As part of my role as a principal communication strategist at an enterprise software company with an open source development model, I publish a regular update about open source community, market, and industry trends. Here are some of my and their favorite articles from that update.
Whether you're running Windows Server, Linux, NetBSD, whatever on your mission-critical systems, if you utterly fail at security, it doesn't matter how "secure" your operating system is. It's like leaving your car keys in an unlocked car, your system will be hacked, your car will be stolen.
The impact: I worry a bit about the organizations at the size that comes before "can afford fulltime expert IT" where you might find someone who likes computers taking on that responsibility by default. If that sounds like you or your organization, get that person some training!
The first virtual KubeCon + CloudNativeCon just wrapped up and it was a huge success thanks to our amazing community of doers – builders, operators and advocates. We are so thrilled that the cloud native community came together with hope and positivity to make this a truly community-driven event we will remember for a long time. We may not have been able to meet in person this year but we are indomitable!
The impact: These virtual experiences keep getting better and adding to the state of the art; running them requires important muscles that have until this point gone underused. Whatever else happens as the pandemic progresses, I hope we get a sense of "if we really think hard about it, we can build powerful bonds within our communities without airfares and hotel rooms." It doesn't have to be the same as sharing a beer to be impactful.
Istio 1.7: Security improvements take centre stage as users continue to speculate about the service mesh’s future
Lately, Istio has been anything but boring, especially after originator Google came into some criticism for handing the project’s trademarks over to its recently founded Open Usage Commons. The step led to some turmoil, raising questions about how neutral OUC really was as well as basically smothering the hopes of those who had wished for Istio to become a CNCF project one day. According to IBM, a founding member of the project, there had actually been an “agreement” to do so with Google, which only seems sensible, given that the Envoy proxy, which is central to Istio, has found a vendor-neutral home at the organisation.
The impact: My guess is that the project has enough adoption and functionality leading over competitive projects that it would take some truly dastardly governance to blow it.
This article describes the framework’s ability to onboard the mainframe to enterprise DevOps, so developers, systems programmers and others who work with the mainframe can now do so the same way their peers do with other IT platforms (i.e., cloud, mobile, distributed). These shared experiences close the gap between mainframers and others while preserving the core advantages of the platform. Common tools fuel a common language that benefits all, especially when deploying hybrid applications (e.g., web front-end with mainframe back-end).
The impact: The point about common tools fueling a common language is subtle but important. Tools for tools' sake won't get you very far; bringing more minds to bear on a problem will.
The degree to which each team can reasonably create its own configurations is related to the team’s competence with cloud solution architecture, cloud engineering, and cloud security. Not every person on the team may have a high level of competence; in fact, that will generally not be the case. However, the very least, for full self-service there needs to be at least one person with strong competencies in each of those areas, who has oversight responsibilities, acts an expert (provides assistance/mentorship within the team), and does any necessary code review.
The impact: We do it for driving cars and learning to ski; so why shouldn't we do it when it comes to letting people deploy sometimes critical applications?
I hope you enjoyed this list and come back next week for more open source community, market, and industry trends.