2019 June

06-04 Gaining Root Access to Host through rkt Container hack

Unpatched vulnerabilities affect the rkt container runtime that could be exploited by an attacker to escape the container and gain root access to the host.

06-04 What's New in Red Hat Ansible Engine 2.8

Red Hat Ansible Engine 2.8 is now available. This release features many improvements and enhancements (please refer to the CHANGELOG for more details).

06-04 The Open Source Container-Native Observability Toolkit

Oracle sponsored this post. This article will explore concepts related to observability and monitoring along with a number of popular open source monitoring tools for container-native environments.

2019 May

05-24 How to reduce DevOps costs

A well-oiled DevOps machine is a powerful thing – teams are deploying faster, processes are automated, everything is well-structured, and the cost is consistent with expectations. The reality for some teams is they’re not always able to hit all four in that Venn diagram.

05-24 Understanding Fake Agile

I was recently asked by a major corporation to give a talk on “fake agile.” They wanted me to explain what it is, how to identify it and how to deal with it.

05-22 Hello Service Mesh Interface (SMI): A specification for service mesh interoperability

Today we are excited to launch Service Mesh Interface (SMI) which defines a set of common, portable APIs that provide developers with interoperability across different service mesh technologies including Istio, Linkerd, and Consul Connect.

05-21 Private Packagist for Vendors

If you’re selling PHP packages, the easiest way to offer Composer package installation to your customers is now Private Packagist for Vendors. You get a unique URL and authentication token for each customer and they can use these in their composer.json file to install your packages.

05-21 Security for Elasticsearch is now free

We are thrilled to announce that the core security features of the Elastic Stack are now free. This means that users can now encrypt network traffic, create and manage users, define roles that protect index and cluster level access, and fully secure Kibana with Spaces.

05-15 API design: Why you should use links, not keys, to represent relationships in APIs

When it comes to information modeling, how to denote the relation or relationship between two entities is a key question.

05-15 Parallel streaming of progressive images

Progressive image rendering and HTTP/2 multiplexing technologies have existed for a while, but now we’ve combined them in a new way that makes them much more powerful. With Cloudflare progressive streaming images appear to load in half of the time, and browsers can start rendering pages sooner.

05-15 Go 1.13: xerrors

Part of the Go 2 series of language changes is a new error inspection proposal. The error inspection proposal adds several features to errors that have been tried elsewhere (in packages such as github.com/pkg/errors), with some new implementation tricks.

05-15 VMware to acquire Bitnami

We are proud and excited to announce that VMware is acquiring Bitnami! This is fantastic news for our users and partners. We will continue to deliver the Bitnami catalog of apps that you know and love, across all the platforms we currently support, including all the major cloud vendors.

05-14 Git ransom campaign incident report

Today, Atlassian Bitbucket, GitHub, and GitLab are issuing a joint blog post, in a coordinated effort to help educate and inform users of the three platforms on secure best practices relating to the recent Git ransomware incident.

05-14 Speed at Scale: Web Performance Tips and Tricks from the Trenches (Google I/O'19)

Getting your site fast and keeping it fast can be a challenge at scale. Learn 15 tips and tricks that real, production sites use to get great scores on Lighthouse and improve core business metrics. Understand a spectrum of optimizations from latency optimization to JavaScript, preloading, prefetchin

05-09 LXD 3.13 has been released

The LXD team is very excited to announce the release of LXD 3.13! This is another very exciting LXD release, packed with useful features and a lot of bugfixes and performance improvements!

05-09 Bug in Alpine Linux Docker Image Leaves Root Account Unlocked

A security vulnerability in the Official Docker images based on the Alpine Linux distribution allowed for more than three years logging into the root account using a blank password. Tracked as CVE-2019-5021, the vulnerability has a critical severity score of 9.8.

05-08 Steve Singh stepping down as Docker CEO

In a surprising turn of events, TechCrunch has learned that Docker CEO Steve Singh will be stepping down after two years at the helm, and former Hortonworks CEO Rob Bearden will be taking over. An email announcement, went out this morning to Docker employees.

05-08 How do you visualise dependencies in your Kubernetes YAML files?

Today’s answers are curated by Daniele Polencic. Daniele is an instructor and software engineer at Learnk8s. TL;DR: There isn’t any static tool that analyses YAML files. But you can visualise your dependencies in the cluster with Weave Scope, KubeView or tracing the traffic with Istio.

05-08 Get started with Performance Monitoring for web

The Firebase JavaScript SDK for Performance Monitoring is a beta release. This product might be changed in backward-incompatible ways and is not subject to any SLA or deprecation policy.

05-06 Announcing odo: Developer-focused CLI for Red Hat OpenShift

Following the first announcement of odo earlier in the year, we are pleased to announce the beta release of odo, an official project hosted on the OpenShift GitHub repository.

05-06 Production Hobby Cluster

Setting up a production-grade Kubernetes cluster can be done on a hobby budget, and if this is true why mess around with a lesser grade.

05-06 GitHub Learning Lab

Get the skills you need without leaving GitHub. GitHub Learning Lab takes you through a series of fun and practical projects, sharing helpful feedback along the way. By clicking on “Sign in with GitHub” above, you are agreeing to the Terms of Service.

05-06 Kubernetes Universal Declarative Operator (KUDO)

What is KUDO? Kubernetes Universal Declarative Operator (KUDO) provides a declarative approach to building production-grade Kubernetes Operators covering the entire application lifecycle. When should I use KUDO? When you need more than just kubectl apply -f to run your application.

05-06 Microsoft and Red Hat unveil open-source project that automatically scales Kubernetes clusters in response to events

Microsoft continues to look for ways to help companies that are investing in application containers take advantage of the principles of serverless computing, introducing a new open-source project Monday at Microsoft Built in conjunction with Red Hat that puts events at the heart of Kubernetes scalin

05-06 Announcing WSL 2

Today we’re unveiling the newest architecture for the Windows Subsystem for Linux: WSL 2! Changes in this new architecture will allow for: dramatic file system performance increases, and full system call compatibility, meaning you can run more Linux apps in WSL 2 such as Docker.

05-05 Negotiations Failed: How Oracle killed Java EE.

Today Eclipse Foundation’s president Mike Milinkovic blogged about the final result of the confidential trademark negotiations between Oracle and the Eclipse Foundation. As we remember, Oracle announced that Java EE will be open sourced to that organization and it would become true open source.

2019 April

04-27 Progressive Font Enrichment: reinventing web font performance

I was recently extended the honor of participating in the W3C Web Fonts Working Group as an Invited Expert.

04-26 git-all-the-rebases

GitHub Gist: instantly share code, notes, and snippets.

04-24 k3OS

k3OS is an operating system completely managed by Kubernetes. It launches in seconds and runs almost anywhere. As a combined Linux and Kubernetes distribution it has the smallest attack surface and simplest upgrade process of any Kubernetes installation.

04-24 Katacoda Interactive Learning and Training Platform for Software Engineers

Learn Nomad, Hashicorp’s scheduler. Knowing what you need to know is the hardest part. Our guided pathways help build your knowledge around real-world scenarios.