For all those who like-it-cheap, we have sad news… Today will also be about my visit to the vegetable garden and the new Kubernetes. And in the end, we will ask an important question: Quis custodiet ipsos custodes?
To begin with, a little privateness. One of my “formative events” as far as the world of technology is concerned is a particular inconspicuous morning when sitting in an empty office in the morning (“yes kids, grandpa used to go to the office regularly”) I’m listening to the radio (“yes kids, “old-people-Spotify” used to not allow you to stop and change the song – as it was flying you had to listen to the end for the next one to start”) when suddenly the news started and in it, as it is on the news, something there from local politics, probably some sports information, and suddenly an announcement:
University X has announced a competition to design a 3D printer that would allow the creation of hardware for astronauts colonizing Mars. As a material, it needs to use what they find on the planet’s soil itself.
The way the presenter naturally, even boringly, moved from one topic to another made me realize that while we don’t have moving sidewalks like in Jetsons, “the future is now.” It has become something as dull to us as cell phones, which to me back in 2009 (my first Android) seemed like technology straight out of Steven Spielberg’s “Minority Report” – which itself celebrated its 20th anniversary of release at the end of June.
Why am I writing about it? Because yesterday I was in Carrefour, and between the vegetable stands, I saw this:
Well, the future is now, since the grocery chain feels its customers will be interested in being able to track the supply chain of its potatoes using Blockchain. And I, despite the fact that the whole situation nevertheless stumped me enough to take a photo, didn’t even try to see how the whole thing actually works, chasing around with a cart to get some barbecue sausage.
1. Heroku rezygnuje z darmowych kont – koniec pewnego rozdziału
One can feel nostalgic about various things. For most people, it will be a movie, a book, a song, some piece of furniture, or even a specific place or computer game. For me, one entity that arouses nostalgic thoughts is… Heroku. It was on this platform that I made my first adventures with the cloud, it’s where I pushed out my first startup (which is a story I may tell someday), then the second one (which I’m already a bit uncomfortable calling a startup, however), it’s also the platform that taught me to be “creative” and to use all sorts of tricks so that deno (for those who don’t know – instances on Heroku) don’t be turned off and i won’t have the problem of a cold start…
Why was it exactly Heroku? There were two reasons. First, the platform with its CLI had an almost unearthly Developer Experience (especially for its time, but probably not only). And second, aside from the aforementioned cold-start problem, it was free to use to a limited extent. And so free-for-free, not “if you make a mistake, you’ll have to sell a kidney” AWS-Free-Tier-for-free. And we are talking about servers AND the database – Heroku was famous for its PostgreSQL service for years.
Unfortunately, the new generation will no longer have such memories. Heroku has announced that it is ending free accounts. This fits in with the trend we reported on at one time in the context of GitLab. After all, the official reason is that they can’t handle the abuse of their free offering (probably more innovative than my pinging the server every minute a decade ago, just to make sure it doesn’t turn off). However, I suspect this is part of the trend of cost-cutting and price increases we’ve seen in various announcements – sometimes as cursory as raising the price of two-year-old equipment, hello Sony.
If you’re looking for a free alternative to Heroku, it’s hard for me to point out a perfect replacement, but I refer you to Free for Developers. The site (or the GitHub repository that powers it) aggregates platforms with a favorable “free tier.” You’re sure to find something there for you.
2. Kubernetes v1.25 “Combiner” released
When you’ve been writing these kinds of summaries for a hundred editions, you get into a bit of a rut. For example, I was under the impression that I was just describing a new edition of Kubernetes, and it was, after all, early May. What have the developers accomplished in these almost four months?
The main theme of the whole thing is security, and the change that the developers boast about most is the replacement of PodSecurityPolicy with Pod Security Admission. The developers are focusing heavily on this – they felt compelled to release a full history outline and a whole separate blog post. What does the change entail for the end user? The whole thing has been reworked in a much more declarative fashion – instead of defining precisely what specific security conditions we want to provide in our project, it will now be possible to simply define which community-maintained Pod Security Standards we want to provide, Pod Security Standards in turn are expected to evolve with changes in broader security best practices. Kubernetes itself will thus be able to increase the level of security with subsequent updates to both the platform and the standard.
That’s not all, however. The new Kubernetes also includes support for the
cgroups v2 standard. The successor to the original
cgroups, which may not have emerged trend for contenerization (for that statement purists and BSD fans would probably scold me), but certainly it and made Docker possible. The problem was that over the years, resource isolation had evolved heavily, and the original solutions that Docker originally adopted were deficient in many places and heavily redundant in others. The second version of cgroups was redesigned to meet these challenges better.
Of course, that’s not all you’ll find in Kubernetes v1.25 – the release also brings, among other things, ephemeral containers with a limited lifespan or better support for Windows. But I’ll already refer you to the official Release Notes.
By the way, Kubernetes has gotten to the point where the most popular texts about this platform at vived.io say it’s not worth using unless you have to: Kubernetes is a red flag signaling premature optimization and Don’t Use Kubernetes, Yet. On the Kubernetes vs Cloud solutions discussion, a very good publication is Don’t get locked up into avoiding lock-in from Martin Fowler’s blog (albeit authored by Gregor Hohpe). The text gives a practical mental model of when lock-in is dangerous and when generalizing by force is more of a threat to a project.
- Kubernetes v1.25: Combiner
- PodSecurityPolicy: The Historical Context
- Kubernetes v1.25: Pod Security Admission Controller in Stable
- Kubernetes is a red flag signalling premature optimisation
- Don’t Use Kubernetes, Yet
- Don’t get locked up into avoiding lock-in
- The Story of Containers
3. “Who Watches the Watchmen?” – LastPass hacked
Do you use password managers? I hope you do – it’s one of the best ways to increase your security, and these days, with really good (though not yet perfect, especially on desktop) integration with operating systems. The biggest objection to the tools is that they can be our security system’s “Single Point of Failure” (provided we don’t use 2FA, for example). However, this argument seems to be strongly unrealistic – after all, these types of companies have the best security specialists. Therefore the risk is negligible, right?
You will probably soon come across headlines saying “LastPass hacked,” which is true. The company was indeed attacked, which it confirms in an official announcement. Worst of all, its response has been somewhat tardy – according to BleepingComputer, it’s been almost a week since the first leaks about the attack, during which it’s been difficult to get any concrete information from the company.
So do we have anything to fear as users? Probably not. Admittedly, an intruder got into the source code and CI environment by hacking into the account of one of the developers. Some of the source code was stolen, but your Master Passwords are safe…. well, unless there was a hole in the code after all, but I suspect that this aspect – secure encryption – was top-notch in the company.
It’s still a bit of a letdown, similarly what happened to Okta at the beginning of the year. After all, when there’s an attack on one of the most critical security providers for the little guys, the question always flashes to my lips, “Who’s watching the guards?” – especially when it comes out that these are not always transparent.
Bonus na koniec
Chcę Wam przypomnieć o zbliżającej się konferencji Sphere.it. Zostały już niecałe dwa tygodnie na zakup biletów i rejestrację na wydarzenie.
Jeśli jesteście zainteresowani:
- Jaka jest przyszłość oprogramowania?
- Czy AI zabierze nam miejsca pracy?
- Jak to jest być Inżynierem Oprogramowania w krainie Data ScienCe?
- Czym jest DARTS?
- Jak prowadzić udane eksperymenty domenowe?
- Co jest kluczem do dobrej komunikacji między zespołem projektowym, a deweloperskim?
To zapraszamy do zakupu biletów, póki są jeszcze dostępne.
Z kodem Sphereit20 otrzymacie 20% zniżki na bilety.
Vived jest patronem medialnym, mamy swoje stoisko na Mamy nadzieję, że się tam zobaczymy!
A jak przyjdziecie i powiecie, że czytacie nasz newsletter lub używacie appki, to chętnie się przejdę nawet na piwko lub dwa i poopowiadam co tam się dzieje pod spodem 🍻