Cloud Icon

Cloud

40 Stories
All Topics

Cloud blog.trailofbits.com

Algo – your personal VPN in the cloud

The linked article is an excellent introduction to Algo, which is effectively a set of Ansible scripts that set up a Wireguard and IPSEC VPN for you. Algo automatically deploys an on-demand VPN service in the cloud that is not shared with other users, relies on only modern protocols and ciphers, and includes only the minimal software you need. And it’s free. For anyone who is privacy conscious, travels for work frequently, or can’t afford a dedicated IT department, this one’s for you. Algo’s list of features (and anti-features) is compelling and most VPN services are terrible. 👀

read more

Ballerina blog.ballerina.io

Ballerina goes 1.0

You may have initially heard of Ballerina on episode #313 of The Changelog. Well, the “first cloud native programming language” has finally reached its milestone 1.0 release! After more than 3 years of hard work by an incredible team, I am thrilled to announce the general availability of Ballerina 1.0! Congrats to Paul and the team for powering through and shipping something they can be proud of! Check the announcement post for all the details of what “1.0” means for Ballerina.

read more

Cloudflare Blog Icon Cloudflare Blog

CloudFlare files its S-1 to the SEC as it prepares to IPO

Today, our network spans 193 cities in over 90 countries and interconnects with over 8,000 networks globally, including major ISPs, public cloud providers, SaaS services, and enterprises. We estimate that we operate within 100 milliseconds of 98% of the Internet-connected population in the developed world, and 93% of the Internet-connected population globally (for context, the blink of an eye is 300-400 milliseconds). We intend to continue expanding our network to better serve our customers globally and enable new types of applications, while relentlessly driving down our unit costs. There’s a lot of interesting tidbits in this filing. I love this lead-in to the industry analysis section: The Internet was not built for what it has become.

read more

The New Stack Icon The New Stack

Capital One's cloud misconfiguration woes have been an industry-wide fear

Developers and IT decision-makers should not be surprised by the recent Capital One data breach: Misconfigurations have long been the top cloud security concern. A new StackRox survey of IT decision-makers supports this finding as 60% of respondents are more worried about misconfigurations or exposures, as compared to attacks and generic vulnerabilities. We’re not 💯 on what exactly happened, but the evidence is pointing toward a misconfigured firewall.

read more

Jake Jarvis jarv.is

How to automatically backup a Linux VPS to another cloud service provider

Cloud lock-in isn’t an issue until it is — “any amount of backups are just more eggs in the same basket if everything is under one account.” Most of the popular one-click server providers (including DigitalOcean, as well as Linode, Vultr, and OVH) provide their own backup offerings for an additional monthly cost (usually proportional to your plan). But as Nicolas learned the hard way, any amount of backups are just more eggs in the same basket if everything is under one account with one credit card on one provider. Luckily, crafting a DIY automated backup system using a second redundant storage provider isn’t as daunting (nor as expensive) as it might sound. The following steps are how I backup my various VPSes to a totally separate cloud in the sky. Jake Jarvis writes on his personal blog how to backup various VPS’s to a totally separate cloud provider.

read more

Go github.com

Get unlimited Google Drive storage by splitting binary files into base64

A clever hack that is now being investigated by Google’s internal forums. How it works: Google Docs take up 0 bytes of quota in your Google Drive Split up binary files into Google Docs, with base64 encoded text Encoded file is always larger than the original. Base64 encodes binary data to a ratio of about 4:3. A single doc can store ~1 million characters. This is around 710KB of base64 encoded data.

read more

Ev Kontsevoy gravitational.com

Rolling your own servers with Kubernetes (goodbye AWS)

Why Kubernetes? Should you roll your own servers? Should you go off the cloud? If you’ve listened to The Changelog #344 — where we cover the details of Changelog.com’s 2019 infrastructure with special guest Gerhard Lazu — then you’ll know the answer to these questions. But if not, as you might assume, I recommend listening to that episode and reading this post from Ev, in that order. In this three-part blog series, we’ll try to address some of the fears and uncertainties faced by organizations who had successfully started their projects on public clouds, like AWS, but for one reason or another found themselves needing to replicate their cloud environment from scratch, starting with an empty rack in their own enterprise server room or a colocation facility.

read more

Uber Engineering Icon Uber Engineering

Cadence is Uber's new orchestration engine

Its focus is on executing async long-running business logic. Business logic is modeled as workflows and activities. Workflows are the implementation of coordination logic. Its sole purpose is to orchestrate activity executions. Activities are the implementation of a particular task in the business logic. The workflow and activity implementation are hosted and executed in worker processes. These workers long-poll the Cadence server for tasks, execute the tasks by invoking either a workflow or activity implementation, and return the results of the task back to the Cadence server. Furthermore, the workers can be implemented as completely stateless services which in turn allows for unlimited horizontal scaling.

read more

Go blog.containo.us

Back to Traefik 2.0 - gigawatts of routing power

There’s a major new version of Traefik in the works: For several months, the maintainer team has been working on a deep refactoring of the codebase to provide the firm foundations for the next iteration of Traefik, and we are ready to share this vision with you. Today, we’re announcing Traefik 2.0 alpha, the edge router built with the future in mind. The new core is here, help us finalize Traefik with the features you want!

read more

Docker Blog Icon Docker Blog

Containerd graduated within the CNCF

Today containerd graduated within the CNCF to join the ranks of Kubernetes, Prometheus, Envoy, and CoreDNS as a “graduated” project in the CNCF. From Michael Crosby on the Docker blog: We are happy to announce that as of today, containerd, an industry-standard runtime for building container solutions, graduates within the CNCF. From Docker’s initial announcement that it was spinning out its core runtime to its donation to the CNCF in March 2017, the containerd project has experienced significant growth and progress over the last two years. The primary goal of Docker’s donation was to foster further innovation in the container ecosystem by providing a core container runtime that could be leveraged by container system vendors and orchestration projects such as Kubernetes, Swarm, etc.

read more

Kubernetes k3s.io

K3s — Lightweight Kubernetes

K3s is a fully compliant production-grade Kubernetes distribution with the following changes: Legacy, alpha, non-default features are removed. Many of these features are not available in most Kubernetes clusters already. Removed in-tree plugins (cloud providers and storage plugins) which can be replaced with out-of-tree add-ons. Added sqlite3 as the default storage mechanism. etcd3 is still available, but not the default. Wrapped in a simple launcher that handles a lot of the complexity of TLS and options. Rancher is also doing an online meet-up and demo of K3s on March 13, 2019.

read more

Gianluca gianarb.it

Extend Kubernetes via a shared informer

This post from Gianluca Arbezzano contains both theory and code with a complete working application to understand how to build your own shared informer to extend Kubernetes beyond applying YAML via kubectl. Kubernetes increases in popularity every day but I don’t think we use all its power just applying YAML via kubectl. Kubernetes is a framework and as every framework, it exposes powerful interfaces and API usable to extend its capability with our needs. Shared Informers are what I see as the easy way to enjoy k8s as an extendible tool to programmatically build and ship containers.

read more

Charity Majors honeycomb.io

How much should my observability stack cost?

I love the way Charity Majors, CEO of Honeycomb.io, opens up this post… What should one pay for observability? How much observability is enough? How much is too much, or is there such a thing? Is it better to pay for one product that claims (dubiously) to do everything, or twenty products that are each optimized to do a different part of the problem super well? It’s almost enough to make a busy engineer say “Screw it, I’m spinning up Nagios”. (Hey, I said almost.)

read more

Kubernetes github.com

Goldpinger tests and displays connectivity between Kubernetes nodes

Mikolaj Pawlikowski talked about this Bloomberg project at KubeCon 2018 last week. Goldpinger makes calls between its instances for visibility and alerting. It runs as a DaemonSet on Kubernetes and produces Prometheus metrics that can be scraped, visualised and alerted on. Oh, and it gives you the graph below for your cluster. Check out the video explainer.

read more

Cloud crossplane.io

Crossplane – the open source multicloud control plane

Crossplane provides a universal cloud computing API. Control your workloads across clouds and on-prem environments from one unified place. Nobody wants to be locked in to their current cloud provider. With Crossplane (and a new breed of ‘multi-cloud’ tools like it), you can spread your application across multiple cloud providers at a single time, migrate managed services across multiple clouds, and more. We might be looking at the future of cloud computing, right here. I’m sure this will be a hot subject at this week’s KubeCon in Seattle. (Adam is onsite covering the event. Find him and say hi if you’re attending.)

read more

Adam Stacoviak changelog.com/posts

The Cryptography Research Group at Microsoft released Microsoft SEAL to encrypt and secure sensitive data in the cloud

If you’ve been watching the news, you know that the latest data breach involved Marriott exposing 500 million guest reservations from its Starwood database. The kicker is that the unauthorized access to the Starwood guest database stretches back to 2014. That’s FOUR YEARS of unfettered access to this database! It’s breaches like these that helped motivate the team at the Cryptography Research Group at Microsoft to be “extremely excited” to announce the release of Microsoft SEAL (Simple Encrypted Arithmetic Library) as open source under the MIT License.

read more

Matt Klein blog.envoyproxy.io

Envoy is now a CNCF graduated project

When we talked with Dan Kohn on The Changelog #314 about the CNCF landscape and trail map, he made it clear that graduated projects are a good first choice for adoption at each stage along the 1 through 10 trail map trail. In this case, Envoy is poised to be the “happy path” choice for 5. Service proxy, discovery, & mesh. …the CNCF projects in general somewhat represent a happy path, where we can confidently say, hey, if you choose our graduated incubating projects, we know they all work. We know that there’s real end-users adopting them. We know that there’s vendors out there who are eager to support them, your issues are gonna get responded to … it’s a pretty safe bet to engage and get invested in those communities. — Play The Changelog #314 at 1:03:48 or read the transcript

read more

Drew Devault drewdevault.com

sr.ht, the hacker’s forge, now open for public alpha

Drew Devault, announcing “sir hat” (or however you want to refer to it) For those who are new, let me explain what makes sr.ht special. It provides many of the trimmings you’re used to from sites like GitHub, Gitlab, BitBucket, and so on, including git repository hosting, bug tracking software, CI, wikis, and so on. However, the sr.ht model is different from these projects - where many forges attempt to replicate GitHub’s success with a thinly veiled clone of the GitHub UI and workflow, sr.ht is fundamentally different in its approach. This has folks pretty excited. But what’s all the hubbub about? Well, in addition to being 100% free and open source… sr.ht is special because it’s extremely modular and flexible, designed with interoperability with the rest of the ecosystem in mind. On top of that, sr.ht is one of the most lightweight websites on the internet, with the average page weighing less than 10 KiB, with no tracking and no JavaScript. The flagship product from the software suite is it’s CI platform, which: is easily the most capable continuous integration system available today. It’s so powerful that I’ve been working with multiple Linux distributions on bringing them onboard because it’s the only platform which can scale to the automation needs of an entire Linux distribution. There’s always a potential for hyperbole when the creator is describing their creation, but I’m convinced this is at the very least worth checking out. It might even make for a great episode of The Changelog…

read more

Zach Bloom Cloudflare Blog

Cloud computing without containers

(READ ALONG IN YOUR FAVORITE MOVIE TRAILER VOICE) … In a world where serverless is still being demystified, CloudFlare, a company who’s focused on pushing things to the edge, launches a game changer for not only serverless, but for cloud computing at large. Unlike every other cloud computing platforms out there, this platform called Workers, doesn’t use containers or virtual machines. This, is the future of serverless and cloud computing. Join Zach Bloom in this epic tale as he tries to convince you why. OK, seriously — this news bubbled up to me enough times that I just had to share it. Here’s the tee up of the problem they faced — how they’re going about solving it is truly a great read. Two years ago we had a problem. We were limited in how many features and options we could build in-house, we needed a way for customers to be able to build for themselves. We set out to find a way to let people write code on our servers deployed around the world (we had a little over a hundred data centers then, 155 as of this writing). Our system needed to run untrusted code securely, with low overhead. We sit in front of ten million sites and process millions and millions of requests per second, it also had to run very very quickly…

read more

ZEIT Icon ZEIT

Now 2.0

My biggest take away from this epic announcement from ZEIT? The support of the majestic monorepo! …Now 2.0 enables what we will call The Majestic Monorepo, inspired by a similarly named essay by DHH, creator of Ruby on Rails (The Majestic Monolith). We don’t agree that you should be orchestrating a big server abstraction (a monolith), but we believe you should be able to collocate your APIs and your business logic in a single place, with a cohesive deployment story. It looks, feels and deploys like a monolith, with none of its downsides. …but there is SO MUCH MORE to this announcement. Also, we talked a bit about David’s idea of The Majestic Monolith on The Changelog #286.

read more

James Governor redmonk.com

"GitHub is where source code lives."

I agree — “GitHub is, quite simply, home for developers,” as stated by James Governor in his highlights post on GitHub Universe 2018. Out the gate, James focuses on the announcement of GitHub Actions, which “feels like a profound launch, one that could prove extremely disruptive in the long term.” An idea that seems to have started as “Probot” is now a full fledged and more approachable product offering called GitHub Actions, and looks like it will continue to drive more and developers, developers, developers to GitHub in 2019. Quite simply, Actions could be a disruption driving feature. So what about future implications of Actions for AWS, Microsoft Azure and GCP Cloud compute platforms? Actions could even pose a threat to the centrality and stickiness of the cloud console, because If developers can drive all their workflows from GitHub they have less need to use the console. It might seem absurd to position GitHub as an AWS competitor … but there is no denying the potential for GitHub to lessen the primacy of a cloud operator console in favor of Actions scripted in GitHub, triggering actions and deployments across multiple clouds. GitHub used its keynote to demonstrate the ability to deploy a workload across multiple clouds. Mark your calendars for November 28th! We’re releasing a new episode on The Changelog talking GitHub Actions with Kyle Daigle, Director of Ecosystem Engineering at GitHub, and one of the leaders to bring Actions to fruition. Stay tuned!

read more

Tyler Treat bravenewgeek.com

Multi-cloud is a trap

This is the battle cry that started the Open Container Initiative. But in reality, are/was multi-cloud and vendor lock-in true concerns for software teams? Tyler Treat writes on his personal blog: We want to be cloud-agnostic. We need to avoid vendor lock-in. We want to be able to shift workloads seamlessly between cloud providers. Let me say it again: multi-cloud is a trap. Outside of appeasing a few major retailers who might not be too keen on stuff running in Amazon data centers, I can think of few reasons why multi-cloud should be a priority for organizations of any scale.

read more

Daniele Polencic learnk8s.io

What is Kubernetes?

In this highly visual and scroll friendly post from Daniele, you’ll follow the evolution of monolith, to components, to VMs, to today’s world of Kubernetes and cloud. Daniele writes: Kubernetes and Docker? What is the difference? Is it just a fad or are those two technologies here to stay? If you heard about the Docker and Kubernetes, but you aren’t sold on the idea and don’t see the point in migrating, this article is for you. 
Learn how you can leverage Kubernetes to reduce infrastructure costs and accelerate your software delivery.

read more

0:00 / 0:00