InfoQ Homepage DevOps Content on InfoQ
-
Log Analytics Feature in Cloud Logging Now Generally Available
Google recently made its Cloud Logging Log Analytics feature generally available (GA), allowing users to search, aggregate, and transform all log data types, including application, network, and audit logs.
-
Java News Roundup: Payara Platform, Liberica JDK Updates, JobRunr 6.0 Milestones
This week's Java roundup for January 16th, 2023, features news from JDK 20, JDK 21, Spring Cloud Gateway 4.0, Spring Boot 3.0.2 and 2.7.8, Spring Modulith 0.3, Liberica JDK versions 19.0.2, 17.0.6, 11.0.18 and 8u362, Payara Platform, Micronaut 3.8.2, WildFly 26.1.3, TomEE 8.0.14, first three milestone releases of Job Runr 6.0 and Gradle 8.0-RC2.
-
Kubernetes Report Finds Increase in Poorly Configured Workloads
Fairwinds, a provider of Kubernetes software, has released their Kubernetes Benchmark Report 2023. The report shows an overall trend of worsening configuration issues across the surveyed organizations. This includes increases in organizations running workloads allowing root access, workloads without memory limits set, and workloads impacted by image vulnerabilities.
-
State of DevOps Report Finds Platform Teams Lacking Product Management Support
Puppet released the 2023 State of DevOps Report with a focus on Platform Engineering. The report found that organizations with platform engineering teams report increased developer velocity, improvements in system reliability, greater productivity, and better workflow standards. Organizations still need to work on adopting a product mindset with the platform teams.
-
Git 2.39.1 Fixes Two Critical Remote Code Execution Vulnerabilities
Two vulnerabilities affecting Git's commit log formatting and .gitattributes parsing in Git versions up to and including Git 2.39 have been recently patched. Both may lead to remote code execution, so users are required to upgrade immediately to Git 2.39.1.
-
Grafana Adds Outlier Detection to Its Machine Learning Toolkit
Grafana has released outlier detection as part of their Grafana Machine Learning toolkit. Outlier detection can be used to monitor a group of similar things and be alerted when some of them start to behave differently than the norm.
-
GitHub Introduces go-gh to Simplify the Creation of GitHub CLI Extensions
Introduced in GitHub CLI 2.0, extensions allow developers to add new features by writing small Go programs. To make it easier to create extensions, GitHub is now releasing a new library, go-gh. Additionally, the latest version of GitHub CLI introduces two new commands to search and browse the catalog of available extensions.
-
Sigstore Releases Python Client
Sigstore has announced the 1.0 stable release of sigstore-python, a Python-based Sigstore-compatible client. The client provides a CLI as well as an importable Python API. It is able to sign and verify with any Sigstore-supported identity and has ambient identity detection for supported environments.
-
Java News Roundup: MicroProfile 6.0, Kotlin 1.8, Spring Framework Updates
This week's Java roundup for January 9th, 2023, features news from JDK 20, JDK 21, Spring Framework 6.0.4 and 5.3.25, Spring Data 2022.0.1 and 2021.2.7, Spring Shell 2.1.5 and 3.0.0-RC1, MicroProfile 6.0, Quarkus 2.15.3, Micronaut 3.8.1, Micrometer Metrics 1.10.3, Micrometer Tracing 1.0.1, Project Reactor 2022.0.2, Piranha 23.1.0, Apache Tomcat 9.0.71, JHipster Lite 0.26.0 and Kotlin 1.8.0.
-
Critical Control Web Panel Vulnerability Still Under Exploit Months After Patch Available
A 9.8 severity vulnerability in Control Web Panel, previously known as CentOS Web Panel, allows an attacker to remotely execute arbitrary shell commands through a very simple mechanism. Although readily patched, security organizations are reporting it is under active exploit.
-
Cloudflare DDoS Report Finds Increase in Attack Volume and Duration
Cloudflare released its Distributed Denial of Service (DDoS) Threat Report for the fourth quarter of 2022. The report covers the DDoS attack landscape as detected by the Cloudflare network. HTTP DDoS attacks increased 79% year-over-year with ransom DDoS attacks seeing an increase as well. The report found that longer attacks are increasing especially with network-layer DDoS attacks.
-
Google Storage Transfer Service Now Supports Serverless Real-Time Replication Capability
Recently Google announced the preview support for event-driven transfer capability for its Storage Transfer Service (STS), which allows users to move data from AWS S3 to Cloud Storage and copy data between multiple Cloud Storage buckets.
-
Prometheus Adds Long Term Support Model and Improved Remote Write Mode
Prometheus, the open-source monitoring tool, has added a number of new features including a reduced functionality remote write mode. Additional improvements include a new HTTP service discovery mechanism, native histogram support, additional integrations for Alertmanager, and a new long-term support model.
-
Internal Platform Framework Kratix Releases Community Marketplace
Kratix, an open-source framework for building internal platforms, has released a marketplace of community-provided Promises. Within Kratix, Promises represent components curated by the platform team that application teams can request. The Kratix Marketplace is open for submissions from the community.
-
Amazon S3 Encrypts All New Objects with AES-256
Since January 5th, Amazon S3 encrypts all new objects by default with AES-256 to protect data at rest. S3 automatically applies server-side encryption using Amazon S3-managed keys for each new object, unless a different encryption option is specified.