IBM Launches Trio of Kubernetes-Focused Open Source Projects

IBM unveiled a trio of new open source projects targeted at helping developers more quickly build cloud-native applications for Kubernetes. The moves come on the heels of the company closing its $34 billion acquisition of open source powerhouse Red Hat.

The new projects are Codewind, Appsody, and Kabanero. Appsody uses components from Codewind, while Kabanero uses components from both Codewind and Appsody.

Codewind provides extensions to integrated development environments (IDEs) like VS Code, Eclipse, and Eclipse Che to build applications in containers. It allows developers to iterate, debug, and performance test applications inside of containers similar to how those applications run in a production environment. IBM said that this essentially allows developers to build applications in containers without knowing they are working in containers.

Codewind is being managed by the Eclipse Foundation, which emerged from the Eclipse Project that IBM founded in late 2001. It’s focused on supporting Eclipse open source projects, with the most well known being the Eclipse multi-language software development environment platform.

Building a Platform

Appsody provides developers with pre-configured stacks and templates for a set of open source runtimes and frameworks. These can be used as a foundation to build applications for Kubernetes and Kubernetes-based Knative serverless deployments. IBM noted that this allows developers to focus on their code, reduces the learning curve for cloud-native deployments, and allows for quicker development for those applications.

The pre-configured stacks can be customized for specific development requirements. If customized, developers can then have a single point of control to roll out those changes to all applications built from that customized stack.

Kabanero is an end-to-end DevOps platform that integrates already established runtimes and frameworks with a Kubernetes-native DevOps toolchain. It supports the architecting, building, deploying, and lifecycle management of Kubernetes-based applications. This includes the ability to integrate security and to build pipelines into a customized stack to support governance and compliance requirements.

In addition to the other two new projects, Kabanero integrates the Knative serverless platform, Istio service mesh, Google-developed Tekton continuous integration/continuous development (CI/CD) platform, and IBM’s Razee multi-cluster continuous delivery tool.

Nate Ziemann, an IBM Cloud product manager, noted in a blog post that the integration is what sets Kabanero apart in the market.

“While there are open source projects that address individual aspects of what Kabanero addresses, no other open source project provides an integrated experience from the creation of a containerized cloud-native application through its production lifecycle on Kubernetes,” Ziemann wrote.

https://www.sdxcentral.com

Julia vs. Python: Which is best for data science?

Among the many use cases Python covers, data analytics has become perhaps the biggest and most significant. The Python ecosystem is loaded with libraries, tools, and applications that make the work of scientific computing and data analysis fast and convenient.

But for the developers behind the Julia language — aimed specifically at “scientific computing, machine learning, data mining, large-scale linear algebra, distributed and parallel computing”—Python isn’t fast or convenient enough. Python represents a trade-off, good for some parts of data analytics work but terrible for others.

What is the Julia language?

Created in 2009 by a four-person team and unveiled to the public in 2012, Julia is meant to address the shortcomings in Python and other languages and applications used for scientific computing and data processing. “We are greedy,” they wrote. They wanted more: 

We want a language that’s open source, with a liberal license. We want the speed of C with the dynamism of Ruby. We want a language that’s homoiconic, with true macros like Lisp, but with obvious, familiar mathematical notation like Matlab. We want something as usable for general programming as Python, as easy for statistics as R, as natural for string processing as Perl, as powerful for linear algebra as Matlab, as good at gluing programs together as the shell. Something that is dirt simple to learn, yet keeps the most serious hackers happy. We want it interactive and we want it compiled.

(Did we mention it should be as fast as C?)

Here are some of the ways Julia implements those aspirations:

• Julia is compiled, not interpreted. For faster runtime performance, Julia is just-in-time (JIT) compiled using the LLVM compiler framework. At its best, Julia can approach or match the speed of C.
• Julia is interactive. Julia includes a REPL (read-eval-print loop), or interactive command line, similar to what Python offers. Quick one-off scripts and commands can be punched right in.
• Julia has a straightforward syntax. Julia’s syntax is similar to Python’s—terse, but also expressive and powerful.
• Julia combines the benefits of dynamic typing and static typing. You can specify types for variables, like “unsigned 32-bit integer.” But you can also create hierarchies of types to allow general cases for handling variables of specific types—for instance, to write a function that accepts integers without specifying the length or signing of the integer. You can even do without typing entirely if it isn’t needed in a particular context.
• Julia can call Python, C, and Fortran libraries. Julia can interface directly with external libraries written in C and Fortran. It’s also possible to interface with Python code by way of the PyCall library, and even share data between Python and Julia.
• Julia supports metaprogramming. Julia programs can generate other Julia programs, and even modify their own code, in a way that is reminiscent of languages like Lisp.
• Julia has a full-featured debugger. Julia 1.1 introduced a debugging suite, which executes code in a local REPL and allows you to step through the results, inspect variables, and add breakpoints in code. You can even perform fine-grained tasks like stepping through a function generated by code.

https://www.infoworld.com

Salesforce to acquire Tableau

Salesforce has signed a definitive agreement to acquire analytics platform vendor Tableau in a US$15.7 billion deal.

"We are incredibly excited to announce that we have entered into a definitive deal for Tableau to be acquired by Salesforce in one of the most historic combinations in the history of the software industry," Adam Selipsky, Tableau CEO and founder said.

"In a short 16 years, we have gone from a start-up in a bedroom to a billion dollar public company. We have been able to serve millions of people in more than 86,000 organisations around the world. We have been heads down building and delivering the analytics capabilities that are so critical to all of those customers. 

"And with a bright future ahead of us, as we’ve powered through the subscription transition, built an enterprise business, and strengthened so many parts of the company," Selipsky explained adding this was why Tableau was attractive to Salesforce.

Selipsky said that the growth potential is "enormous" and that the founders, board of directors and management team all agreed this was the best way forward.

Under the definitive agreement, Salesforce will acquire Tableau in an all-stock transaction, with each share of Tableau Class A and Class B common stock will be exchanged for 1.103 shares of Salesforce common stock, representing an enterprise value of US$15.7 billion (net of cash).

"Salesforce's incredible success has always been based on anticipating the needs of our customers and providing them the solutions they need to grow their businesses," said Keith Block, co-CEO at Salesforce. "Data is the foundation of every digital transformation, and the addition of Tableau will accelerate our ability to deliver customer success by enabling a truly unified and powerful view across all of a customer's data."

Through the acquisition, Salesforce expects to play a greater role in driving digital transformation, enabling companies around the world to tap into data across their entire business and surface deeper insights to make smarter decisions, drive intelligent, connected customer experiences and accelerate innovation.

The transaction is expected to increase Salesforce's FY20 total revenue by approximately $350 million to $400 million. 

https://www.channelworld.in

Oracle Taps Kubernetes, Service Broker API to Automate Cloud Services

Oracle is driving deeper Kubernetes and service broker integration into its cloud environment in a move to ease the use of its cloud infrastructure services.

The deeper integration is the launch of its Oracle Cloud Infrastructure Service Broker for Kubernetes. It’s an implementation of the Open Service Broker API for use in a Kubernetes cluster and with Oracle Cloud Infrastructure services. Kubernetes acts to automate the provisioning, configuration, and management of all the application infrastructure.

Developers can access the new platform through either a Helm chart package manager, a Docker container, or as an open source platform. The implementation ties together a number of the vendor’s cloud platforms using service broker adapters for autonomous transaction processing, autonomous data warehouse, object storage, and streaming.

A service broker can also be used to create service binding to cloud services. For each binding it creates a Kubernetes secret that houses the information needed to connect to the service.

The service broker can be added to a Kubernetes cluster where it will then use the Open Service Broker API from within kubectl to interact with the cloud services. Kubectl is a command line interface (CLI) for running commands against Kubernetes clusters.

Oracle made a big production of its Generation 2 cloud infrastructure at its OpenWorld event last October. That is the vendor’s bare metal infrastructure that it began building in 2016.



Open Service Broker API
The Open Service Broker API was formed by the Cloud Foundry Project in late 2016. It was developed as a way to provide a consistent model for exposing cloud services to applications and application deployment tooling. Founding members included Fujitsu, Google, IBM, Pivotal, Red Hat, and SAP.

Microsoft adopted the Open Service Broker API into its cloud platform in late 2017. Google adopted it last year.

Oracle’s deeper Kubernetes integration could also provide the vendor with a counter to Google’s recent Anthos platform launch. Anthos is a Kubernetes-based, Google-managed hybrid-cloud platform that runs on premises and supports multiple clouds including Amazon Web Services (AWS) and Microsoft Azure.

Synergy Research Group’s most recent Cloud Provider Competitive Positioning report had Oracle entrenched in its “strong niche player” space alongside IBM, Salesforce, and Rackspace. That position is below the “high growth and gaining market share” position held by larger rivals Microsoft, Google, Alibaba, and Tencent. AWS remains “in a league of its own” in the SRG report.

SAP Touts Qualtrics, Apple ML Integration

SAP kicked off its annual Sapphire conference by tightening integration of its $8 billion Qualtrics acquisition and expanding support for the Apple ecosystem.

SAP CEO Bill McDermott made both announcements as part of a flashy opening keynote that was big on getting SAP customers excited. That flash also included a supporting cast of Qualtrics co-founder and CEO Ryan Smith and Apple CEO Tim Cook.

With Qualtrics, SAP said it has now rolled out 10 new products that combine its operational data (O-data) with experience data (X-data) gleaned from its acquired property. The latest include the integration of the Experience Management platform into SAP’s C/4HANA that is targeted at an organization’s sales, marketing, commerce, and service experience management.

It has also launched three Experience Management services targeted at an organization’s employee management. These can be integrated into an existing human resources platform to support employee lifecycle.

McDermott explained this as managing the “hire-to-retire” aspect of HR. This involved a company’s HR department taking a “regular pulse” on an employee’s satisfaction with their work environment.

In a later question-and-answer session, McDermott noted that Qualtrics tackles the biggest cultural challenges at enterprises because “it provides the why.” During that same session, Smith said that Qualtrics did not want to focus on just gathering insight but to instead have insight “to allow for action.”

SAP acquired Qualtrics last November on the cusp of the latter moving toward a public offering. Smith said the company decided to go the buyout route because of the integration possibilities with SAP.

“We didn’t have too. We had all the options in the world and were one of the hottest IPOs coming into the year,” Smith said. But he explained that the company lacked the operational data to make its experience data more functional for enterprise customers. “We knew we would have to figure out how to partner, but SAP was the only one to go across the four experiences.”

Apple iOS SDK

SAP is also integrating Apple’s CORE Machine Learning (ML) platform into its SAP Cloud Platform SDK for iOS. This will allow users to create custom iOS applications using SAP’s Leonardo IoT platform. That platform was launched in 2016, and is a collection of software and services that tap into big data, analytics, blockchain, and ML.

The initial launch includes nine applications. In practice, the ML model can automatically download to an iOS device that will allow those applications run in an offline environment. SAP is also expanding application support to Apple’s Mac personal computer ecosystem. Those applications can also be updated when connected to the SAP Cloud Platform.

Apple CEO Tim Cook framed the move by stating that the enterprise “experience has not reached the same level” of the consumer experience. To that end, Cook showed slides of employees using Apple devices running augmented reality applications that use ML to manage industrial machines.

Cook also touched on the importance of security for Apple when it approaches the enterprise market. He cited a similar mindset from SAP that Cook said was key to its work together. McDermott likened his approach to security to that of Cook and Apple, which he said are “kindred spirits” and “like minded in protection and security.”

The security topic was also brought up during the Q&A session with reference to a recent Reuters story that claimed 50,000 companies were open to a vulnerability in legacy SAP systems. McDermott explained that the vulnerability was confronted by security patches issued in 2009 and 2013. He added that following the Reuters story, SAP instituted a more aggressive push to make sure its customers had downloaded those patches.

https://www.sdxcentral.com

Platform9 Packages Kubernetes Tools for On-Prem Environments

Platform9 packaged together a trio of open source Kubernetes tools in a push to ease the deployment and operation of Kubernetes clusters in air-gapped, on-premises environments.

The tools include its etcdadm command-line interface (CLI), nodeadm CLI node administration tool, and cctl cluster lifecycle management tool. Those tools are now part of the Klusterkit package, though they can be used separately or together.

Arun Sriraman, technical lead manager for Kubernetes at Plaform9, explained in a statement that Klusterkit can work with frameworks like Cluster API and kubeadm to help enterprises use Kubernetes to run their legacy applications. In addition to support for on-premises deployments, Klusterkit allows for the recovery of a failed cluster control plane from an etcd snapshot.

The on-premises support ties to a growing desire by organizations to simplify the management of their data resources across clouds and in house. This angle has been targeted by a number of platforms, including Google’s recent Anthos launch.

Tools in the Kit

Platform9 late last year moved its etcdadm support tool into the open source community via GitHub in an effort to generate momentum behind automating the configuration, deployment, and management of etcd clusters used by Kubernetes to store control plane information. Those tasks were previously either part of more broadly-focused efforts put on the shoulders of a Kubernetes user, or cobbled together by developers.

Etcd is the primary software-defined storage (SDS) location for Kubernetes and needs to be established before Kubernetes can be run on a system. Sriraman explained in a video that etcd is the “backbone for Kubernetes storage.” The Cloud Native Computing Foundation (CNCF) late last year adopted etcd as an incubation project.

https://www.sdxcentral.com

VMware Fixes Security Flaws in vCloud Director, Hypervisor Software

VMware late last week released patches for two security flaws, which ranged from important to critical in terms of severity. The fixes resolved vulnerabilities within its vCloud Director platform and within its hypervisor software: ESXi, Workstation, and Fusion.

The first advisory was directed at a remote session hijack vulnerability found within the vCloud Director platform for service providers, which is VMware’s cloud service delivery platform. The vulnerability was found within the tenant and provider portals and allowed attackers to access the portals through impersonation of someone logged into a session.

This vulnerability was ranked as a “critical” security flaw. It was discovered by four faculty members at Dakota State University.

Hypervisor Flaw

VMware, in its second advisory, addressed a number of security issues within its hypervisor software, including three critical issues and one important issue.

ESXi is VMware’s bare metal hypervisor software; Workstation its hypervisor that runs on x64 versions of Windows and Linux operating systems; and Fusion is its software hypervisor for Macintosh computers.

The first critical flaw affected all three hypervisors and gave malicious actors access to virtual machines (VMs) when a virtual USB controller was present, allowing a hacker to execute code on the host.

The second critical flaw, affecting Workstation and Fusion, was an out-of-bounds vulnerability in their e1000 virtual network adapter. This flaw also allowed the attacker to execute code.

The third, an important fix, also affected Workstation and Fusion with an out-of-bounds vulnerability in both the e1000 and e1000e virtual network adapter. While the flaw could allow code execution from the bad actor, it could also result in denial of service to the actor.

The fourth, and final, critical flaw affected only the Fusion hypervisor. This vulnerability was a result of unauthenticated APIs that could be accessed through a web socket. Bad actors could exploit this by tricking the host user execute functions and perform unauthorized functions on the guest machine where VMware Tools is installed.

https://www.sdxcentral.com