Article: Equinix boosts Packet’s Tinkerbell open source bare metal provisioning system

Hardware, Materials, Open Manufacturing, Open Source

Equinix boosts Packet’s Tinkerbell open source bare metal provisioning system

Equinix has announced improvements to the Tinkerbell provisioning system it uses for its Equinix Metal bare-metal infrastructure as a service (IaaS) offering.

Equinix Metal, launched in October 2020, uses technology from Packet, which Equinix bought in January 2020. The enterprise colocation giant says that Tinkerbell already provisions thousands of servers per day for Equinix. It now has additional features, some of them with Peter-Pan-inspired names, and has joined the Sandbox program at the Cloud Neutral Computing Foundation (CNCF), the home of Kubernetes and other open source projects for containers and cloud infrastructure.

“Today we announced that Tinkerbell has added a bunch of new features and gained momentum since joining the CNCF sandbox program,” said Zac Smith. managing director of Equinix Metal.

Read Full Article

Article: Open-source, cloud-native projects: 5 key questions to assess risk

Free, Libre, Open Software

Open-source, cloud-native projects: 5 key questions to assess risk

Every time your organization uses any technology, open source or otherwise, you take some risks. Thinking about the risks that open source presents reminds me of an xkcd comic showing how all modern infrastructure is precariously built on a project maintained by a random person in Nebraska. This scenario is actually more common than you might think.

There are ways to look at and address these risks across several categories. By evaluating those risks, you can help make the right business decisions about using and contributing to cloud-native, open-source projects.

Read Full Article

Article: 11 Open Source DevOps Tools We Love For 2021

Free, Libre, Open Software, Open Source

11 Open Source DevOps Tools We Love For 2021

DevOps isn’t just a cultural shift — it requires great tools to come to fruition. Below, we’ve pulled together a list of some of the most well-loved DevOps tools available today. But, throwing loads of money into fancy SaaS solutions can quickly gobble up the cloud budget.

These DevOps tools all are open source, and enable everything from container builds and orchestration to microservices networking, configuration management, CI/CD automation, full-stack monitoring and more. Here are some of our favorite open source DevOps tools for 2021.

Read Full Article

Article: 7 Popular Open Source CI/CD Tools

Free, Libre, Open Software

7 Popular Open Source CI/CD Tools

DevOps is a software development strategy that incorporates agile practices for fast, efficient product creation and release. It focuses on integration of development and operations teams, continuous integration/continuous delivery (CI/CD) and automation of tasks and processes.

Typically, DevOps teams use pipelines to streamline and standardize processes. DevOps pipelines are toolchains that teams can use to automate tasks and provide visibility into the software development life cycle. In this article, we’ll cover seven popular open source CI/CD tools.

Read Full Article

Article: Top 6 Open-Source Networking Projects For a Cloud-Native World

Free, Libre, Open Software, Open Source

Top 6 Open-Source Networking Projects For a Cloud-Native World

With the ever-growing popularity and advantages of cloud and containers, organizations are increasingly adopting cloud-native applications and container-based infrastructure for running their business applications. To efficiently manage cloud infrastructure, networking tools play an important role. Having the right set of networking tools can help the network admin manage and operate the cloud-native apps.  Here are some open-source networking projects network administrators can use for their cloud-native worlds:

  1. Project Calico
  2. Cilium
  3. Envoy
  4. Jaeger
  5. Flannel
  6. Kuma

Read Full Article

Article: Comcast makes waves in open source

Cures, Open Health, Procedures (Medical)

Comcast makes waves in open source

Comcast’s amplified focus on open source projects reached a milestone with word that two projects – Kuberhealthy and Trickster – recently were accepted as “Sandbox” projects by the Cloud Native Computing Foundation (CNCF).

Kuberhealthy, a project created by Comcast’s Eric Greer, was developed to help the operator perform real-time monitoring of the health of its Kubernetes clusters at scale, and to stream that data into a Prometheus dashboard that tracks cloud native applications. Meanwhile, Trickster, created by Comcast’s James Ranson, speeds up how dashboards are rendered to Comcast from Prometheus.

Read Full Article

 

Article: Checkov 2.0 Launches as the First Open-Source Cloud Infrastructure Scanner With Dependency Awareness

Open Infrastructure, Open Source

Checkov 2.0 Launches as the First Open-Source Cloud Infrastructure Scanner With Dependency Awareness

“This release is the most significant update to Checkov since it launched in 2019,” said Matt Johnson, Bridgecrew developer advocate lead at Palo Alto Networks. “Dependency awareness means developers have even more context earlier in the development lifecycle, helping companies around the world better secure their cloud infrastructure.”

According to a recent survey produced by Secure Code Warrior, 70% of organizations recognize the importance of secure coding practices, indicating an industry-wide shift from reaction to prevention and an embrace of DevSecOps. Unlike other static code analysis tools that rely on interim ad hoc modeling, Checkov is now built on a graph-based model that provides an entirely new way of modeling configuration risk in cloud native software composition. That context awareness ensures more relevant and reliable scan results, making it easier for developers to prioritize and understand the impact of identified misconfigurations.

Read Full Article

Article: CyberArk Unveils Open Source Pen Testing Tool for Kubernetes

Code, Open Software, Open Source

CyberArk Unveils Open Source Pen Testing Tool for Kubernetes

CyberArk today launched an open source penetration testing framework, dubbed Kubesploit, for testing Kubernetes environments. Eviatar Gerzi, a cybersecurity researcher at CyberArk Labs, says that as more instances of Kubernetes clusters are deployed in production environments, it’s clear that cybersecurity teams lack the tools required to mimic real-world attack clusters against Kubernetes environments.

Kubesploit makes it possible for so-called red teams to stress-test cybersecurity against a platform that legacy penetration tools don’t support, Gerzi adds.

Read Full Article

Article: Equinix Expanding Capabilities of Its Open Source Bare Metal Automation Platform Tinkerbell

Free, Open Software, Open Source

Equinix Expanding Capabilities of Its Open Source Bare Metal Automation Platform Tinkerbell

More enterprises are said to be taking interest in the platform now that it’s been open sourced as a Cloud Native Computing Foundation project. Here’s a company name you didn’t use to hear in conjunction with open source software release cycles but now increasingly will: Equinix.

When the colocation giant acquired Packet, a bare metal cloud provider, last year, the crown jewel was Packet’s infrastructure automation technology, which made the experience of provisioning bare metal servers similar to that of provisioning VMs in a public cloud.

Read Full Article

Article: Open source cloud platforms and tools to consider

Open Software, Open Source

Open source cloud platforms and tools to consider

Many cloud strategies rely heavily on proprietary platforms and services. There’s no open source equivalent of a public cloud like AWS or Microsoft Azure, for instance, and it is unlikely that major public cloud vendors will open source their own services. However, there is a variety of open source cloud computing platforms, as well as tools, available.

Open source technologies provide more flexibility and less dependence on proprietary platforms, as well as cost savings. With open source, developers can inspect and modify the source code to fit their needs and requirements.

Read Full Article