Cloud Native weekly highlights:

  • Chaos Mesh has been upgraded to CNCF incubation project
  • A security vulnerability was found in the Zabbix Web Frontend
  • The Rust Survey is released in 2021
  • Sysdig 2022 Cloud Native Security and Usage Report released
  • Solo has released the open source project Bumblebee
  • Open Source Project Recommendation
  • The article recommended

Cloud native dynamics

Chaos Mesh has been upgraded to CNCF incubation project

Recently, THE CNCF Technology Oversight Committee (TOC) has voted to accept Chaos Mesh as an incubator project for CNCF.

Chaos Mesh was originally created as a test platform for TiDB, an open source distributed database. It is a versatile Chaos engineering platform that orchestrates Chaos experiments in Kubernetes environments. By helping to identify potential points of failure, it helps ensure that the Kubernetes infrastructure can withstand unexpected outages.

Since being accepted by CNCF Sandbox in July 2020, Chaos Mesh has been implemented in two major versions (V1.0 and V2.0) and 30 minor versions, bringing significant improvements in observability, functionality and security.

A security vulnerability was found in the Zabbix Web Frontend

Two vulnerabilities in Zabbix, an open source monitoring platform, could allow an attacker to bypass authentication and execute arbitrary code on the target server.

The security holes were discovered in the Zabbix Web Frontend, a platform for collection and centralization. And tracks indicators such as CPU load and network traffic throughout the infrastructure.

The SonarSource researchers who discovered the vulnerabilities noted that Zabbix was a high-profile target for threat participants because of its popularity, functionality and “privileged position in most corporate networks.”

The Rust Survey is released in 2021

The 2021 Rust Survey analysis report is out. The survey was conducted in December 2021 and received responses from a total of 9,354 respondents from 113 different countries and regions around the world.

The survey results show that the percentage of Rust users is still rising. Of those who use Rust, 81 percent use it at least once a week, up from 72 percent in last year’s survey.

As for why respondents use Rust at work, the most important answer is that it allows users to “build software that is relatively correct and error-free,” which 96% of respondents agreed with.

Sysdig 2022 Cloud Native Security and Usage Report released

The 5th annual Sysdig 2022 Cloud Native Security and Usage Report has been released. The report provides insight into how Sysdig customers of all sizes and industries use and protect cloud and container environments. This year’s report has new data on cloud security, container vulnerabilities, and Kubernetes capacity planning. Can be downloaded directly to read.

Solo releases open source project Bumblebee: Build, deliver, run eBPF tools

Solo has released an open source project, BumblebeeBumbleBee, which focuses on simplifying the user experience of building eBPF tools. BumbleBee helps build, run, and distribute eBPF programs using OCI images. It helps users focus on writing eBPF code while working with user-space components that automatically expose users’ data as metrics or logs.

BumbleBee brings a Docker-like experience to automate key steps in the process. Bumblebee specializes in packaging, distributing, and automatically generating user-space code for any eBPF program.

Open Source Project Recommendation

Undock

Undock is a CLI tool that mounts container images to a local directory. If you want to use container images to hold media like RPM packages and then extract them from your local machine with a single command, Undock is great. Such as:

$undock --rm-dist crazymax/buildx-pkg:latest./dist./dist ├─ Docker-buildx-0.7.0 ~53- GB265f1cf. M-centos7.x86_64.rpm ├ ─ ─ docker buildx - 0.7.0 ~ 53 - gb265f1cf. M - centos8 x86_64. RPM ├ ─ ─ docker buildx - 0.7.0 ~ 53 - gb265f1cf. M - fedora33 x86_64. RPM ├ ─ ─ Docker buildx - 0.7.0 ~ 53 - gb265f1cf. M - fedora34 x86_64. RPM ├ ─ ─ docker buildx - 0.7.0 ~ 53 - gb265f1cf. M - fedora35 x86_64. RPM ├ ─ ─ Docker buildx - 0.7.0 ~ 53 - gb265f1cf. M - ol8 x86_64. RPM ├ ─ ─ docker buildx - 0.7.0 ~ 53 - gb265f1cf. M - rhel7 x86_64. RPM ├ ─ ─ Docker buildx - 0.7.0 ~ 53 - gb265f1cf. M - rocky8 x86_64. RPM ├ ─ ─ docker - buildx_0. 7.0 - r0 ~ 53 - gb265f1cf. M_x86_64. The apk ├ ─ ─ Docker - buildx_0. 7.0 ~ 53 - gb265f1cf. M - debian10_amd64. Deb ├ ─ ─ docker - buildx_0. 7.0 ~ 53 - gb265f1cf. M - debian11_amd64. Deb ├ ─ ─ Docker - buildx_0. 7.0 ~ 53 - gb265f1cf. M - raspbian10_amd64. Deb ├ ─ ─ docker - buildx_0. 7.0 ~ 53 - gb265f1cf. M - raspbian11_amd64. Deb ├ ─ ─ Docker - buildx_0. 7.0 ~ 53 - gb265f1cf. M - ubuntu1804_amd64. Deb ├ ─ ─ docker - buildx_0. 7.0 ~ 53 - gb265f1cf. M - ubuntu2004_amd64. Deb ├ ─ ─ Docker - buildx_0. 7.0 ~ 53 - gb265f1cf. M - ubuntu2104_amd64. Deb └ ─ ─ docker - buildx_0. 7.0 ~ 53 - gb265f1cf. M - ubuntu2110_amd64. DebCopy the code

ebpfmanager

Ebpfmanager is a pure GO EBPF management package based on Cilium/EBPF. It implements configuration and automatic loading. It is more object-oriented and supports tail call, MapSpec, Constant replacement and other configuration items. Moreover, the start-stop control function of Probe particles is realized.

porter.io

Porter. IO is an app that sends email notifications based on Github’s recommendation of relevant articles. You can find many valuable articles by subscribing to your notifications.

Sha256algorithm

This project allows you to intuitively understand the principle of SHA256 algorithm through visualization.

The article recommended

Event-driven elastic scaling

KEDA extends Kubernetes’ capabilities by integrating and managing external resources. It allows you to automatically extend Kubernetes applications based on data inside and outside the system. KEDA removes the limitation that you cannot run more than one adapter in a cluster and can also scale the number of instances of your workload to zero.

Is NeuVector the next big thing in cloud native security?

A recent article “SUSE Launches NeuVector: The industry’s first Open Source container security platform” was republished on major IT news sites. As a new member of the SUSE family, it’s amazing to have fulfilled the open source commitment after 3 months. So what is it about NeuVector that SUSE likes? And compare the open source security products of various security vendors and what are the breakthroughs? This article briefly examines NeuVector from a SecDevOps perspective.

This article is published by OpenWrite!