“You build it, You run it, “Amazon CTO Werner Vogels said in an interview with ACM in 2006, when discussing the concept behind amazon’s r&d and operations staff. The person who builds the code is responsible for getting it up and running in production and for the maintenance. In recent years, as cloud native and DevOps have become increasingly popular, the border between operations and development has become more and more ambiguous, and developers have gradually begun to take on operations. I have to say that Amazon is looking ahead.
The lead consultant for Equal Experts has written a booklet explaining the guidelines, best practices and myths associated with “You build it, You run it” in contrast to the traditional operations model (which they refer to as “Ops Run it”), That is, a specialized Ops team will be responsible for operation and maintenance), and emphasize that “You build it, You run it” will not rob the full-time operation and maintenance team of the rice bowl, operation and maintenance students need not panic 😂
Link 🔗 : www.equalexperts.com/wp-content/…
Open Source Project Recommendation
kube-opex-analytics
Kube-opex-analytics is a Kubernetes measurement and analysis tool that helps organizations track resource consumption of their Kubernetes clusters over time. Organizations can use this as a key metric to make appropriate cost optimization decisions.
Capsule
Capsule is a multi-tenant system implemented using the Kubernetes Operator, and the Capsule controller aggregates namespaces into a lightweight abstraction called Tenant. Within each tenant, users are free to create their own namespaces and share all allocated resources. Meanwhile, security policies, resource quotas, RBAC, and other policies defined at the tenant level are automatically inherited by all namespaces in the tenant without the intervention of the cluster administrator.
KubeArmor
KubeArmor is a cloud-native security hardening system that restricts container and host permissions and behaviors (such as file system access, network manipulation, binary execution, etc.) at the system level. KubeArmor immediately generates an alarm with container identification for any security policy violations.
readme.so
Readme. so is a tool that helps project owner generate REAME documents and includes many templates.
The article recommended
Best practices for Large-scale containerization of Qunar business
With the maturity of cloud native technology in recent years, In order to realize the evolution of the entire technical system, Qunar took the first step toward cloud native in 2021 — containerization. The landing process includes value assessment, infrastructure construction, CI/CD process transformation, middleware adaptation, observable tools, application automation migration, etc. The migration process involves about 3,000 applications and involves a thousand-level R&D team, which is a very difficult system engineering. This article will cover best practices for CI/CD model transformation, automation application container transformation, and other aspects of the migration process.
Use Rust to run the WebAssembly workload in a Kubernetes cluster
Running WebAssembly workloads in Kubernetes clusters is still in the exploratory stage, but it is very revolutionary because Wasm workloads start up faster, safer, and smaller than containers. Rust, on the other hand, is a programming language with performance on par with C and a strong focus on security. What sparks Rust and the WebAssembly powerhouse? This article has shown you how to use Rust to run a WebAssembly workload in a Kubernetes cluster.
Cloud native is not simply containerization, but a culture
Nowadays, when people talk about cloud native, they equate it with containerization and microservices, and even CNCF defines it this way. The author of this article approaches the value of cloud native from a different Angle, preferring to view cloud native as a culture.
Cloud Native weekly highlights
Fluent Bit has been downloaded 1 billion times
CNCF and the Fluent Bit community announced that Fluent Bit has been downloaded and deployed more than 1 billion times.
The Fluent Bit was designed with high performance in mind and is a highly scalable logging and metrics processor. It is rapidly gaining popularity because it enables any organization to effectively manage large amounts of observable data, as well as instantly understand the performance of its systems.
Fluent Bit is a CNCF graduation project, belonging to Fluentd. This status means that it is proven in production and can be deployed by almost any enterprise. Fluent Bit is downloaded 2-5 million times a day.
Go 1.18 release
The Go team has released Go 1.18.
Go 1.18 is a large release that includes new features, performance improvements, and the biggest changes to the language:
- Generics: Introduced new support for generic code that uses parameterized types;
- Fuzzy testing: Fully integrating fuzzy testing into its standard tool chain;
- Workspaces: The new Go workspaces mode allows users to work in multiple modules;
- 20% performance improvement
For a more detailed description of everything in Go 1.18, see the Release notes.
GitLab’s free packages continue to tighten
GitLab abandoned the Starter tier more than a year ago, to the dismay of many developers. With that change, the price for anyone other than free users rose from $4 per user per month to $19 per user per month, where it remains today.
Starting June 22, 2022, organizations using the free tier will be limited to five users per namespace, as GitLab says it continues to “find ways to make DevOps a reality for teams and organizations of all sizes.”
30% of Apache Log4j security vulnerabilities remain unpatched
A few months ago, Apache Log4j suffered a security vulnerability and was rated 10.0 CVSSv3. According to Qualys, a cloud security firm, only 70% of the vulnerabilities have been patched.
If you’re still running an insecure version of Log4j, the security of the rest of the system doesn’t matter.
More than half of the programs with Log4j are also unsupported. The chances of your software vendor fixing these problems are somewhere between slim and zero.
This article is published by OpenWrite!