Cloud Native Enthusiasts Weekly: Chaos Mesh is upgraded to CNCF Incubation Project

Others 2022-04-20 01:09:07 views: 0

One week of cloud native news:

  • Chaos Mesh is upgraded to CNCF Incubation Project
  • Security Vulnerability Found in Zabbix Web Frontend
  • The 2021 Rust survey report is out
  • Sysdig 2022 Cloud Native Security and Usage Report Released
  • Solo releases open source project Bumblebee
  • Open source project recommendation
  • Article recommendation

Cloud Native Dynamics

Chaos Mesh is upgraded to CNCF Incubation Project

A few days ago, the CNCF Technical Oversight Committee (TOC) has voted to accept Chaos Mesh as a CNCF incubation project.

Originally created as a testbed for the open source distributed database TiDB, Chaos Mesh is a versatile chaos engineering platform that orchestrates chaos experiments in a Kubernetes environment. It helps ensure that the Kubernetes infrastructure can withstand unplanned outages by helping to identify potential points of failure.

Since being accepted by CNCF Sandbox in July 2020, Chaos Mesh has implemented two major versions (v1.0 and v2.0) and 30 minor versions, bringing improvements in observability, functionality and security Significant improvement.

Security Vulnerability Found in Zabbix Web Frontend

Two vulnerabilities in open source monitoring platform Zabbix could allow attackers to bypass authentication and execute arbitrary code on target servers.

The security holes were discovered in Zabbix Web Frontend, a platform for collection, centralization. And track metrics like CPU load and network traffic across your infrastructure.

The SonarSource researchers who discovered the vulnerabilities noted that Zabbix is ​​a high-profile target for threat actors due to its popularity, functionality, and "privileged position in most corporate networks."

The 2021 Rust survey report is out

A few days ago, the 2021 Rust survey analysis report was released. The survey, which began in December 2021, received responses from a total of 9,354 respondents in 113 different countries and territories around the world.

The survey results show that the proportion of Rust users is still rising. Among those who use Rust, 81% of respondents use it at least once a week, up from 72% in last year's survey.

As for why respondents use Rust at work, the top answer is that it allows users to "build relatively correct and bug-free software," a statement that 96% of respondents agreed with.

Sysdig 2022 Cloud Native Security and Usage Report Released

A few days ago, the fifth annual Sysdig 2022 Cloud Native Security and Usage Report was released. This report provides insight into how Sysdig customers of all sizes and industries are using and securing cloud and container environments. This year's report has new data on cloud security, container vulnerabilities, and Kubernetes capacity planning. You can download and read directly.

Solo releases open source project Bumblebee: build, deliver, run eBPF tools

A few days ago, Solo released an open source project, BumblebeeBumbleBee, focused on simplifying the user experience of building eBPF tools. BumbleBee helps build, run, and distribute eBPF programs using OCI images. It helps users focus on writing eBPF code while working on userspace components - automatically exposing users' data as metrics or logs.

BumbleBee brings a docker-like experience for automating key steps in this process. Bumblebee specializes in packaging, distributing and automatically generating userspace code for any eBPF program.

Open source project recommendation

Undock

Undock is a CLI tool that can mount container images into local directories. Undock is great if you want to use a container image to hold a medium like an rpm package and then extract it with a single command on your local machine. E.g:

$ undock --rm-dist crazymax/buildx-pkg:latest ./dist
./dist
├── docker-buildx-0.7.0~53-gb265f1cf.m-centos7.x86_64.rpm
├── docker-buildx-0.7.0~53-gb265f1cf.m-centos8.x86_64.rpm
├── docker-buildx-0.7.0~53-gb265f1cf.m-fedora33.x86_64.rpm
├── docker-buildx-0.7.0~53-gb265f1cf.m-fedora34.x86_64.rpm
├── docker-buildx-0.7.0~53-gb265f1cf.m-fedora35.x86_64.rpm
├── docker-buildx-0.7.0~53-gb265f1cf.m-ol8.x86_64.rpm
├── docker-buildx-0.7.0~53-gb265f1cf.m-rhel7.x86_64.rpm
├── docker-buildx-0.7.0~53-gb265f1cf.m-rocky8.x86_64.rpm
├── docker-buildx_0.7.0-r0~53-gb265f1cf.m_x86_64.apk
├── docker-buildx_0.7.0~53-gb265f1cf.m-debian10_amd64.deb
├── docker-buildx_0.7.0~53-gb265f1cf.m-debian11_amd64.deb
├── docker-buildx_0.7.0~53-gb265f1cf.m-raspbian10_amd64.deb
├── docker-buildx_0.7.0~53-gb265f1cf.m-raspbian11_amd64.deb
├── docker-buildx_0.7.0~53-gb265f1cf.m-ubuntu1804_amd64.deb
├── docker-buildx_0.7.0~53-gb265f1cf.m-ubuntu2004_amd64.deb
├── docker-buildx_0.7.0~53-gb265f1cf.m-ubuntu2104_amd64.deb
└── docker-buildx_0.7.0~53-gb265f1cf.m-ubuntu2110_amd64.deb

ebpfmanager

ebpfmanager is a pure go ebpf management package based on cilium/ebpf. It realizes configuration, automatic loading, and has object-oriented thinking. It supports configuration items such as tail call, mapspec, and Constant replacement, and realizes the initiation of probe particles. Stop control function.

porter.io

porter.io is an application that sends email notifications based on Github's follow project recommendation related articles. You can find many valuable articles by subscribing to push notifications.

Sha256algorithm

This project allows you to understand the principle of SHA256 algorithm more intuitively through visualization.

Article recommendation

Event-driven elastic scaling

KEDA extends the capabilities of Kubernetes by integrating and managing external resources, allowing you to automatically scale Kubernetes applications based on data inside and outside the system. KEDA removes the limitation of not being able to run multiple adapters in a cluster and also scales the number of instances of a workload to zero.

Will NeuVector be the next big cloud-native security artifact?

Recently, an article "SUSE Releases NeuVector: The Industry's First Open Source Container Security Platform" was reprinted on major IT news sites. As a newcomer to the SUSE family, it's amazing to deliver on the open source commitment after 3 months. So what are the advantages of NeuVector that can be favored by SUSE? What are the breakthroughs in comparing the open source security products of various security vendors? This article provides a brief analysis of NeuVector from a SecDevOps perspective.

This article is published by OpenWrite , a multi-post blog platform !

{{o.name}}
{{m.name}}

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=324085009&siteId=291194637
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com