Get the highlights in your inbox every week.
Kubernetes literally everywhere, smoking hot Java, and more industry trends | Opensource.com
Kubernetes literally everywhere, smoking hot Java, and more industry trends
A weekly look at open source community and industry trends.
As part of my role as a senior product marketing manager at an enterprise software company with an open source development model, I publish a regular update about open source community, market, and industry trends for product marketers, managers, and other influencers. Here are five of my and their favorite articles from that update.
Google and Red Hat remain the two largest individual sources of code for the project, but CNCF Director Dan Kohn explained that their commitment share has dropped from 83% of the code committed before CNCF adopted the project in 2016, to 35% today. “This is an important metric for us to show,” Kohn explained. “We have a lot of insight like that, which shows a healthy development ecosystem.”
The impact: There is a magic metric that is used to gauge the health of open source projects; the less code committed by a single entity, the healthier the project. Seeing the contributions from the biggest contributors drop below half in just three years is both a sign of robustness and (I think) completely unheard of.
[T]here are downfalls for both containers and VMs. Both have their own use cases and orchestration tools. OpenStack and Kubernetes will complement each other if properly combined to run some of the workloads in VMs to get isolation benefits within a server and some are in containers. One way to achieve this combination is to run Kubernetes clusters within VMs in OpenStack, which eliminates the security pitfalls of containers while leveraging the reliability and resiliency of VMs.
The impact: Both Kubernetes and OpenStack represent huge concentrations of innovation (and invested resources). The promise of open source is that you can pick and choose the innovation that is right for your use case, a promise that is well demonstrated here.
The Java platform is a robust platform that promotes many solutions, but to me, the best part of the Java world is the community, which is very strong and hard-working. The Java community has promoted many actions and initiatives that have boosted the Java platform and promoted solutions to bring Java closer to a cloud-native application approach, which many people refer to as cloud-native Java.
The impact: The ongoing Java renaissance is a prime example of why you should never right off something just because it has been around for a long time. The challenges that people have been using Java to overcome for years have not gone away, nor have the innovators in the community given up.
Raghunath begins the discussion by outlining her first contribution, and although it initially appeared to be an intimidating experience her fears were eased by her interactions with the community. She also talks about the organization of the community, and outlined some of the tools in the contributors aresenal with a key goal of enabling a better understanding to the reader of how and where to contribute.
The impact: Despite the massive growth of Kubernetes over the past 3 years, we're still at the "ground floor"; anyone looking to kick start a career in open source or transition to a technology with massive growth ahead of it would do well to get a couple of Kubernetes contribution to their name.
Current approaches in cloud computing address data at rest and in transit — but encrypting data-in-use is considered the third and possibly most challenging step to providing a fully encrypted lifecycle for sensitive data. Confidential computing will enable encrypted data to be processed in memory without exposing it to the rest of the system and reduce exposure for sensitive data and so, it is claimed, this will provide greater control and transparency for users.
The impact: The spate of side-channel attacks and seemingly increasing capabilities of and resources available to malicious actors have raised the urgency of putting better computer security infrastructure in place. That's both technology, like the Open Enclave SDK, and governance, like the Confidential Computing Consortium (a collaboration between companies that clearly shows how the misery of security threats "acquaints a man with strange bed-fellows").
I hope you enjoyed this list of what stood out to me from last week and come back next Monday for more open source community, market, and industry trends.