TOC approves Thanos from sandbox to incubation
Today, the CNCF Technical Oversight Committee (TOC) voted to accept Thanos as an incubation-level hosted project. Thanos is a metric system that provides a simple and cost-effective way to centralize and scale Prometheus based systems. The…
Jaeger turns five: a tribute to project contributors
Guest post by Yuri Shkuro, creator and maintainer of Jaeger August 3rd, 2015 was the date of the first commit in the internal Jaeger repository at Uber. Technically, the true birthday of the project was probably a week or…
A guide to untangling the CNCF cross-community relationships
Guest post from Diane Mueller, Director of Community Development at Red Hat The adoption of CNCF technology and continuous growth in terms of projects, contributors, and end users has created one of the most active, dynamic open…
TOC approves Operator Framework as Incubating Project
Today, the CNCF Technical Oversight Committee (TOC) voted to accept the Operator Framework, which is made up of two main components Operator SDK and Operator Lifecycle Manager (OLM) as an incubation-level hosted project. The Operator Framework…
TOC accepts Contour as Incubating project
Today, the CNCF Technical Oversight Committee (TOC) voted to accept Contour as an incubation-level hosted project. Contour is a high-performance ingress controller for Kubernetes that provides a control plane for Envoy. “One of the most important…
TOC Approves SPIFFE and SPIRE to Incubation
Today, the CNCF Technical Oversight Committee (TOC) voted to accept SPIFFE and SPIRE as incubation-level hosted projects. The SPIFFE (Secure Production Identity Framework For Everyone) specification defines a standard to authenticate software services in cloud native…
TOC votes to move Dragonfly into CNCF incubator
Today, the CNCF Technical Oversight Committee (TOC) voted to accept Dragonfly as an incubation-level hosted project. Dragonfly, which was accepted into the CNCF Sandbox in October 2018, is an open source, cloud native image and file…
TOC welcomes Argo into the CNCF incubator
Today, the CNCF Technical Oversight Committee (TOC) voted to accept Argo as an incubation-level hosted project. The Argo Project is a set of Kubernetes-native tools for running and managing jobs and applications on Kubernetes. Argo was created in…
从 Netflix 到 Fox Sports,再到 Vice,诸多知名的视频与影片内容创作者都在使用 Frame.io 平台实现云观看和多团队协作。 就客户关心的保密性问题,公司在2014年程序上线之初,就对其安全性和可靠性做出承诺,而这一切都要归功于云原生技术。 2017年,Abhinav Srivastava 加入公司、担任副总裁兼信息安全和基础设施主管后,就开始着手为 Frame.io 视频云创建绝对可靠的安全程序。视频云搭建在 AWS 上,最为关键的组件是 ML/AI 异常检测系统外围基于签名的网络应用防火墙,借以筛除恶意请求。 Frame.io 的全部工作负载都在 Docker 容器中完成;高峰期30万个容器同时运行,处理网络请求或完成视频转码,时间跨度从数秒到数小时不等。“一个小时之内,我们就能完成10天的工作量,因为多个容器同时在运行,” Srivastava 说,“容器上线,火力全开。容器内,我们需要 100% 的可见度,我们要保证它们的安全。我们开始研究入侵检测和容器安全工具,这时我们发现了 Falco。” Falco 是保证容器原生运行时间安全的开源项目,貌似非常适合 Frame.io。“Falco 搭建简便,规则却非常有效,”他说:“制定自己的规则之后,架构扩展非常简单。我们想要的正是这些。” 要最大化利用 Falco,鉴于 Frame.io 的特殊需求,团队“进行了整个微调过程,” Srivastava 说,“我们使用…
From Netflix to Fox Sports and Vice, some of the most prominent creators of video and film content use the Frame.io platform for cloud-based review and collaboration across multiple teams. Given the confidentiality concerns faced by…