From
infoq.com
Email Address
architect-newsletter@mailer.infoq.com
Sent On
Fri, Oct 25, 2019 04:04 PM
Email Preheader Text
A monthly overview of things you need to know as an architect or aspiring architect. The Software Ar
HTML
A monthly overview of things you need to know as an architect or aspiring architect.
[InfoQ](
The Software Architects' Newsletter
October 2019
[View in browser](
Our twenty-seventh issue of the Architectsâ Newsletter focuses on multi-cloud and cloud-native application development. We believe these topics are vitally important, and these themes are visible, at every stage of adoption, in our latest [DevOps and Cloud InfoQ Trends Report](. Understanding all the emerging technologies, patterns, and techniques is essential for a modern software architect.
News
Pulumi 1.0: Reducing the Friction in Multi-Cloud Deployments
The release of [Pulumi 1.0]( was recently announced. This modern infrastructure-as-code (IaC) platform aims to reduce challenges associated with managing multiple cloud deployments. The solution includes consistent tooling, based on popular programming languages like TypeScript, JavaScript, Python and Go, in order to define infrastructure. In addition to SDK support, Pulumi also provides a SaaS Management console for configuring identities, organizations, and policies.
Pulumi provides support for the major public cloud providers, including Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). But, Pulumi is not the only startup trying to address the challenges associated with multi-cloud deployments. HashiCorp recently released [Terraform Cloud](, which seeks to solve many of these same problems.
As we noted in our [recent programming language trends report](, weâre seeing growing interest in infrastructure-focused languages, with Pulumi, Terraform, and [Dark]( competing in this space â albeit providing different programming abstractions. Weâll be exploring languages of infrastructure with a [dedicated track]( at QCon San Francisco.
Improving Security in the Cloud: Q&A With Christopher Gerg
Developers and IT leaders say security is a top priority. Survey after survey show â itâs easy to say and hard to do. To shine a light on effective security practices in the cloud age, [InfoQ recently spoke with Christopher Gerg](, the CISO at Gillware, a data recovery and digital forensics company.
Key takeaways included:
- Good security needs to be designed and built into applications and infrastructure from the start,not bolted on after the fact.
- Leverage some of the service offerings at the cloud provider, and recognize that the security fundamentals â network segregation, patches and updates, monitoring and alerting, authentication and authorization, encryption, and anti-malware â stay the same.
- Don't fall in love with advanced security tools if you haven't mastered the fundamentals like patch management.
Readers interested in this topic should read this recent article: â[Three Major Cybersecurity Pain Points to Address for Improved Threat Defense](â
Azure Sentinel, a Cloud Native SIEM, Now General Availability
As InfoQ recently reported, Microsoft has announced the general availability of [Azure Sentinel](, a Security Information and Event Management (SIEM) service in Azure, that provides customers with intelligent security analytics across their enterprise. In March this year, InfoQ reported on the [first announcement of Azure Sentinel](, which used machine learning and artificial intelligence (AI) to analyze incoming data, and detect and adapt to evolving threats. Since then, more than 12,000 customers have joined the preview program, and Microsoft has continued investing in the service, for example, by providing more than 100 built-in alert rules, and the provision of a new alert wizard to create custom rules.
Google Releases Cloud Dataproc for Kubernetes in Alpha
Google Cloud Dataproc is an open-source data and analytic processing service based on Hadoop and Spark. The [Cloud Dataproc service]( has been generally available for over three years, and now offers preview access to running Spark jobs on Google Kubernetes Engine (GKE). Typically, Spark applications run on Hadoop YARN clusters, however, with Cloud Dataproc for Kubernetes, users will have one central view that can span both [YARN]( and Kubernetes clusters, and they donât need to manage them separately.
Amazon Updates S3 Service with Same-Region Replication
Amazon recently introduced a new option to its [cloud storage service, S3]( â Same Region Replication (SRR). With this new option in S3, customers can create a replica of their uploaded data in the same region, but in a different S3 bucket. S3 Replication goes beyond simply creating a copy; it allows engineers to switch accounts, switch storage classes, and conduct other operations on the replica.
Case Study
Open Core Summit: The Value of Cloud and Commercial Open-Source Software
Key takeaways and opinions from the inaugural [Open Core Summit (OCS)](, held in San Francisco, include:
- The relationship between cloud computing and commercial open-source software is an âandâ relationship, rather than âversusâ
- [Open core]( is a business model, and should not be confused with open-source software
- Open core companies build on the foundation of open source and extract a small amount of the total value they create.
As reported in the [pre-event Q&A with OCS founder Joseph Jacks](, the eventâs aim is a meeting and learning place for industry participants, to share experiences and ideas around commercial open-source software. Jacks and Bruce Perens, partner at OSS Capital and one of the founders of the open-source software movement, opened the event, by stating that although there is a lot of discussion focused on [cloud vendors versus commercial open-source software (COSS)](, this should be refocused on âcloud and COSS,â as the two are not in direct conflict.
Perens provided a brief overview of the [history of open-source software](, and explored the opportunities this movement has provided to individuals and organisations. He said, âmost companies would spend a billion dollars to build the brand that the open-source software movement has,â and argued that open-core companies build on the foundation of open source, and extract a smaller amount of value than the total value they provide to society.
Although the concept of open core is largely understood across the industry, it has proven to be somewhat controversial, as many developers donât consider the business model to be compatible with the original ideas of free, open-source software (FOSS). The history, benefits, and some of the controversy of open core was explored in more detail [throughout the day, via talks]( from a number of eminent members of the open-source community and industry, and also via [Twitter conversations]( involving open-source luminaries.
This is an excerpt of a full [OCS conference report]( that can be found on InfoQ.
To get notifications when InfoQ publishes content on these topics follow â[Cloud](,â â[Cloud Computing](,â and â[Cloud Architecture](â on InfoQ.
Missed a newsletter? You can find all of the [previous issues]( on InfoQ.
This edition of The Software Architects' Newsletter is brought to you by:
[NGINX](
What Belongs in a Container?
Thereâs no technical reason you canât run as many processes as you want to inside a container: you could run a complete Linux distribution, with multiple running applications, network services, and so on, all inside the same container. This is why you sometimes hear containers referred to as lightweight virtual machines. But this isnât [the best way to use containers](, because then you donât get the benefits of resource isolation. If processes donât need to know about each other, then they donât need to run in the same container. A good rule of thumb with a container is that it should do one thing.
InfoQ strives to facilitate the spread of knowledge and innovation within this space, and in this newsletter we aim to curate and summarise key learnings from news items, articles and presentations created by industry peers, both on InfoQ and across the web. We aim to keep readers informed and educated about emerging trends, peer-validated early adoption of technologies, and architectural best practices, and are always keen to receive feedback from our readers. We hope you find it useful, but if not you can unsubscribe using the link below.
[Unsubscribe](
Forwarded email? Subscribe and get your own copy.
[Subscribe](
Follow InfoQ.com on
[Twitter]( [Facebook]( [LinkedIn]( [Youtube](
You have received this email because you subscribed to "The Architects' Newsletter". To stop receiving the Architects' Newsletter, please click the following link: [Unsubscribe](
- - -
C4Media Inc. (InfoQ.com), 2275 Lake Shore Boulevard West, Suite #325,
Toronto, Ontario, Canada, M8V 3Y3
EDM Keywords (135)
yarn
web
want
visible
value
useful
two
topics
topic
thumb
things
themes
technologies
techniques
subscribed
stating
start
spread
spark
span
space
shine
service
seeks
say
said
run
reported
replica
release
relationship
region
refocused
recognize
received
readers
read
pulumi
provision
providing
provided
provide
proven
processes
problems
organisations
order
opportunities
opinions
operations
one
number
noted
nginx
newsletter
need
movement
microsoft
meeting
mastered
march
manage
love
lot
link
light
kubernetes
knowledge
know
joined
inside
infrastructure
infoq
industry
individuals
hope
history
hard
hadoop
go
gillware
get
friction
founders
foundation
found
find
fall
facilitate
extract
explored
excerpt
example
event
essential
enterprise
email
educated
edition
easy
detect
designed
curate
create
coss
copy
controversy
container
consider
confused
conduct
concept
compatible
cloud
ciso
built
build
browser
brought
brand
bolted
benefits
belongs
believe
azure
argued
architect
applications
announced
although
aim
adoption
address
addition
adapt
across