A couple weeks ago at Open Source Summit Europe, Riyaz Faizullabhoy, Security Engineer at Docker, announced on stage that the Technical Oversight Committee has voted Notary and TUF in as our 13th & 14th hosted projects.
Originally created by Docker, Notary is based on The Update Framework (TUF) specification, a secure general design for the problem of software distribution and updates. TUF helps developers to secure new or existing software update systems, which are often found to be vulnerable to many known attacks.
Notary is one of the industry’s most mature implementations of TUF specification and its Go implementation is used today to provide robust security for container image updates, even in the face of a registry compromise. Notary/TUF provides both a client, and a pair of server applications to host signed metadata and perform limited online signing functions.
Nearly one and a half years ago, Prometheus 1.0 was released into the wild, and marked a significant milestone for the project. With it came a broad set of features that make up Prometheus’ simple yet extremely powerful monitoring philosophy.
Since then the team has added and improved on various service discovery integrations, extended PromQL, and experimented with a first iteration on remote APIs to enable pluggable long-term storage solutions.
But what else has changed to merit a new major release?
Check out the new advanced blog series from Joe Beda (CTO of Heptio and starter of Google Compute Engine, Kubernetes and Google Container Engine). He dives into some of the inner workings of Kubernetes.
Discussed in this opening article are the core moving parts and how they work with each other to make things happen. The general class of systems like Kubernetes is commonly called container orchestration. But orchestration implies there is a central conductor with an up-front plan. However, Joe shares why he thinks this isn’t really a great description of Kubernetes. Instead, he says Kubernetes is more like jazz improv. There is a set of actors that are playing off of each other to coordinate and react…
Introducing the Certified Kubernetes Conformance Program!
The Certified Kubernetes Conformance Program, which ensures Certified Kubernetes™ products deliver consistency and portability, launched recently with 32 Certified Kubernetes Distributions and Platforms now available.
It’s critical to Kubernetes users that their applications run reliably across different Kubernetes environments, and that they can access the new features in a timely manner. To ensure a consistent developer experience across different Kubernetes offerings, the Kubernetes community worked with with CNCF and the Kubernetes community to create the Certified Kubernetes Conformance Program.
After a sold-out show in Berlin last March, KubeCon + CloudNativeCon North America will bring together technologists from thriving open source communities to further the education and adoption of cloud native computing. Maintainers and end users of CNCF’s hosted projects and other cloud native technologists will gather for three days to share insights around this fast growing ecosystem.
Some of this year’s rockstar keynote presenters include:
Sarah Novotny (Google)
Brendan Burns (Microsoft Azure)
Dianne Marsh (Netflix)
Brian Grant (Google)
Chen Goldberg (Google)
Clayton Coleman (Red Hat)
See more of the fantastic lineup linked below and register for the Dec 6-8th KubeCon+CloudNativeCon
before it sells out!
Last Chance to Take the Cloud Native Survey:
$250 gift card and other prizes
A lot has changed in the second half of the year and we would like to hear how you’re evaluating and using Cloud Native technologies in your organization today.
Respondents will be entered into a drawing to receive one of three prizes:
A $250 Amazon Gift Card
Complimentary registration to a CNCF event (of your choosing)
Complimentary Linux Foundation training