hat and SAP.

Kubernetes ‘Billion Laughs’ Vulnerability Is No Laughing Matter

A new vulnerability has been discovered within the Kubernetes API. This flaw is centered around the parsing of YAML manifests by the Kubernetes API server. During this process, the API server is open to potential Denial of Service (DoS) attacks. The issue (CVE-2019-11253 — which has yet to have any details fleshed out on the page) has been labeled a “Billion Laughs” attack because it targets the parsers to carry out the attack.

Flockport: Time to Start All Over Again and Return to LXC Containers

Flockport started out in 2013 as an app store for server-side applications before shifting its focus to become an alternative for more complicated solutions like Kubernetes, which Flockport founder Indrajit Banerjee says introduces far more complexity and requires far more expertise than most companies can handle. The problem, Banerjee says, came with the move away from LXC and three specific design decisions made by Docker.
Party On

“Keep your code close and your open source CLOSER,” says this team from WhiteSource, (left to right) Ryan Harrington, Marlene Williams and Andy Xu.

VMware had a huge presence at SpringOne, including (left to right) Marla Guanga, Erica Moon, Alain Roy, Susan Wu and Hassan Tahir.

Anand Rao and Usha Ramachandran (left to right), both of Pivotal, are trying to tell us Pivotal’s #SpringOne Platform was a hot time in Austin, Texas this week.

SpringOne gets a thumbs up from these attendees from Japan, (left to right) Katsumi Kawasaki of Softbank Corp., Shinchiro Ishijima of EMC Japan, and Tadashi Ito of EMC Japan.
On The Road
All Things Open // OCT. 13-15, 2019 // RALEIGH, NORTH CAROLINA @ RALEIGH CONVENTION CENTER

OCT. 13-15, 2019 // RALEIGH, NORTH CAROLINA @ RALEIGH CONVENTION CENTER

All Things Open

Want to join 5,000 open source technologists? All Things Open is the largest open source/open tech/open web conference on the east coast of the United States. It regularly hosts some of the most well-known experts in the world as well as nearly every major technology company. Nearly 4,100 from 40 U.S. states and 24 countries participated in 2018.  5,000 are expected in 2019. 20% off registration with code NewStack20. Register now!
The New Stack Makers podcast is available on:
SoundCloudFireside.fm — Pocket CastsStitcher — Apple PodcastsOvercastSpotifyTuneIn

Technologists building and managing new stack architectures join us for short conversations at conferences out on the tech conference circuit. These are the people defining how applications are developed and managed at scale.
Pre-register to get the Cloud Native Storage ebook in October.

How should developers connect cloud native workloads to storage? The New Stack’s ebook on cloud native storage takes this question to industry experts who are approaching the problem from three different perspectives: cloud native storage vendors, traditional storage vendors and the big-three cloud providers.

In this 48-page ebook, developers and DevOps professionals will learn:

  • Best practices and patterns for handling state in cloud native applications.
  • The storage attributes and data needs you should consider up front.
  • Storage options for containerized applications running in a microservices architecture on Kubernetes.
  • How operations roles change as developers gain the ability to provision storage.
  • And more.
Download Ebook
We are grateful for the support of our exclusive ebook sponsor:
Copyright © 2019 The New Stack, All rights reserved.


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list