Listen to all TNS podcasts on Simplecast.
Last year, a survey from the Cloud Native Computing Foundation found that the number one issue for companies in adopting cloud native technologies was “cultural changes with the development team.”
And that’s not surprising, Qullin writes on The New Stack this week:
The DevOps culture necessary to effectively use open source, cloud native technologies has fundamentally changed software and team processes. The culture of DevOps is expanding how we work and think. For some, this presents an exciting opportunity. Others approach it with more trepidation.
We spoke with Qullin with how companies can move forward despite these cultural barriers. Then, we discussed some of the other stories and podcasts that appeared on the site this week.
Context’s regular host Libby Clark is off this week, so The New Stack publisher Alex Williams hosted this show, with the assistance from The New Stack managing editor Joab Jackson.
Other Stories Discussed
- The Central Security Project: Vulnerability Reporting for Open Source Java: Security platform HackerOne and software supply chain management tool Sonatype have teamed up to solve with The Central Security Project, a new effort that brings together the ethical hacker and open source communities to streamline the process for reporting and resolving vulnerabilities discovered in libraries housed in The Central Repository, the world’s largest collection of open source components. The new project was meant to help provide a single way for vulnerability disclosures to be made. When a new vulnerability is reported, Sonatype will assess the report and, where appropriate, develop a fix.
- How to Improve the Security of Your APIs from the Get-Go: This contributed piece from Dmitry Sotnikov — who is the vice president of Cloud Platform at enterprise API security company 42Crunch — discusses the changes in the best practices for web firewalls in the enterprise. Previously, the entry point to an organization’s network architecture was through applications, with a thin web application layer and running on dedicated servers. This made it relatively easy to maintain security by setting up a web application firewall (WAF) to protect the application servers. However, with the rise of APIs, the picture today is very different.
- Kubernetes 1.14 Brings Docker Orchestration to Windows Server: The latest release of Kubernetes, version 1.14, is out with production-level support for Windows nodes and 10 enhancements moving to the stable release. Windows special interest group lead Michael Michael from Microsoft as well as contributors from other companies helped on this work to enable Windows nodes, an effort that began three years ago. Now you can schedule Windows Server containers using Docker on top of Kubernetes.
- Open Standards, and the Role of containerd in Kubernetes Orchestration: Docker was already the de facto standard when Kubernetes adoption was starting to begin, but Docker was backing its own alternative, the Swarm orchestrator. The need for an industry standard for container runtime was apparent. This lead to the creation and subsequent graduation in February of containerd within the Cloud Native Computing Foundation, joining the ranks of Kubernetes, Prometheus, Envoy and CoreDNS, explained IBM’s Phil Estes, in this TNS Makers podcast episode.
Oracle is a sponsor of The New Stack.
Feature image via Pixabay.