Flux7 Blog

This week’s DevOps news round-up features a double-header of news due to the Thanksgiving Holiday in the US. Directly preceding the holiday, 25,000 people gathered virtually to participate in KubeCon 2020. The event illustrated the breadth and depth of enthusiasm for Kubernetes – from mature projects to new product and service announcements, including:

• DataStax releases K8ssandra, a Kubernetes Helm chart that deploys Cassandra while providing DBAs and SREs the ability to scale data on Kubernetes.
• Diamanti adds support for AWS with Diamanti Spektra 3.1 and Ultima data plane services. It also unveiled a new customer portal called Diamanti Central.
• KIOXIA grows its KumoScale storage software functionality to now serve as a container host, providing managed NVMe volumes to storage applications running locally on KumoScale storage nodes. The new capabilities and applications are deployed and managed via a Kubernetes “micro-cluster”.
• Microsoft made several updates to its Azure Kubernetes Service, such as maxSurge which enables faster upgrades, support for Kubernetes 1.19, and new support for the creation of clusters and nodepools with container.
• Red Hat introduces new capabilities for Red Hat Enterprise Linux and Red Hat OpenShift. The added functionality is designed to bring edge computing into hybrid cloud deployments through a remote worker node architecture that will help Open Shift deliver Kubernetes to space-constrained and remote deployments while Enterprise Linux expands to preserve workload independence in smaller physical footprints.
• Trilio announces TrilioVault for Kubernetes v2.0. It includes a new management console and enhanced enterprise-grade Kubernetes backup and restore capabilities.

Ken Schwaber and Jeff Sutherland, co-creators of Scrum, have updated the Scrum Guide, the definitive guide to the Scrum Framework, in honor of the framework’s 25th anniversary.  According to Schwaber, “The 2020 version aims to bring Scrum back to its roots, being a minimally sufficient framework.” Updates include eliminating the concept of separate teams within a team, bringing together everyone as a single Scrum Team and the introduction of the concept of a Product Goal which gives the Scrum Team focus on a large objective.

DevOps News

• The CNCF Security Special Interest Group releases a new Cloud Native Security Whitepaper to address best practices for securing cloud-native deployments. The paper introduces new security guidance and controls for cloud native architectures and addresses core security concepts in cloud native architectures to apply as technology evolves.
• Separately, Amazon, Codefresh, GitHub, Microsoft, and Weaveworks reveal the creation of the GitOps Working Group, an open CNCF community project. The group’s goal is to provide skills and knowledge to implement GitOps tooling and methodologies.
• Red Hat introduces the Ansible Content Collection for Red Hat OpenShift for the automation and management of Red Hat OpenShift clusters. This collection joins other certified content available to subscribers of Red Hat Ansible Automation Platform in the Ansible Automation Hub.
• In other Red Hat news, the company makes Red Hat Ansible Automation Platform 1.2 generally available. In addition to the new Ansible Content Collections, the release adds a new private Automation Hub, a hub for internal automation communities to synchronize and manage their Ansible content and new service catalog integrations.
• GitLab announces GitLab 13.6. A sampling of new features includes:
  • Group level project integration management.
  • Expanded Auto DevOps supports deployments to AWS, enabling operators to deploy to EC2 without Kubernetes.
  • API fuzz testing is now possible with a Postman collection.
  • Severity rating is now viewable with a Full Code Quality Report and Merge Request Widget.
  • Enhanced Code Coverage data for Groups that enables operators to choose projects in a group to see their latest coverage values directly in GitLab.
• Splunk acquires cloud network observability firm Flowmill. The acquisition brings Splunk’s recent purchases to six, as it looks to create the world’s most comprehensive Observability Suite.
• Azure expands its Shared Image Gallery to include features that enable operators to create a Shared Image Gallery image version directly from a VM, create an image version from Disk, copy image versions across shared image galleries, and create managed disks from image versions.

AWS News 

• AWS announces a new managed firewall service, AWS Network Firewall for VPCs. The new service features the ability to deploy and manage stateful inspection, intrusion prevention and detection, and web filtering to protect virtual networks on AWS. According to an announcement, “With AWS Network Firewall, you can implement customized rules to prevent your VPCs from accessing unauthorized domains, to block thousands of known-bad IP addresses, or identify malicious activity using signature-based detection.”
• AWS introduces AWS CloudFormation These building blocks are reusable across CloudFormation templates and operate like a native CloudFormation resource.
• AWS makes Amazon Managed Workflows for Apache Airflow generally available. According to a press release announcement, the new managed service makes it easy for data engineers to execute data processing workflows in the cloud.
• AWS unveils Synchronous Express Workflows for AWS Step Functions. Described by AWS as, “a new way to run Express Workflows to orchestrate AWS services at high-throughput,” the solution enables developers to quickly receive a workflow response without needing to poll additional services or build a custom solution. Use cases include high-volume microservice orchestration and fast compute tasks that communicate via HTTPS.
• AWS releases Attribute-Based Access Control with AWS Single Sign-On giving operators centralized account access management of AWS Single Sign-On and ABAC.
• Amazon adds automatic application discovery to CloudWatch Application Insights. The new feature automatically detects applications and sets up monitoring based on detected apps.
• AWS Step Functions adds Amazon API Gateway to its list of supported services.
• AWS makes the AWS CDK EKS Construct Library available in developer preview and adds support for cdk8s. The AWS CDK module helps operators provision Amazon EKS clusters with IaC best practices.
• AWS Security Hub now integrates with AWS Organizations. The integration enables operators to automatically enable Security Hub and its automated security checks in any account in the organization.
• AWS makes AWS Copilot CLI for Amazon ECS generally available. AWS Copilot CLI helps operators build, release, and operate production-ready containerized applications on Amazon ECS with the Fargate launch type.

Flux7 News

• As teams grow and scale, it becomes extremely crucial from an operations perspective to set up centralized real-time multi-cluster monitoring to detect anomalies early and maintain high availability within and across clusters. The challenge arises as there is a need to extend the monitoring capabilities to clusters deployed across multiple AWS VPCs in production-grade environments. This is more challenging when these VPCs are non-connected.  Read how to address this challenge in our latest blog, How To: Multi-Cluster Monitoring in Amazon EKS.
• In our latest blog, Kritika Agarwal and Artem Kobrin walk readers through the differences between AWS Landing Zones and AWS Control Tower. They share when you may consider migrating from Landing Zones to Control Tower and how you would go about the process. Read how to securely migrate to AWS with the help of its services in their piece, When to Migrate from AWS Landing Zone to AWS Control Tower.

Written by Flux7 Labs

Flux7, an NTT DATA Company, is the only Sherpa on the DevOps journey that assesses, designs, and teaches while implementing a holistic solution for its enterprise customers, thus giving its clients the skills needed to manage and expand on the technology moving forward. Not a reseller or an MSP, Flux7 recommendations are 100% focused on customer requirements and creating the most efficient infrastructure possible that automates operations, streamlines and enhances development, and supports specific business goals.