Mike Melanson

Author Archives: Mike Melanson

Buoyant Cloud Beta Brings Simplified Linkerd

Network software provider Linkerd service mesh, has launched the public beta of William Morgan emphasizes that operational simplicity has always been a focus, he says that they expect Buoyant Cloud to take that one step further. “We want to take the operational burden off of the shoulders of whoever is bringing Linkerd into their organization. We want to handle that for you,” he said. “We want to carry the pager for you, we want to make it so that running Linkerd in production is a trivial task. This falls right in line with everything we’ve been doing with Linkerd since the very beginning — our focus has been really heavily on operational simplicity and on making it so that when you operate Linkerd, you’re not in this horrendous situation where you need to hire a team of experts just to maintain your service mesh. With Buoyant Cloud, we have the opportunity to take on a lot of those operational tasks for you, and make it so you get all Continue reading

Upbound Universal Crossplane Wants to Replace Infrastructure as Code

Crossplane, has created what it says is the first enterprise distribution of Crossplane called Bassam Tabbara, Upbound founder and CEO, in an interview. Crossplane “becomes your universal control plane that you could use, using the same style that the Kubernetes community pioneered, to manage essentially all the infrastructure that an enterprise touches from a single control plane.” UXP, then, is an open source, vendor-supported, enterprise-grade distribution of Crossplane that also adds on a layer of 24/7 support, priority bug fixes, and consultation with a subscription. UXP is available free for individual users and by subscription for larger deployments, and is a drop-in replacement for Crossplane that installs with a single command. Tabbara noted that UXP is “vendor-supported, not community-supported,” in that Upbound will “help enterprises deploy it, support it, and give them a number of features that makes it easier for them to deploy and manage it in their environment.” As a long-term supported project, UXP also lags behind Crossplane upstream to ensure reliability, and Upbound describes UXP  as “designed to help enterprises adopt a universal control plane, moving beyond infrastructure as code,” in a press statement. In the case of UXP, Crossplane is further extended with its integration with both Upbound Cloud and Upbound Registry, both of which became generally available at the same time as the release of UXP. Upbound Cloud provides teams with visibility into their UXP instances and the infrastructure being managed, giving them a place to see what is running where, and by who it was provisioned. Upbound Registry then provides a place to both publicly and privately share Crossplane Configurations, and for providers to share managed resources. “With UXB, with Upbound Cloud and Upbound Registry, we believe we have a set of products now that can actually take this approach of using control planes in the enterprise and turn it into essentially a new way of managing infrastructure,” Tabbara said. “We see this with existing customers today, maybe even replacing a lot of what they do today with tools like Terraform and infrastructure-as-code approaches and going more towards a control plane approach, or even gitOps on top of a control plane.” The big difference Tabbara sees in all of this is that, by taking the API-driven approach rather than relying on templates, as with infrastructure as code, Crossplane and UXP can deliver a more scalable experience to managing infrastructure across large and varied environments. He explained that part of the appeal of Crossplane lies in the fact that teams can use the same Kubernetes-based tools and approaches that they are already using to deploy software to provision and manage infrastructure. Sponsor Note LaunchDarkly is a feature management platform that empowers all teams to safely deliver and control software through feature flags. By separating code deployments from feature releases, LaunchDarkly enables you to deploy faster, reduce risk, and iterate continuously. “If you are using Helm, or kustomize, or if you’re using literally any of the tools that people are deploying and love and use today with Kubernetes, as a container orchestrator, those tools work exactly in the same way,” said Tabbara. “When you’re using Kubernetes plus Crossplane to manage the rest of the cloud infrastructure and deployments across clouds and hybrid clouds, those tools work exactly in the same way. They are using Crossplane APIs that are extensions of Kubernetes extensions of the Kubernetes control plane.” Following the most recent KubeCon+CloudNativeCon, there were some

Linkerd Goes on a Diet with Opt-In Extensions

Buoyant has released version 2.10 of William Morgan, CEO of Linkerd, in an interview. “An extension is basically a Kubernetes controller or operator. We’re relying as much as possible on Kubernetes primitives, but what we are doing is, there’s a little bit of wrapper magic that happens that makes those extensions feel like the rest of Linkerd.” Among those formerly-default features now being offered as extensions are the multicluster extension, which contains cross-cluster communications tools, the

Solo.io Launches Gloo Mesh Enterprise to General Availability

After a couple of years in development and just released Gloo Mesh Enterprise service mesh to general availability this month, marking API stability and a slate of new features, built in response to customer feedback during the beta period. Gloo Mesh Enterprise is the company’s enterprise-grade, Kubernetes-native solution to help organizations install and manage Istio service mesh deployments. While Gloo Mesh Enterprise may just now be reaching this milestone, Idit Levine speaks of massive, unnamed customers already using the product in production, in deployments spanning more than 40 data centers, and 1,200 clusters and Istio service mesh instances. “When you’re running with that scale, there are a lot of things that you need to do. This is exactly what Gloo Mesh is for. Gloo Mesh is basically saying, ‘crawl, walk, run, fly.'” said Levine, referring to the product’s ability to help not only with the initial steps of service mesh adoption and installation but also the day two operations and added capabilities to handle complex multicluster, multicloud, multiregion deployments. To start (or “crawl”), Gloo Mesh Enterprise provides Federal Information Processing Standards (FIPS) compliance and long-term support for Istio Continue reading

HAProxy Kubernetes Ingress Controller Moves Outside the Cluster

The HAProxy Kubernetes Ingress Controller 1.5. With the introduction of features around different types of authentication, configuration, and the ability to run the controller external to a Kubernetes cluster, the release marks a new release cadence for the software, said HAProxy director of product

Kubernetes IDE Lens Adds an API for Cloud Native Extensions

Lens, the integrated development environment (IDE) for Kubernetes, has seen some rapid growth in the past year, ever since it made some changes to its deployment model and found the backing of Mirantis, that company that in 2019 acquired Docker. At this month’s launched an extensions API alongside several pre-built extensions from popular cloud native products, which

Kyverno, a New CNCF Sandbox Project, Offers Kubernetes-Native Policy Management

Kyverno, the open source Kubernetes-native policy engine built by Cloud Native Computing Foundation (CNCF) this week at the sandbox level. The development team hopes the software will help adoption of Kubernetes policies, by providing a method for doing so with native tools and languages, rather than requiring users to learn and adopt new ones. kubectl, kustomize. Bugwadia explained that, by contrast, cert-manager, another new CNCF sandbox project, which Bugwadia said has expressed interest in using Kyverno for policies for certificate management. Joining the CNCF, he said, leads to those forms of collaboration, which we would not have been able to do otherwise. The Cloud Native Computing Foundation and KubeCon+CloudNativeCon are sponsors of The New Stack.  Feature image by Pixabay. The post Kyverno, a New CNCF Sandbox Project, Offers Kubernetes-Native Policy Management appeared first on The New Stack.

Linkerd Adds Default mTLS to Kubernetes to Enable Zero Trust

Linkerd, the open source service mesh, has been updated with a number of new features, including support for the ARM architecture, a new multicore proxy runtime, and the automatic enabling of mutual TLS (mTLS) security for all TCP connections. Buoyant, the company behind AWS Graviton, and support for Kubernetes’s new service topology feature will again increase operating efficiency with the ability to decide routing preferences. A complete rundown of Linkerd improvements, performance enhancements, and bug fixes can be found in the Ralf Skirr on 

NGINX Steps into the Service Mesh Fray Promising a Simpler Alternative

Earlier this month, NGINX NGINX Service Mesh (NSM), a free and open source service mesh that uses NGINX proxy, to power its data plane. While many service meshes are built from entirely open source components, NGINX Vice President of Marketing Aspen Mesh, the more advanced, Istio-based service mesh built by its now-parent company Service Mesh Interface (SMI) is not supported, but it is on the roadmap, and the NGINX Unit to “introduce something that’s a little bit different and more novel to advance the industry dialogue.” “We think there’s an option in the future to have a sidecar-less service mesh, where you’re not injecting sidecars in each service,” said Whitely. “Instead, you load your code, and you execute it, and the default runtime environment that’s executing your code has all the built-in proxying capabilities needed to handle east-west. It would take things down from a two container to one container kind of model.” Feature image by Unsplash. The post NGINX Steps into the Service Mesh Fray Promising a Simpler Alternative appeared first on The New Stack.

Gloo Federation Brings Unified Control Plane, Stitchable APIs Across Multicluster Deployments

For enterprises operating at scale and requiring high availability, ensuring failover at the Kubernetes node level simply isn’t enough. Instead, many are operating in a multicluster environment, ensuring that even if something fails at the cluster level their applications will remain operational. For companies also running API gateway and ingress controller, this multicluster environment had become a pain point, as each cluster would require its own Gloo deployment, which in turn meant configuration, management, and control plane. In response, Solo.io has launched Idit Levine. With federation, Levine said, not only is Gloo able Continue reading

Google’s Management of Istio Raises Questions in the Cloud Native Community

When the proposed to be included in the still v.02, had only been around less than six months, and yet it aimed to skip the entry-level most young projects enter at and instead applied for inclusion at the secondary incubation tier. While the project was founded primarily by Google and IBM, and boasted numerous other contributors such as Yahoo, Apprenda, Concur, and AT&T, it was met with skepticism — it was so new, it didn’t really have adoption to speak of quite yet, and there were some Solo.io CEO

Contour Ingress Controller Joins CNCF at Incubation Level

The open source Envoy proxy, joined the Cloud Native Computing Foundation (CNCF) as an incubation level project, skipping over the traditional sandbox level entry point. The project, originally developed in 2017 at Heptio before the company’s acquisition by VMware, displayed a level of usage in the field, support in the community and activity in its ecosystem that warranted skipping the sandbox, said

Cisco Previews Managed HyperFlex Application Platform for Kubernetes

AppDynamics Customer Journey Map, HyperFlex Application Platform for Kubernetes, and it has said that all three are expected to be generally available sometime within the next few months. The first two products are meant to provide insight into and optimization of application performance, and even target business metrics such as cost. The HyperFlex Application Platform for Kubernetes, meanwhile, is Cisco’s new managed Kubernetes product, which will not only provide a “turnkey” Kubernetes platform, but also a number of other managed services, including container networking, container storage, ingress and L7 load balancer, logging, monitoring, a container registry, and service mesh. Gerd Altmann from 

Apstra’s Intent-Based Networking Brings Enterprises to Cloud Parity

For some companies, things like cloud native deployments on Kubernetes with microservices is a given. For others, those technologies comprise a still distant future, and contemporary complexities include the stuff of network switches, proprietary, vendor-specific configurations, and on-prem networks that require manual operations to manage. For companies in the latter category, intent-based networking (IBN), which means to replace the manual processes of configuring networks and reacting to network issues with a system that responds to a system administrator’s outcome-focused requests. Apstra has been in the business of delivering intent-based networking since 2014, emerging from stealth in 2016. Apstra CEO and co-founder SONiC network operating system, which is based on Linux and is meant to run on switches from various vendors. Much like Apstra’s initial intention of providing a singular, automated entry point to manage a variety of different network components, SONiC provides “a full-suite of network functionality, like BGP and RDMA” that functions regardless of proprietary hardware. Feature image by Pixabay. The post Apstra’s Intent-Based Networking Brings Enterprises to Cloud Parity appeared first on The New Stack.

Snapt Launches Project Nova, a Scalable Cloud Native Application Delivery Controller

Application delivery controller provider Project Nova, a cloud native, hosted ADC service that is managed from a browser. Nova is a response to customers using their existing ADC device in a manner that was never intended, Snapt CEO request access, with a community edition providing free access for up to five deployed nodes. At launch, Project Nova provides support for native service discovery on Kubernetes, Docker, Rancher, Consul and more, as well as full-automation with a REST API. Blakey says they expect Project Nova’s beta to be available by mid-November and a full integration with service meshes by mid-December, with ” the real idea to be this app delivery fabric, which just takes responsibility for the delivery of your app across whatever infrastructure you’re running in.” General availability, he says, is expected by early 2020. Feature image

Containous Builds a Service Mesh on Its Traefik Proxy

Traefik and Maesh, a new open source service mesh, one designed to be easy to use by developers. Maesh is built using Traefik to provide proxy functionality, which Containous CEO Service Mesh Interface (SMI) compliance. “This is really important because this standard means that everybody knows already how we work. And it’s provider agnostic, so if you want to change your service mesh, it can be done easily,” said Vauge. “This means that we are able to provide some observability features, some traffic management features like canary deployments, and some safety features like access control, which is super important. All of this is done thanks to the compliance to the SMI standard.” Feature image by Pixabay. The post Containous Builds a Service Mesh on Its Traefik Proxy appeared first on The New Stack.