2019 May

05-09 Bug in Alpine Linux Docker Image Leaves Root Account Unlocked

A security vulnerability in the Official Docker images based on the Alpine Linux distribution allowed for more than three years logging into the root account using a blank password. Tracked as CVE-2019-5021, the vulnerability has a critical severity score of 9.8.

05-08 Steve Singh stepping down as Docker CEO

In a surprising turn of events, TechCrunch has learned that Docker CEO Steve Singh will be stepping down after two years at the helm, and former Hortonworks CEO Rob Bearden will be taking over. An email announcement, went out this morning to Docker employees.

05-08 How do you visualise dependencies in your Kubernetes YAML files?

Today's answers are curated by Daniele Polencic. Daniele is an instructor and software engineer at Learnk8s. TL;DR: There isn't any static tool that analyses YAML files. But you can visualise your dependencies in the cluster with Weave Scope, KubeView or tracing the traffic with Istio.

05-08 Get started with Performance Monitoring for web

The Firebase JavaScript SDK for Performance Monitoring is a beta release. This product might be changed in backward-incompatible ways and is not subject to any SLA or deprecation policy.

05-06 Announcing odo: Developer-focused CLI for Red Hat OpenShift

Following the first announcement of odo earlier in the year, we are pleased to announce the beta release of odo, an official project hosted on the OpenShift GitHub repository.

05-06 Production Hobby Cluster

Setting up a production-grade Kubernetes cluster can be done on a hobby budget, and if this is true why mess around with a lesser grade.

05-06 GitHub Learning Lab

Get the skills you need without leaving GitHub. GitHub Learning Lab takes you through a series of fun and practical projects, sharing helpful feedback along the way. By clicking on “Sign in with GitHub” above, you are agreeing to the Terms of Service.

05-06 Kubernetes Universal Declarative Operator (KUDO)

What is KUDO? Kubernetes Universal Declarative Operator (KUDO) provides a declarative approach to building production-grade Kubernetes Operators covering the entire application lifecycle. When should I use KUDO? When you need more than just kubectl apply -f to run your application.

05-06 Microsoft and Red Hat unveil open-source project that automatically scales Kubernetes clusters in response to events

Microsoft continues to look for ways to help companies that are investing in application containers take advantage of the principles of serverless computing, introducing a new open-source project Monday at Microsoft Built in conjunction with Red Hat that puts events at the heart of Kubernetes scalin

05-06 Announcing WSL 2

Today we’re unveiling the newest architecture for the Windows Subsystem for Linux: WSL 2! Changes in this new architecture will allow for: dramatic file system performance increases, and full system call compatibility, meaning you can run more Linux apps in WSL 2 such as Docker.

05-05 Negotiations Failed: How Oracle killed Java EE.

Today Eclipse Foundation’s president Mike Milinkovic blogged about the final result of the confidential trademark negotiations between Oracle and the Eclipse Foundation. As we remember, Oracle announced that Java EE will be open sourced to that organization and it would become true open source.

2019 April

04-27 Progressive Font Enrichment: reinventing web font performance

I was recently extended the honor of participating in the W3C Web Fonts Working Group as an Invited Expert.

04-26 git-all-the-rebases

GitHub Gist: instantly share code, notes, and snippets.

04-24 k3OS

k3OS is an operating system completely managed by Kubernetes. It launches in seconds and runs almost anywhere. As a combined Linux and Kubernetes distribution it has the smallest attack surface and simplest upgrade process of any Kubernetes installation.

04-24 Katacoda Interactive Learning and Training Platform for Software Engineers

Learn Nomad, Hashicorp's scheduler. Knowing what you need to know is the hardest part. Our guided pathways help build your knowledge around real-world scenarios.

04-20 AWS achieves HDS certification

At AWS, the security, privacy, and protection of customer data always comes first, which is why I am pleased to share the news that AWS has achieved “Hébergeur de Données de Santé” (HDS) certification.

04-17 Using GitLab Auto DevOps with Kubernetes Through Rancher's Authorized Cluster Endpoint

In this post, we will walk through how to connect GitLab’s Auto DevOps feature with a Rancher-managed Kubernetes cluster, making use of a feature introduced in Rancher v2.2.0 called Authorized Cluster Endpoint.

04-17 The Future of Cloud Providers in Kubernetes

Approximately 9 months ago, the Kubernetes community agreed to form the Cloud Provider Special Interest Group (SIG). The justification was to have a single governing SIG to own and shape the integration points between Kubernetes and the many cloud providers it supported.

04-17 3 Best Practices for Docker Image Security

In this post, I wanted to identify a few high-level security tips and best practices to consider when working with container images. Before diving into that, a very brief summary on the advantages of containers: Containers help organizations become more consistent, agile, and secure.

04-17 Using Google-managed SSL certificates

This is a Beta release of Managed Certificates. This feature is not covered by any SLA or deprecation policy and might be subject to backward-incompatible changes. In Google Kubernetes Engine, you can use Ingresses to create HTTPS load balancers with automatically configured SSL certificates.

04-12 An Introduction to Kubernetes Network Policies for Security People

Many enterprises are currently adopting Kubernetes to run their applications. This is happening to such an extent that some people are referring to Kubernetes as the new data-center operating system.

04-12 tvler/prop-sets

With prop-sets, you don't need to outsmart your own code when writing tests. Instead of determining fragile points of failure from particular combinations of inputs, simply generate all possible combinations and assert everything. Works with React, Vue, Jest, Mocha, etc. No dependencies.

04-12 Scalify/gitlab-project-settings-state-enforcer

Enforces the settings of a bunch of gitlab repos by reading a config file and talking to the GitLab API. Configuration of project interaction is currently possible via JSON files providing a Config object. The config object has the following fields:

04-12 The foundation for your cloud-powered mobile & web apps

Choose your cloud services and easily connect them to your app with just a few lines of code. Effortlessly create and maintain sophisticated serverless backends for your apps.

04-12 High Performance Data Analytics with Cube.js Pre-Aggregations

This is an advanced tutorial. If you are just getting started with Cube.js, I recommend checking this tutorial first and then coming back here. One of the most powerful features of Cube.js is pre-aggregations.

04-12 edmunds/shadowreader

ShadowReader has the ability to replay production traffic to a destination of your choice by collecting traffic patterns from access logs. It is built on AWS Lambda, S3 and Elastic Load Balancers.

04-09 Stackdriver Sandbox

Stackdriver Sandbox Alpha Stackdriver Sandbox is an open source tool* that helps practitioners to learn Stackdriver. It offers: Demo Service - an application built using microservices architecture on modern, cloud native stack.

04-09 Netlify Dev Beta

Netlify Dev takes hot reloading to whole new level, allowing you to actually stream your dev server to a live URL. Great for collaborative development, you can now share your work as you work, and get instant feedback.

04-08 acquia/acf

Contexual commerce experiences require multiple modes of integration with the CMS. Acquia Commerce Framework (ACF) combines Drupal as the “glass” and a decoupled e-commerce platform to power the commerce engine. The optimal structure is composed of two different approaches:

04-08 Buttercup for Browsers

Strong 256bit AES encrypted vaults that meet today's security standards. Rest assured that your credentials are safe. Easy-to-use interfaces with basic concepts make storing and finding your login details a piece of cake.