News Roundup From KubeCon Europe 2022

The Cloud Native Computing Foundation is a vendor-neutral organization working to promote cloud-native computing. They hold annual events the world over to help companies improve their applications and streamline their workflows using the latest cloud computing tech. The dust has settled and their most recent event, KubeCon/CloudNativeCon2022 in Valencia, has ended. The event was wildly successful and there was a wide range of exciting announcements made there.  

Below is a list of just a few of the announcements from the show.  

The Linux Foundation Initiates “World of Open Source” Research Series 

The initiative will be championed by LF Research in collaboration with several European distribution and research partners. They held several meetings including a birds of a feather meeting entitled “Supporting the Flourishing European Open Source Ecosystem” on the 19th of May, hosted by Gabriele Columbro (Executive Director of FINOS), Hilary Carter (VP, Linux Foundation Research), Astor Nummelin Carlberg (CEO, OpenForum Europe), and Matthew Dunderdale (Delivery Principal, Scott Logic).

As stated in the full article, "The Linux Foundation Initiates 'World of Open Source' Research Series:" “The World of Open Source series will explore the state of open source from a global perspective, focusing on government, enterprise, and non-profit initiatives. The research initiative kicks off on Wednesday, 18 May with a 'World of Open Source: 2022 Europe Spotlight' survey.” 

Service Meshes Are on the Rise – But Greater Understanding and Experience Are Required   

As outlined in "Service Meshes Are on the Rise – But Greater Understanding and Experience Are Required," the CNCF conducted a survey of the cloud-native community to discover how organizations adopt service meshes. The survey results showed that the rate of adoption is high, but that there are common problems. They released a detailed report with their results ahead of the convention.   

• “Cloud-native is driving digital transformation, but as more applications and services are deployed using a diverse technology stack, it has become challenging to deliver and manage performance and availability. A service mesh provides an answer, creating a dedicated layer that handles service-to-service communications, ensuring consistency and reliability of services, security, and observability.” 
• "According to the CNCF, of the 253 survey respondents, 70% run a service mesh in production or development, and 19% are evaluating one."

Introducing Envoy Gateway  

Envoy announced Envoy Gateway, a new member of the Envoy Proxy family aimed at significantly decreasing the barrier to entry when using Envoy for north-south use cases. Envoy Gateway can be thought of as a wrapper around the Envoy Proxy core. It will provide the following functionalities (excerpts below from "Introducing Envoy Gateway"): 

• “A simplified API for the gateway use case: The API will be the Kubernetes Gateway API with some Envoy-specific extensions. This API was chosen because deployment on Kubernetes as an ingress controller is the initial focus for the project and because the API has broad industry buy-in.” 

• “A 'batteries included' experience that will enable users to get up and running as fast as possible: This includes lifecycle management functionality that provisions controller resources, control plane resources, proxy instances, etc.”

• “An extensible API surface: While the project will aim to make common API gateway functionality available out of the box (e.g., rate limiting, authentication, Let’s Encrypt integration, etc.), vendors will be able to provide SaaS versions of all APIs, provide additional APIs and value-added functionality such as WAF, enhanced observability, chaos engineering, etc.” 

• “High-quality documentation and getting started guides: Our primary goal with Envoy Gateway is to make the most common gateway use cases trivial to stand up for the average user.” 

New Training Course Explores Ethics in Open Source Development  

As stated in the full announcement, "New Training Course Explores Ethics in Open Source Development," Linux Foundation Training & Certification has partnered with the Cloud Native Computing Foundation (CNCF) and Ethical Intelligence to develop a free online training course, “Ethics in Open Source Development”. The course is designed for: 

1. Product managers who want to learn how to effectively incorporate ethics-by-design techniques into their workflows 

2. Developers who want to apply ethics through critical thinking techniques and proven mental frameworks  

The goal is to encourage these parties to think about the ethical implications of their creations. They will learn how to consider things like how malicious actors might misuse a piece of software (or hardware) and even how to consider the way algorithms treat different groups of people.  

SPIRE Now Runs on Windows

SPIRE has been available and thriving on Linux platforms for years. Windows support is being introduced incrementally starting in SPIRE 1.3.0, but only as an experimental feature now. No one wants to rush into things because it stands to reason that complications will arise as they continue to work with the Windows platform.  The following excerpts are from "SPIRE now runs on Windows!":

• "The 1.3.0 release adds support for both SPIRE Server and Agent on Windows. All of the existing plugins will also work. A Windows-specific workload attestor has been added as well. This will provide Windows-specific attributes to Windows Workloads. "
• “One guiding principle of the SPIRE project is to strive for ease-of-use and intuitive configuration. With that in mind, running SPIRE on Windows feels very similar to running it on Linux. Configuration differences are limited to areas where platform-specific features are in use (e.g. Unix Domain Sockets, named pipes, etc.).”  

Announcing the Refreshed Cloud-Native Security Whitepaper  

The following excerpts are taken from the full announcement:

• "The CNCF Security Technical Advisory Group (TAG) has just released an updated Cloud-Native Security Whitepaper v2 to help educate the community about best practices for securing cloud-native deployments."
• "The white paper intends to provide organizations and their leaders with a clear perspective of cloud-native security, how it incorporates into lifecycle processes, and considerations for determining how standards like NIST SSDF apply. An update was definitely due as the last white paper on the subject was released in 2020. The first version of the white paper can be found here."
• “In the past 18 months, the security industry and our group has evolved with attacks on supply chain and ransomware in the limelight. We received excellent feedback on improvements to the first version of the paper as part of a months-long retrospective process. Our group has also grown with multiple supplementary material like Secure Supply Chain Security Whitepaper, Cloud Native Security Map and Lexicon published since the first version of this paper. As a sign of the vibrant community, just like the first version, the people across the community brought their passion, skill sets, and expertise to address end-user feedback and growing pains in the Cloud Native Security space” said TAG Security Tech Lead Pushkar Joglekar.   

Prometheus Certification Will Demonstrate the Ability to Monitor Cloud-Native Applications and Infrastructure 

As stated in the full announcement, "Prometheus Associate Certification will Demonstrate Ability to Monitor Infrastructure,":

• "The Cloud Native Computing Foundation® (CNCF®) and The Linux Foundation announced the new Prometheus Certified Associate (PCA) exam. The PCA is a pre-professional certification designed for engineers or application developers with special interests in monitoring within the Prometheus ecosystem."
• "The PCA has been modeled after Kubernetes certifications like KCNA, CKA, and CKAD. It is intended for candidates who have either: Passed those certifications, completed Prometheus-specific training, or completed a Cloud Engineer Bootcamp." The test will be available later this year, but it is already in Beta.  

CNCF Launches Cloud Native Network Function Certification Program  

The Cloud Native Computing Foundation® (CNCF®) announced the Cloud Native Network Function (CNF) Certification Program. As stated in the full announcement, "This is a certification program designed to help Communication Service Providers and other telecom organizations to identify which TEPs follow cloud-native best practices."

“Moving to cloud-native infrastructures has long been difficult for telecom providers who have transitioned to VNFs and found themselves with siloed resources and specialized solutions not built for the cloud. The CNF Certification program is designed to fill this gap by creating solutions optimized for cloud-native environments. Some of the world’s largest telecom organizations, including Huawei, Nokia, T-Mobile, and Vodafone, already use Kubernetes and other cloud-native technologies, and this program will make it easier for others to do the same.”  - Priyanka Sharma, executive director of the Cloud Native Computing Foundation. 

Keep your eyes out for more cloud-native updates!