The New Stack Context: Kubernetes 2020, by the Numbers

The New Stack has just released an updated eBook on Kubernetes, “The State of the Kubernetes Ecosystem,” and so this week on The New Stack Context podcast, we’ve invited TNS analyst Lawrence Hecht to discuss some of the analysis he did for this volume. We covered Kubernetes adoption in the cloud, storage and networking concerns and the changing DevOps culture around cloud native computing. At the end of the podcast, we also discuss what to expect from next week’s KubeCon + CloudNativeCon Europe virtual conference.

The New Stack Senior Editor Richard MacManus hosted this episode, with the help of Joab Jackson, TNS managing editor, and Alex Williams, founder and publisher of The New Stack.

This 80-page ebook, a complete revision of our 2017 version, also explains how Kubernetes is the underlying architecture for enterprise data centers, cloud services and a hybrid approach — as well as at the edge. In this book, Hecht’s findings provide many glimpses into the community, including:

• The most used cloud native storage solutions are from cloud providers. Almost 50% of respondents said that they use AWS, and nearly another 20% use Google and Azure each. Open source software solutions like Rook or Pure Storage are used by far fewer.
• Customers of traditional storage companies were significantly more likely to complain of storage challenges. For example, 46% of the customers of traditional storage vendor Pure Storage had challenges handling container-related storage, compared to just 27% for the average Kubernetes user.

#cloud native #kubernetes #podcast #cloud

What is GEEK

Buddha Community

50+ Useful Kubernetes Tools for 2020 - Part 2

Introduction

Last year, we provided a list of Kubernetes tools that proved so popular we have decided to curate another list of some useful additions for working with the platform—among which are many tools that we personally use here at Caylent. Check out the original tools list here in case you missed it.

According to a recent survey done by Stackrox, the dominance Kubernetes enjoys in the market continues to be reinforced, with 86% of respondents using it for container orchestration.

(State of Kubernetes and Container Security, 2020)

And as you can see below, more and more companies are jumping into containerization for their apps. If you’re among them, here are some tools to aid you going forward as Kubernetes continues its rapid growth.

(State of Kubernetes and Container Security, 2020)

#blog #tools #amazon elastic kubernetes service #application security #aws kms #botkube #caylent #cli #container monitoring #container orchestration tools #container security #containers #continuous delivery #continuous deployment #continuous integration #contour #developers #development #developments #draft #eksctl #firewall #gcp #github #harbor #helm #helm charts #helm-2to3 #helm-aws-secret-plugin #helm-docs #helm-operator-get-started #helm-secrets #iam #json #k-rail #k3s #k3sup #k8s #keel.sh #keycloak #kiali #kiam #klum #knative #krew #ksniff #kube #kube-prod-runtime #kube-ps1 #kube-scan #kube-state-metrics #kube2iam #kubeapps #kubebuilder #kubeconfig #kubectl #kubectl-aws-secrets #kubefwd #kubernetes #kubernetes command line tool #kubernetes configuration #kubernetes deployment #kubernetes in development #kubernetes in production #kubernetes ingress #kubernetes interfaces #kubernetes monitoring #kubernetes networking #kubernetes observability #kubernetes plugins #kubernetes secrets #kubernetes security #kubernetes security best practices #kubernetes security vendors #kubernetes service discovery #kubernetic #kubesec #kubeterminal #kubeval #kudo #kuma #microsoft azure key vault #mozilla sops #octant #octarine #open source #palo alto kubernetes security #permission-manager #pgp #rafay #rakess #rancher #rook #secrets operations #serverless function #service mesh #shell-operator #snyk #snyk container #sonobuoy #strongdm #tcpdump #tenkai #testing #tigera #tilt #vert.x #wireshark #yaml

Citrix Bugs Allow Unauthenticated Code Injection, Data Theft

Multiple vulnerabilities in the Citrix Application Delivery Controller (ADC) and Gateway would allow code injection, information disclosure and denial of service, the networking vendor announced Tuesday. Four of the bugs are exploitable by an unauthenticated, remote attacker.

The Citrix products (formerly known as NetScaler ADC and Gateway) are used for application-aware traffic management and secure remote access, respectively, and are installed in at least 80,000 companies in 158 countries, according to a December assessment from Positive Technologies.

Other flaws announced Tuesday also affect Citrix SD-WAN WANOP appliances, models 4000-WO, 4100-WO, 5000-WO and 5100-WO.

Attacks on the management interface of the products could result in system compromise by an unauthenticated user on the management network; or system compromise through cross-site scripting (XSS). Attackers could also create a download link for the device which, if downloaded and then executed by an unauthenticated user on the management network, could result in the compromise of a local computer.

“Customers who have configured their systems in accordance with Citrix recommendations [i.e., to have this interface separated from the network and protected by a firewall] have significantly reduced their risk from attacks to the management interface,” according to the vendor.

Threat actors could also mount attacks on Virtual IPs (VIPs). VIPs, among other things, are used to provide users with a unique IP address for communicating with network resources for applications that do not allow multiple connections or users from the same IP address.

The VIP attacks include denial of service against either the Gateway or Authentication virtual servers by an unauthenticated user; or remote port scanning of the internal network by an authenticated Citrix Gateway user.

“Attackers can only discern whether a TLS connection is possible with the port and cannot communicate further with the end devices,” according to the critical Citrix advisory. “Customers who have not enabled either the Gateway or Authentication virtual servers are not at risk from attacks that are applicable to those servers. Other virtual servers e.g. load balancing and content switching virtual servers are not affected by these issues.”

A final vulnerability has been found in Citrix Gateway Plug-in for Linux that would allow a local logged-on user of a Linux system with that plug-in installed to elevate their privileges to an administrator account on that computer, the company said.

#vulnerabilities #adc #citrix #code injection #critical advisory #cve-2020-8187 #cve-2020-8190 #cve-2020-8191 #cve-2020-8193 #cve-2020-8194 #cve-2020-8195 #cve-2020-8196 #cve-2020-8197 #cve-2020-8198 #cve-2020-8199 #denial of service #gateway #information disclosure #patches #security advisory #security bugs

Authentication In MEAN Stack - A Quick Guide

I consider myself an active StackOverflow user, despite my activity tends to vary depending on my daily workload. I enjoy answering questions with angular tag and I always try to create some working example to prove correctness of my answers.

To create angular demo I usually use either plunker or stackblitz or even jsfiddle. I like all of them but when I run into some errors I want to have a little bit more usable tool to undestand what’s going on.

Many people who ask questions on stackoverflow don’t want to isolate the problem and prepare minimal reproduction so they usually post all code to their questions on SO. They also tend to be not accurate and make a lot of mistakes in template syntax. To not waste a lot of time investigating where the error comes from I tried to create a tool that will help me to quickly find what causes the problem.

Angular demo runner
Online angular editor for building demo.
ng-run.com
<>

Let me show what I mean…

Template parser errors#

There are template parser errors that can be easy catched by stackblitz

It gives me some information but I want the error to be highlighted

#mean stack #angular 6 passport authentication #authentication in mean stack #full stack authentication #mean stack example application #mean stack login and registration angular 8 #mean stack login and registration angular 9 #mean stack tutorial #mean stack tutorial 2019 #passport.js

The New Stack Context: Is Kubernetes the New App Server?

Welcome to The New Stack Context, a podcast where we discuss the latest news and perspectives in the world of cloud native computing. For this week’s episode, we spoke with Tina Nolte, vice president of product, for Kubernetes management service Spectro Cloud, about why we shouldn’t think of containers/Kubernetes as just another form of virtualization.

#devops #kubernetes #podcast #the new stack context

The New Stack Context: How Mesos Helped Kubernetes Grow

Welcome to The New Stack Context, a podcast where we discuss the latest news and perspectives in the world of cloud native computing. For this week’s episode, we spoke with D2IQ founder and Chief Technology Officer Ben Hindman, about the issue of container sprawl, and how it hampers “Day 2 Operations,” when you move your project into long-term production. We also discuss the company’s work on Kubernetes, including the recently released KUDO tool, and the latest on Mesos and its Data Center Operating System. We also cover the news of the week.

TNS editorial and marketing director Libby Clark hosted this episode, alongside TNS senior editor Richard MacManus, and TNS managing editor Joab Jackson.

This week in TNS, D2IQ CEO Tobi Knaup wrote about the growing problem of container sprawl, a by-product of more companies running containers in production, and as a result, losing efficiency on the part of their DevOps teams.

“We’re coming to a bunch of organizations and chatting with them and they have three, four or five, six different distributions or implementations of Kubernetes. They’re all a little bit different, and you have to manage it. Operators are like, ‘Wow, this tool that was giving our developers the ability to move faster is now becoming kind of a headache for us,'” Hindman told us.

In many ways, the Mesos cluster manager — upon which D2IQ and its DCOS was built on — was a precursor to Kubernetes, and it greatly aided the development of K8s, both directly and indirectly.

“One of the things that we tried to do pretty early on was engage with the Kubernetes community. Mesos is really a low-level piece of technology. It really requires some higher-level piece of technology to run. And so in the early days, one of the reasons why we got so heavily involved in Kubernetes was, we thought this could actually be that thing,” Hindman said. These days, D2IQ provides end-to-end support of production Kubernetes.

Then, later in the show, we discuss The New Stack’s top stories and podcasts, including:

• How Kubernetes, Open Source Underpin Condé Nast Operations
• Putting Hybrid and Multi into Cloud Native
• CVSS Struggles to Remain Viable in the Era of Cloud Native Computing
• Why Vulnerability Management Needs a Patch
• Microsoft: Rust Is the Industry’s ‘Best Chance’ at Safe Systems Programming

#cloud native #kubernetes #podcast #the new stack context