Ask Sendai

Today we are excited to announce the public availability of HashiCorp Vault 1.0. Vault is a tool to manage secrets and protect sensitive data for any infrastructure and application. Vault 1.0 is focused on renovating Vault’s infrastructure to support high performance, scalable workloads. The 1.0 release of Vault includes significant new functionality including: Batch Tokens: A new type of token optimized for high performance, ephemeral workloads. Open Source Cloud Auto Unseal: Cloud-based auto unseal is now open source.

Cloud computing has become the dominant IT paradigm and multi-cloud looks poised to be the primary approach, with 81 percent of enterprises already adopting a multi-cloud strategy. A multi-cloud strategy prevents vendor lock-in, which is increasingly important as three major providers (AWS, GCP, and Azure) dominate the market. Despite the many benefits of a multi-cloud strategy, deploying across multiple clouds is still incredibly complex. While Kubernetes has emerged as the standard container orchestration platform, most organizations are running more than just container workloads, and thereâs currently no standard for workload portability across managed services.

Today at the IEEE International Electron Devices Meeting in San Francisco, IBM reported a new 8-bit analog chip. But the true development was less about analog chips catching up to their digital peers and more a radical rethink of chip architecture. This chip is the first to perform 8-bit calculations right where information is stored. IBM’s new analog chip is based on phase-change memory. The key ingredient is a material that can undergo phase changes in response to electrical current.

Computers worldwide use the Network Time Protocol (NTP) to synchronize their times with internet standard reference clocks via a hierarchy of NTP servers. The primary servers are at stratum 1, and they are connected directly to various national time services at stratum 0 via satellite, radio, or even modems over phone lines. The time service at stratum 0 may be an atomic clock, a radio receiver tuned to the signals broadcast by an atomic clock, or a GPS receiver using the highly accurate clock signals broadcast by GPS satellites.

In the following tutorial you can learn how to implement container security as code. You probably have a CI/CD pipeline to automatically rebuild your container images. What if you could define your container security as code, push it into a Git repository to version control changes and then enforce your policy in your container orchestration tool like Docker or Kubernetes using Sysdig Secure? Terraform is an awesome tool to deploy and update your infrastructure using code.

We’re pleased to announce the delivery of Kubernetes 1.13, our fourth and final release of 2018! Kubernetes 1.13 has been one of the shortest releases to date at 10 weeks. This release continues to focus on stability and extensibility of Kubernetes with three major features graduating to general availability this cycle in the areas of Storage and Cluster Lifecycle. Notable features graduating in this release include: simplified cluster management with kubeadm, Container Storage Interface (CSI), and CoreDNS as the default DNS.

I’ve been using EKS in production for a small number of months now and so far, so good. Really impressed by the simplicity of getting a cluster up and running and ready for workloads. AWS provide a greatGetting Started Guideon their website, which is super duper for getting your head around the components and glue required for getting EKS stood up. EKS is a very vanilla service, giving users a cluster that conforms to CNCF standards,which Kubernetes purists will be very happy with, however, don’t think that because AWS provides Kubernetes as a service, you no longer have to worry about getting your nodes optimised and ready for your heavy workloads.

Today we’re announcing official support for Kubernetes. While many organizations have already been combining Drone and Kubernetes for their deployments, today we’re delivering a native integration for a better user experience. Now your CI/CD Pipelines are translated into native Pods, Secrets, and Services. We’ve been at the forefront of the containerization movement; we started support for Linux containers, and when Docker came around we fully embraced their container runtime. Since then we’ve seen the hyper growth of Kubernetes platforms and users like eBay, Reddit and The New York Times adopting Drone and Kubernetes together.

Kubernetes has become the most popular cloud container orchestration system by far, so it was only a matter of time until its first major security hole was discovered. And the bug, CVE-2018-1002105, aka the Kubernetes privilege escalation flaw, is a doozy. It’s a CVSS 9.8 critical security hole. CVSS 9.8 critical security hole. With a specially crafted network request, any user can establish a connection through the Kubernetes application programming interface (API) server to a backend server.

Kohsuke Kawaguchi, creator of Jenkins and CTO at CloudBees, spoke last month at Jenkins World in Nice about five on-going initiatives to modernize the popular CI/CD tool. The initiatives revolve around Jenkins Evergreen, Jenkins Pipeline (Blue Ocean), Jenkins Configuration-as-Code, Jenkins X, and Cloud-Native Jenkins. While open source development is not going to disappear, the future of commercial open source is not very promising. Cloud providers are adopting open source software without necessarily adding value, or supporting future development.