Earlier this week, GitHub launched the public beta of GitHub Container Registry — essentially an addition to the GitHub Packages feature released last year that will enable its users to “better enforce access policies, encourage usage of a standard base image, and promote innersourcing through easier sharing across the organization.” Perhaps even more important than those features, however, is the fact that GitHub will provide anonymous access for public container images, which it says it will provide free of charge.
The news comes on the heels of last month’s change to the Docker Hub terms of service, which caused a bit of hubbub, as the company introduced rate limits and a timeline for the automatic removal of inactive images. For some, the timing seems less than coincidental, and Docker itself simultaneously blogged about the news, writing that “Docker and GitHub continue to work together to make life easier for developers.”
Not that you’d expect GitHub to mention it, but reading the news you might be tempted to think that this is the first alternative to Docker Hub out there, when in fact GitLab has offered this exact functionality since 2016.
Brendan O’Leary, a senior developer evangelist at GitLab, offered a comment by email on the news, noting precisely this fact, saying “We believe that a complete DevOps platform is a huge benefit to engineers and leadership alike. That’s why we added a container registry to GitLab in 2016, and continue to focus our efforts on delivering a complete DevOps platform as a single application.”
GitLab is missing, however, one big part that the Microsoft-backed (and owned) GitHub can offer – the cloud platform behind it.
Whether or not GitLab got there first, GitHub is getting in on the game, precisely when Docker Hub seems to be opting out of footing the bill for widespread (free) use, and it has a foot in the door already on where many assume it plans to take this next.
Agreed, although I think GitLab will bristle over the fact that they’re not _currently_ recognized for the “first” title.
— Paul Burt 🍕 (@ThatMightBePaul) September 1, 2020
This Week in Programming
- Postman Gets a Web Client for API Tools: Until now, Postman relied on the old method of actually forcing its users to download and install software to use its tools (archaic, right?) but now the company has launched a new web client that it says offers users “simplified access and superior collaboration.” Calling the new web client “one of the most-requested features,” the company explains that being on the web not only allows for easier user onboarding, but also deep linking and “scalable sending of API requests from the browser.” The web version of Postman is available now.
- Google Wraps Up “11 Weeks of Android”: In lieu of a big launch event for the release of Android 11, Google instead put out a weekly series for the past 11 weeks, and this week is the culmination. The series addressed, you guessed it, 11 separate areas relating to Android 11, including many developer-specific topics such as programming languages, Android Jetpack, machine learning, and more. This week’s blog post provides a nice summary pointing you to resources for each topic and points to a playlist of all the related videos compiled over the series. In all, it feels like a good bookmark for aspiring and experienced Android developers alike.
an escape room, but it’s just endless git merge conflicts. good luck
— I Am Devloper (@iamdevloper) August 31, 2020
- Sharing Kotlin Logic Across Android & iOS: JetBrains has launched an alpha of the Kotlin Multiplatform Mobile SDK, which allows users to use the same business logic code in both iOS and Android applications, along with a plugin for Android Studio. Of course, Kotlin already has multiplatform capabilities, as well as various tools and features to that end, but KMM allows you to keep the benefits of native programming and only write platform-specific code “only where it’s necessary, to implement a native UI or when working with platform-specific APIs.” The core business logic code is compiled to JVM bytecode with Kotlin/JVM and to native binaries with Kotlin/Native, meaning KMM business-logic modules can be used just like any other regular mobile library. To get started, head on over to the KMM developer portal, check out the docs or get cracking on the tutorials.
- Stand On the Shoulders of Open Source Greats: I remember in college meeting other aspiring writers who wouldn’t want to read for fear of being unintentionally tainted and having any cause to the claim that they were merely a rip-off of such-and-such author. It was an argument to which I never subscribed, and one in the world of programming that I would agree with even less. For my money, you should read your predecessors so that you might be able to take the next step. Such is the line of thinking behind a couple of books that examine the architecture of open source applications. “Most software developers only ever get to know a handful of large programs well—usually programs they wrote themselves — and never study the great programs of history,” the intro to the books reads. “As a result, they repeat one another’s mistakes rather than building on one another’s successes. Our goal is to change that.” The books contain the stories behind the structure of nearly 50 open source projects, by the projects’ authors themselves, and offer a glimpse into the why behind so many projects we might take for granted.
Kubernetes is iptables with some container tech sprinkled about.
— Vallery Lancey (@vllry) August 29, 2020
- Amazon Intros Container-Focused Linux Distribution with Bottlerocket: Amazon has released an open source Linux distribution called Bottlerocket that is designed from the ground up to run containers, improving security, operations, and manageability at scale. For security, Bottlerocket uses Security-Enhanced Linux (SELinux) to help with workload isolation, and reduces the attack surface by only including what is absolutely necessary. They also note that large parts are written in Rust, which is known for its memory security (as opposed to the memory insecurity C++ is known for). On the operations and manageability end of things, Bottlerocket offers an API and is purpose-built to run containers, meaning there’s less to update, less to go wrong, and more to automate. “Updates to Bottlerocket,” they explain, “can be applied and rolled back in an atomic manner, which makes them easy to automate, reducing management overhead and reducing operational costs.” AWS-provided builds of Bottlerocket work out-of-the-box with Amazon EKS and Amazon ECS, and the core project is designed to work with other container orchestrators.
- A Glimpse Into Linux Kernel Development in Rust: To the excitement of those in the Rust community, there has been some signaled openness in recent months to using the language, as an alternate for C, in Linux kernel development. This week, another post to LWN looks at supporting Linux kernel development in Rust, this time offering some more concrete examples of what that might look like. The topic was recently discussed at a popular virtual panel, as part of the 2020 Linux Plumbers Conference, with the presenters stating that they “are not proposing a rewrite of the Linux kernel into Rust; they are focused only on moving toward a world where new code may be written in Rust” and pointing to “three areas of potential concern for Rust support: making use of the existing APIs in the kernel, architecture support, and a question about ABI compatibility between Rust and C.”
I’m going to say it louder for the folks in the back: Micro-services solve a team scaling problem, not a tech problem. Container orchestration solves a micro-services deployment problem.
Most of y’all have neither. Use a PaaS. https://t.co/D7TbdD1IMW
— Joshua McKenty (@jmckenty) September 4, 2020
GitLab is a sponsor of The New Stack.