Let’s face it – Kubernetes can (and is) oftentimes very complex. This means that you’re bound to make a cluster configuration mistake along the way – apart from it impacting your cluster’s performance and security, it can also heavily affect your ability to enforce visibility and troubleshooting. There is, however, a light at the end of the tunnel.

As you already know, the “What’s new in Sysdig” blog team is involving more and more people, and this month is up to me, Giulio Puri. I’m based in Milan, Italy, and I’ve been part of the Sysdig EMEA team since May, 2021 as a Sales Engineer. I’m passionate about technology, innovation and cybersecurity, and in my free time, I love to cook, experiment with recipes and – not always successfully – surprise my friends with new dishes.

We are really excited today at Shipa to release version 1.6 of Shipa. If you are using Shipa Cloud, you will notice that your version of the SaaS product has incremented. Let’s dig into what is new with Shipa 1.6.0 and how you can get your hands on Shipa.

You know that observability plays a crucial role in helping to manage today’s distributed, cloud-native, microservices-based applications. But you may be surprised to learn that – despite its close association with modern applications – observability as a concept was born more than a half-century ago. Its origins stretch all the way back to the late 1950s, long before anyone was talking about microservices and the cloud.

The Open virtualized Radio Access Network (Open vRAN) ecosystem poses a real need for communication service providers (CSPs) and vendors to change the way they plan and operate upcoming network deployments, particularly 5G. Open vRAN or open and virtualized RAN is defined as an architecture that uses a combination of disaggregated network functions, off the shelf hardware, and software to enable maximum flexibility in deployment and operations.

For the second time in a row, Robin.io has been named among the world’s leading storage products by Storage Newsletter. Robin’s flagship product, Robin Cloud Native Storage (CNS) is custom-built for the purpose of deploying and managing stateful applications with 1-click simplicity. At the time of its launch, the industry was seeing increasing Kubernetes adoption, and businesses and their IT teams were exploring use cases that extended beyond stateless applications.

Multipass exists to bring Ubuntu-based development to the operating system of your choice. Whether you prefer the GUI of macOS (even on M1), Windows or any other Linux, the unmatched experience of developing software on Ubuntu is there at your fingertips, just one “multipass launch” away. Today, the Multipass team is delighted to enhance this experience for developers working with containerised applications!

Central processing units (CPUs) can be compared to the human brain in that their unique architecture allows them to solve mathematical equations in different ways. x86 is the dominant architecture used in cloud computing at the time of this writing; however, it is worth noting that this architecture is not efficient for every scenario, and its proprietary nature is causing an industry shift toward ARM.

We are excited to announce that D2iQ is now part of Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program! The AWS ISV Accelerate Program helps ISVs with software solutions that run on or integrate with AWS, drive new business and accelerate sales cycles by connecting the participating ISVs with the AWS Sales organization. The D2iQ Kubernetes Platform (DKP) enables AWS customers to quickly achieve Day 2 operations competency in their cloud-native deployments.

If you are a software engineer like myself, two areas that I am not well versed in are networking and storage. Yes, my application has to communicate and yes my application needs to be deployed and requires some storage. Though that is usually the extent of my knowledge. Thanks to using elastic compute from cloud vendors in the last several years, the answer I usually give is “yes, attach 100gb of standard block storage per instance”.

Bare metal Kubernetes is a powerful set of technologies that builds on the best ideas behind the public and private cloud, yet abstracts away some toilsome aspects related to virtualisation management and networking. For operators and users, it provides significant benefits, making it easier and faster to ship and maintain complex, distributed applications.

We are happy to announce the 1.0.0 release of Rancher Desktop. This release has been months in the making since development on Rancher Desktop began. After starting small and learning what users needed, we were able to adjust its path and develop the features needed for a 1.0.0 stable community release. But wait – what is Rancher Desktop again? It’s an open source app for desktop Kubernetes and container management on Mac, Windows and Linux.

Container technology is considered one of the most rapidly evolving in the software industry's recent history. There has been a seismic shift towards more and more organizations adopting containerization for their applications. Containers offer a lightweight, portable, and more efficient alternative to virtual machines and help us run software securely and reliably across different server environments.

On two occasions in December 2021, VMware Tanzu Application Service released remediations within 48 hours of critical CVEs being announced. These remediations were both in response to the Log4j saga, enabling VMware customers to defend against attack vectors quickly after the Day 0 event. This quick response is a reflection of the dedication of the VMware engineering teams working on Tanzu Application Service today.

Red Hat OpenShift is an enterprise Kubernetes platform that provides users with a unified cloud experience wherever it’s deployed. VMware Tanzu Observability by Wavefront offers observability and analytics for multi-cloud Kubernetes environments. Now these two products work even better together.

I recently started working at SUSE. Before joining SUSE, my Kubernetes experience included vanilla Kubernetes, AKS and EKS but mostly OpenShift and Red Hat Advanced Cluster Management. I worked in technical pre-sales, so I knew about Rancher, K3s and RKE and their key features but I never spent time with them. When I joined SUSE, I started testing Rancher, Rancher Desktop, K3s, k3d and RKE2 and I had a great time with them. First things first, I will

There is a lot of the art of the possible between the GitOps Engine, Argo CD, and the Application-as-Code platform, Shipa. In a recent blog post, we outlined the power of a one-line developer experience. Though if you are unfamiliar with ArgoCD, here is a guide to get you started with Argo CD and leveraging Shipa for your first deployment.

Kpack, a Kubernetes-native container build platform, is a powerful tool that helps DevSecOps teams build and update containers automatically. It is already a core component of VMware’s commercial container build offering, VMware Tanzu Build Service. And today, the kpack technology you know and love has been added as the default container build solution in VMware Tanzu Community Edition, the freely available, open source distribution of the Kubernetes-based Tanzu platform.

Our goal has always been to automate and standardize the management of infrastructure and deployment of applications across user infrastructure. Today, we are excited to announce that we've launched support for Google Cloud (GCP), expanding our natively supported providers list and further expanding the choice, flexibility, and reach the platform offers to current and new users. With this new integration, users can deploy, manage, and scale their containerized workloads to GCP compute infrastructure.

More than anything else, Kubernetes troubleshooting relies on the ability to quickly contextualize the problem with what’s happening in the rest of the cluster. As complicated as this may sound, SPEED is really the name of the game. After all, more often than not, you will be conducting your investigation under the glow of fires burning bright in production. Getting relevant context quickly and seeing things holistically is exactly what Komodor was created for.

The lockc project provides mandatory access controls (MAC) for container workloads. Its goal is to improve the current state of container/host isolation. The lockc team believes that container engines and runtimes do not provide enough isolation from the host, which I describe later in the “Why do we need it?” Section. In this blog post, I’ll provide an introduction to lockc, discuss why you need it and show you how to try it out for yourself.

Monitoring is a critical part of any computer system that has been brought in to a production-ready state. No IT system exists in true isolation, and even the simplest systems interact in interesting ways with the systems “surrounding” them. Since compute time, memory, and long-term storage are all finite, it’s necessary at the very least to understand how these things are being allocated.

While the global spend on artificial intelligence (AI) and machine learning (ML) was $50 billion in 2020 and is expected to increase to $110 billion by 2024 per an IDC report, AI/ML success has been hard to come by—and often slow to arrive when it does. There are four main impediments to successful adoption of AI/ML in the cloud-native enterprise.

As a software engineer, leveraging GitHub is one of those tools that transcend your personal and professional development activities. Bringing open source to the masses, GitHub is a familiar platform for many. A newer addition to the GitHub Platform is GitHub Actions which was originally a workflow engine, now expanding into CI/CD.

Kubernetes has become a fixture in production for most IT Operations teams. The VMware “State of Kubernetes 2021 Report” shows a distinct shift towards a reliance on Kubernetes, with almost two thirds of respondents now saying they use it in production. Companies with over 500 developers are driving this adoption, with 78% reporting that they run mostly- or all-containerized workloads in production.

The process of monitoring servers and applications has undergone many transformations throughout the years. When it began, the main question was whether the server was up or down. Now, monitoring helps answer questions about the internal state of an application and infer its status (also called white box monitoring). Monitoring today's complex infrastructure systems can be just as much an art as a technical skill.

It's 2022 and time to predict a few things for the coming year in the cloud native ecosystem.

Adopting a container-first approach represents an unrivalled opportunity for financial institutions to increase system efficiency and resource utilisation, improve security, introduce automation, and accelerate innovation. Containers offer a logical packaging tool in which applications can be decoupled from the underlying infrastructure on which they run.

Does this combination of words sound somewhat new to you as well? It may be just me, but having the opportunity to work on both sides, software development and system administration, the combination above seemed somewhat new or different to me. I always saw Oracle as something that would be managed and owned by the System Administrators. Technologies such as the database, ERPs, finance systems, and more which would take quite a lot of effort and cost to implement and maintain.

Windows applications constitute a large portion of the services and applications that run in many organizations. When moving to a Kubernetes-based architecture, there is a need to support these as well. Up until April 2020, the lack of container support within the Windows operating system left Linux container images as the only viable option for Kubernetes container deployment.

Let’s face it: Creating the optimal CI/CD workflow is not always a simple task. In fact, writing effective and efficient configuration code is the biggest hurdle that many developers face in their DevOps journey. But you don’t need to be an expert to set up a fast, reliable testing and deployment infrastructure. With a few straightforward techniques, you can optimize your config.yml file and unleash the full potential of your CI/CD pipelines.

Like any great technology, the interest in and adoption of Kubernetes (an excellent way to orchestrate your workloads, by the way) took off as cloud native and containerization grew in popularity. With that came a lot of confusion. Everyone was using Kubernetes to move their workloads, but as they went through their journey to deployment, they weren’t thinking about security until they got to production.

If you are not familiar with CloudFormation, an easy way to define it is AWS CloudFormation is an AWS service that uses template files to automate the setup of resources. It can also be described as an infrastructure automation or Infrastructure-as-Code (IaC) tool. You can use CloudFormation to automate the configuration of workloads that run on the most popular AWS services, including their managed Kubernetes offering, the Elastic Kubernetes Service, or EKS.

Welcome to the very first Civo Update of 2022! On behalf of everyone here at Civo we wish you happiness and prosperity for the year ahead. With lots on our roadmap for 2022, it's certainly going to be another exciting year for us at Civo. We recently launched our "Write for Civo" initiative where you can share your cloud native expertise and get paid for doing so. Check out the tutorial for more information.

The global health crisis has accelerated the digital transformation within the financial services industry.

Companies are under immense pressure to get “good” at software development in order to quickly adapt to changing business needs and provide a better experience for their customers. At the core of being “good” at software is developer experience.

We’ve all been there. After countless hours of development, you’re ready to take that app that works awesome on “localhost” live to production, but production services will only interface over https. Or maybe, your DNS is managed on Cycle, but some third-party app you want under the same domain requires a TLS certificate.

Rancher Desktop has been in development for just over a year with the open question: when do we have a 1.0.0 stable release? Along the way the scope has expanded, it was ported to run in more places and the development team has grown. All of this happened as we worked out if Rancher Desktop would be useful for people, what features people want to use and what are good ways to build it. We are finally ready to answer that 1.0.0 question.

DigitalOcean, or DO, brands itself as the “developer cloud,” and it’s no secret that it has a strong mind-share among developers, especially because of factors such as simple UI, performance, structured documentation, a robust community ecosystem, and last but not least, the affordable pricing. As developers started adopting microservices as the architecture of choice for their applications, DO responded quickly and launched their Managed Kubernetes offering, labeled DOKS.

When deploying cloud-native applications to a hybrid and multi-cloud environment that is protected by traditional perimeter-based firewalls, such as Palo Alto Networks (PAN) Panorama, you need to work within the confines of your existing IT security architecture. For applications that communicate with external resources outside the Kubernetes cluster, a traditional firewall is typically going to be part of that communication.

Legacy logging solutions simply couldn’t keep up with the complex, hyperconverged regional infrastructure at Civo, a Kubernetes service provider that enables users to launch k8s clusters within 90 seconds. “With our infrastructure and application deployment getting more complex and more distributed, we needed our logging solution and our entire observability stack to scale up with our needs,” said Anaïs Urlichs, Site Reliability Engineer at Civo.

As we kick off the new year and our release of Shipa 1.5.0, dabbling in the art of the possible, what if it was possible to provide your developers with a single line of configuration to get their ideas into production. Shipa is an application and policy abstraction layer which easily integrates with your DevOps toolchains.

To celebrate this new year, Qovery's blog highlights some of the top blog posts Qovery's engineers wrote during 2021 that you should read for 2022. Take a look at the top 10 posts published in 2021.

Codefresh has recently launched a new certification program that offers organizations and the open-source community a fast track to learning GitOps and how you can apply it to new and existing applications and infrastructure. These certificates can be earned through 3 courses and a final exam.