The latest News and Information on Containers, Kubernetes, Docker and related technologies.
Launched at KubeCon North America last December, Loki is a Prometheus-inspired service that optimizes storage, search, and aggregation while making logs easy to explore natively in Grafana. Loki is designed to work easily both as microservices and as monoliths, and correlates logs and metrics to save users money. Less than a year later, Loki has almost 6,500 stars on GitHub and is now quickly approaching GA.
Docker has changed the way we build, package, and deploy applications. But this concept of packaging apps in containers isn’t new—it was in existence long before Docker. Docker just made container technology easy for people to use. This is why Docker is a must-have in most development workflows today. Most likely, your dream company is using Docker right now. Docker’s official documentation has a lot of moving parts. Honestly, it can be overwhelming at first.
Two years ago, Pusher started building an internal Kubernetes based platform. As we transitioned from a single product to multiproduct company, we wanted to help our product teams spend less time worrying about shared concerns such as infrastructure and be able to focus more on writing business logic for our products. Over this period, our platform team have solved many of the problems that Kubernetes doesn’t solve out of the box. Until recently, we had not solved the problem of configuration.
If you happen to be running multiple clusters, each with a large number of services, you’ll find that it’s rather impractical to use static alerts, such as “number of pods < X” or “ingress requests > Y”, or to simply measure the number of HTTP errors. Values fluctuate for every region, data center, cluster, etc. It’s difficult to manually adjust alerts and, when not done properly, you either get way too many false-positives or you could miss a key event.
Docker and Kubernetes have taken the software world by storm. DevOps, containers, and container management are at the center of most conversations about what’s relevant to technology. Tooling and services that ease running software in containers, therefore, occupy the minds of developers. Great tools and platforms create options and possibilities. They also create challenges in understanding available choices, though.
A recent CNCF-sponsored Kubernetes security audit uncovered CVE-2019-11246, a high-severity vulnerability affecting the command-line kubectl tool. If exploited, it could lead to a directory traversal, allowing a malicious container to replace or create files on a user’s workstation. This vulnerability stemmed from an incomplete fix of a previously disclosed vulnerability (CVE-2019-1002101). Are you vulnerable?
We are very excited to announce Calico v3.8. Here are some highlights from the release. You can now view IP address usage for each IP pool using calicoctl. This allows you to more easily manage the IP space in your cluster, providing a simple way to see which IP pools have addresses available and which are running low. See the calicoctl reference documentation for more detailed information on how to use this feature.
