DevOps / SRE - Top Links Last Week
Week 18 - Issue #77
Week 18 - Issue #77
Kubernetes Adopts Sigstore for Supply Chain Security
With the release of Kubernetes 1.24 on May 4, for the first time, over five million developers can verify that the distributions they're using are what they claim to be. The Sigstore is a free software signing service. It improves software supply chain security by making it easy to sign release files, container images, and binaries cryptographically. Once signed, the signing record is kept in a tamper-proof public log. Sigstore will be free to use by all developers and software providers.
Post-Quantum Cryptography Set to Replace RSA, ECC
Post-quantum computing will be available in the cloud by 2026, with the global market projected to grow from $472 million in 2021 to $1.765 billion. Criminals could use the new technology to defeat current encryption methods. The U.S. government has issued a brief to prepare for the latest technology. It says the sooner we get started, the sooner than we think, and the sooner it will be possible to use the new tools to break into the world of quantum computing systems.
Introducing Terramate — An Orchestrator and Code Generator for Terraform
Mineiros Terramate is an Orchestrator and Code Generator for the open-source and Terraform community. The tool is designed to help users and customers implement workloads in public clouds with Infrastructure as Code (IaC). It's designed to reduce code duplication by sharing data between stacks and generating HCL (Hashicorp Configuration Language) code inside each stack. We are currently building a VEsode extension for supporting native HCL. We hope to use this tool to help our clients and customers.
Introducing ArcticDB: A Database for Observability
ArcticDB is an embedded columnar database written in Go built on top of Apache Parquet and Apache Arrow. This blog post describes why we made it and what drove specific features and requirements. The data model of Parquet is highly inspired by Prometheus' data model. It produces a vast amount of data to store and query efficiently, but the data model needs a columnar. In addition, the database is designed to handle unbound cardinality data, which conflicts with the desire to buffer samples per unique series.
Docker Under Siege: Cybercriminals Compromise Honeypots to Ramp Up Attacks
Cybercriminals are ramping up their attacks on the Docker Engine, the software foundation of the container infrastructure used by many cloud-native companies. For example, cloud-management platform Uptycs has detected 10 to 20 attempts to compromise its Docker-based infrastructure every day. In addition, cybersecurity services firm CrowdStrike says hackers compromised its honeypots through the open Docker API and installed two malicious container images used to attack Russian and Belarusian sites. Compromised infrastructure has far-reaching consequences for organizations unwittingly participating in hostile activity against the Russian government, military, and civilian targets.