Yet Another DevOps Newsletter Volume 2

Every month, you’ll get content about all things cloud-native DevOps, as well as content from experts in the open-source/Kubernetes communities.

Abhi Vaidyanatha
Abhi Vaidyanatha

Table of Contents


Welcome back to the second edition of the Plural Monthly Newsletter, YADN!

Every month, you’ll get content about all things cloud-native DevOps, as well as useful content from experts in the open-source/Kubernetes communities. We’ll also give you a quick update on what’s been going on at Plural.

If you see a piece of content that you like and want to have included in our monthly recap, please reach out to us. We’re an open-source company and we highly prioritize content that comes from members of our community. Join us on Discord to stay up to date with what we are working on.

Thanks!

P.S. We are launching live on Product Hunt this Thursday (July 7th). If you like what we are doing and want to show your support, please consider upvoting us on Thursday.


Cloud-Native DevOps

Recently, a group of cybersecurity experts uncovered that more than 900,000 instances of Kubernetes consoles were exposed on the internet. While the research group explained that the exposure doesn’t necessarily mean that all exposed instances are vulnerable to attacks, they did warn that the misconfiguration of Kubernetes instances could lead to potential attacks in the future. In this article, Julien Maury of eSecurity Planet offers a few best practices your organization can implement to protect against Kubernetes hackers.

Nearly a Million Kubernetes Instances Exposed on Internet | eSecurityPlanet
The Kubernetes container management platform could be a source of major security vulnerabilities. Here’s how to protect it.

Kubernetes recently turned eight years old at the beginning of June. Since then, it has grown in popularity among companies, Cloud Native Computing Foundation reports that 96% of organizations are either using or at least evaluating Kubernetes. The engineering team at Mercedes Benz has been utilizing Kubernetes for the last seven years and has since scaled up to 900 on-premises Kubernetes clusters. In this article, Scott Carey of InfoWorld discusses how the Mercedes Benz team scaled to 900 Kubernetes on-premise clusters and their plan of action moving forward as they shift towards the cloud.

Why Mercedes-Benz runs on 900 Kubernetes clusters
The German automaker runs a massive fleet of Kubernetes clusters to support a wide range of project teams around the world. ‘For us, managing Kubernetes is not that hard.’

DevOps has primarily been a knowledge problem for developers. According to our CTO and co-founder Michael Guarino “An open-source stack can substantially reduce the surface area an operator needs to cover under their system.” Check out our latest article that highlights open-source technologies that are paving the way forward for DevOps teams.

The Future of DevOps is Open-Source
Open-source software is growing in demand and is beginning to play a pivotal role in the evolution of the DevOps toolkit.

Recently, a group of cybersecurity experts uncovered that more than 900,000 instances of Kubernetes consoles were exposed on the internet. While the research group explained that the exposure doesn’t necessarily mean that all exposed instances are vulnerable to attacks, they did warn that the misconfiguration of Kubernetes instances could lead to potential attacks in the future. In this article, Julien Maury of eSecurity Planet offers a few best practices your organization can implement to protect against Kubernetes hackers.

Nearly a Million Kubernetes Instances Exposed on Internet | eSecurityPlanet
The Kubernetes container management platform could be a source of major security vulnerabilities. Here’s how to protect it.

Open-Source Space

In case you missed it, Databricks at their recent Data + AI Summit in San Francisco, California, announced its open-sourcing the technology behind their Delta Lake, including its APIs with the launch of Delta Lake 2.0. While Databricks has quietly been open-sourcing its platform over the past few months, the official release highlights how valuable open source is to companies who have a hard time committing to one vendor.

Databricks makes its Delta Lake cloud data platform fully open source
‘Data lakehouse’ pioneer Databricks doubles down on open source credentials by handing Delta Lake 2.0 to the Linux Foundation.

Open source is great and offers a wide range of benefits for organizations. However, if it is not managed properly or updated frequently, users fall at risk of security issues. A recent report from Synopsys OSSRA revealed that 81% of open source code contains vulnerabilities. At the same time, open-source offers great security benefits to organizations as businesses rely on the expertise of others to develop secure products.

Is Open Source the Greatest Path to Security?
Open source offers real security benefits to organizations, but also carries significant risks

Dagster kicked off the summer by releasing version 0.15.0 of their product. The biggest news from their recent release is that software-defined assets are now fully stable and ready for use. What are software-defined assets? They are a layer on top of Dagsters' core computational concepts such as graphs, jobs, and ops that links those concepts to the objects they interact with.

Check out their latest release below.

Releases · dagster-io/dagster
An orchestration platform for the development, production, and observation of data assets. - dagster-io/dagster

In case you missed it, I was recently on Airbyte’s Community Call, where I highlighted how you can deploy Airbyte on Kubernetes within your browser. Check it out below and let us know what you think.


Product Updates

Here is what we have been up to the past month.

Plural Update June 2022
June was a busy month for us at Plural. Here is what we were up to in the month of June.

If you love what we’re doing and want to join our team, head over to our careers page! If you don’t see your role there, we'll make it work - head over to our community Discord to start the conversation!

If you haven’t already, check out the project on GitHub (drop us a star if you’re feeling generous), and stay up to date with what we’re up to on our Twitter account.

Newsletter

Abhi Vaidyanatha

Head of Community