Operations | Monitoring | ITSM | DevOps | Cloud

If you are running a user-facing web application, you likely implement some form of authentication flow to allow users to log in securely. You may even use multiple systems and methods for different purposes or separate groups of users. For example, employees might use OAuth-based authentication managed by a company-provided Google account to log in to internal services while customers can use a username and password system or their own Google credentials.

Running synthetic monitoring thinking it will match up with a user’s reality throw for throw is a fool’s game. While you can test in prod, your testing parameters are limited by an insider’s knowledge of the transaction’s pathways – making true objectivity challenging to achieve in testing. Yet still, every transaction tells a story.

2020 is coming to an end, and we can definitely say it was an amazing year for Cortex. Dare I say, it has been the best year so far! It was a year filled with huge milestones for the project. We released the first major version 1.0.0 back in April, along with introducing some versioning rules to avoid breaking changes to our users.

I recently had the pleasure of attending the Gartner IT Infrastructure, Operations & Cloud Strategies (IOCS) Conference. Like most events in 2020, this event was virtual and brought together infrastructure and operations (I&O) leaders from across the world together to redefine, reassess, and prepare for what normal might be in the near future. Here are some of the major takeaways from my experience at this four-day event.

Like pretty much every company in 2020, Civo has had to deal with some unexpected world events! To wrap up the year, I thought I'd put together some of the most significant developments in our company from a CTO's perspective, and how they will affect us looking forward into the next year.

CVE-2020-8554 is a vulnerability that particularly affects multi-tenant Kubernetes clusters. If a potential attacker can create or edit services and pods, then they may be able to intercept traffic from other pods or nodes in the cluster. An attacker that is able to create a ClusterIP service and set the spec.externalIPs field can intercept traffic to that IP. In addition, an attacker that can patch the status of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.

Come December, it’s traditional in the industry to meditate on emerging trends and make predictions about how these will shape the year to come. I have my fair share of prognostications for 2021, but I want to take this moment to reflect on a year that could never have been predicted.

Developers and operators on IT and development teams want powerful metric querying, analysis, charting, and alerting capabilities to troubleshoot outages, perform root cause analysis, create custom SLI / SLOs, reports and analytics, set up complex alert logic, and more. So today we’re excited to announce the General Availability of Monitoring Query Language (MQL) in Cloud Monitoring! MQL represents a decade of learnings and improvements on Google’s internal metric query language.

As we move into the next year, we are hoping for a return to relative normalcy. That goes for our personal lives, social lives, and professional lives. Professionals have acclimated to the situation, or now see a return to relative normalcy just around the corner with the development of vaccines. And despite the wait, different industries and the DevOps community in particular have persisted.