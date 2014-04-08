Server: Kubernetes, SUSE Cloud Application Platform, Mesosphere/D2IQ and Kubernetes Adoption Drivers
Charmed Kubernetes update for upstream API server vulnerability
n upstream Kubernetes vulnerability (CVE-2019-11247) has been identified where the API server mistakenly allows access to a cluster-scoped custom resource, if the request is made as if the resource were namespaced. Authorisations for the resource accessed in this manner are enforced using roles and role bindings within the namespace. This means that a user with access only to a resource in one namespace could create, view updates or delete the cluster-scoped resource (according to their namespace role privileges).
Charmed Kubernetes has already been patched to mitigate against this vulnerability. Patched builds of the 1.13.8, 1.14.4 and 1.15.1 kube-apiserver snap have also been published.
The vulnerability, of medium severity, has also been patched in the following upstream version of Kubernetes – 1.13.9, 1.14.5 and 1.15.2. Users are encouraged to update to one of these versions now.
Why you might want to build your own custom buildpack (And how to!)
A PaaS can be viewed at as a method that takes different streams of data and combines them into a working application. For SUSE Cloud Application Platform, we take the application code, buildpack, environment variables, service descriptions and output a configured and running container. Each of these pieces can come from a different person or team with a different focus to create a quickly iterable but still secure process.
In this list, the buildpack is likely the least understood. Simply put, It is the part of the build system that takes the code provided by the developers and builds it into a full application ready to run.
There are several buildpacks that come standard as part of the default installation of SUSE Cloud Application Platform. That said, one of my favorite “features” is the ability to customize the platform to fit your needs while still coming with sane defaults. It’s opinionated in a way that you can change it’s mind!
Mesosphere changes name to D2IQ, shifts focus to Kubernetes, cloud native
Mesosphere was born as the commercial face of the open-source Mesos project. It was surely a clever solution to make virtual machines run much more efficiently, but times change and companies change. Today the company announced it was changing its name to Day2IQ, or D2IQ for short, and fixing its sights on Kubernetes and cloud native, which have grown quickly in the years since Mesos appeared on the scene.
D2IQ CEO Mike Fey says that the name reflects the company’s new approach. Instead of focusing entirely on the Mesos project, it wants to concentrate on helping more mature organizations adopt cloud native technologies.
Survey Identifies Myriad Kubernetes Adoption Drivers
One of the assumptions made about key drivers Kubernetes adoption is that organizations are trying to accelerate the rate at which software is built by embracing microservices based on containers. However, a survey of 130 attendees of three recent container conferences published by Replex, a provider of governance and cost management tools for Kubernetes, finds the top two drivers of Kubernetes adoption are improving scalability (61%) and resource utilization (46%), followed by a desire to adopt a cloud-native stack (37%) and shortening development and deployment times (42%).
Only 24% identified avoiding lock-in as a reason for adopting Kubernetes, which suggests portability is not yet a major factor in driving Kubernetes adoption.
The surveys were conducted at the KubeCon Europe conference in Barcelona; a VelocityConf even in San Jose, California; and ContainerDays Hamburg in the second quarter of 2019. The survey finds 65% of respondents indicated that they are using Kubernetes in production. Nearly 40% of respondents not yet in production indicated they are planning on going to production within a year, the survey finds.
