NEW! Mirantis Academy -   Learn confidently with expert guidance and On-demand content.   Learn More

STORE

PUBLIC SECTOR

< BLOG HOME

Cloud Native and Industry News — Week of January 24, 2022

Michelle Yakura - February 01, 2022
- security, Linux, kubernetes, k0s, industry news, docker
image

Every Thursday, Nick Chase and Eric Gregory from Mirantis go over the week’s cloud native and industry news. Last week, they discussed regulatory issues around the world, a Linux kernel vulnerability with important ramifications for Kubernetes users, the open sourcing of Neuvector, bumpy times for crypto, and much more. It was a busy week. 

View the recording.


To join Nick and Eric this Thursday, February 2 at 10am PST, register here.


Topics covered last week included:

Open source virtual cluster project now runs on k0s

Eric Gregory: To start off, we've got some Mirantis adjacent news in the world of Kubernetes. So this week, Loft Labs announced that their open source of vcluster software has added k0s support for virtual clusters. The cluster enables users to spin up virtual Kubernetes clusters within the namespaces of a host cluster, so teams can create different environments for different stages of the development process or even experiment with different multi-cluster architectures. k0s, the lightweight and open source Kubernetes distribution driven by Mirantis, is often used for local development environments. So Loft Labs suggests that many users will benefit from being able to spin up a k0s dev environment in their cluster.

Kubernetes 1.24 to remove Dockershim

Nick Chase: Alright, and in other Kubernetes news, Microsoft sent out a blog post reminding users that as of Kubernetes 1.24, which will be arriving in April, the Docker runtime, that is the piece of software called Dockershim will be removed. Now, if you don't know what that means, congratulations, this is not going to affect you, and you can think about something else for a minute while I explain this.

Nick Chase: Basically, Kubernetes was originally hard coded to use Docker as its container runtime, but over the years it became more genericized, and now the default runtime is containerd, which is also at the heart of Docker. So the only people who need to think about this are those who depend on specifically Docker features, Docker images are still going to run even if you do nothing, and for the people who do depend on those specific Docker features, there is still going to be Dockershim available. It's being maintained by Mirantis and Docker. So you just have to take some additional steps to use it. I would advise you to contact us, and we will get you set up, and there should be a link on the screen there to tell you how to get more information about that.

U.S. Department of Justice and Federal Trade Commission to update merger guidelines

Nick Chase: Alright, so you can all come back now we're done talking about Dockershim. See how easy that was? Painless, absolutely painless. Which I would not use to describe our next section, which is legislation. Eric did you know that the U.S. first issued merger guidelines in 1968?

Eric Gregory: That is later than I would have guessed to be honest.

Nick Chase: So the last time those guidelines were updated was in 2010, and a lot has happened in the last 12 years, so the government is trying to catch up. Now, according to Federal Trade Commission chairperson, Lina Khan, there were twice as many merger filings in 2021 than the previous five year average. So there's a lot going on, and now the U.S. Department of Justice and the Federal Trade Commission are embarking on a joint mission to update those guidelines, particularly with respect to President Biden's executive order to promote competition and innovation.

Nick Chase: Now, apparently, the issue, at least in the tech space, is that regulators are used to evaluating mergers based on whether they are going to result in higher prices for consumers. So they don't quite know how to deal with businesses that essentially provide their services for free. For example, it's easy to see how NVIDIA purchasing Arm might be a problem, which has led to opposition that has ultimately all but killed that deal. But how do you determine whether Facebook buying Instagram was a problem?

Nick Chase: So the agencies have opened up a 60-day comment period, basically a request for information asking for input on how research into these mergers should be conducted, what criteria should be used to determine whether they're going to harm competition and so on. Interestingly, you can not only make comments, but you can also see the comments that have already been submitted. Some substantial number of these comments involve the Microsoft Blizzard acquisition, which we talked about last week, but that's probably because it's fresh in people's minds. Not everyone is in favor of these regulations, however. At least one person commented that the FTC shouldn't be “strangling” these mergers because we need them in order to keep up with foreign markets.

American Innovation and Choice Online Act advances to Senate floor

Nick Chase: Which brings me to the second bit of U.S. legislative news. The American Innovation and Choice Online Act. This bill has advanced to the Senate floor, which for those of you outside the US means that it can be debated and potentially voted on but there's still multiple steps before it can become a loss. This bill prohibits large companies from favoring their own products in their own platform. So Google couldn't favor YouTube and its search results, and Amazon couldn't favor its own products in the Kindle Store and so on. And the general premise is that these companies are providing a high barrier to entry for other companies.


But there were some who are complaining that this is going to make it more difficult to compete in other regions of the world, and that rather than raising prices for consumers, this kind of consolidation actually makes it possible for these companies to provide lower prices for consumers.

European Parliament adopts changes to Digital Services Act

Nick Chase: In addition, these legal efforts to protect consumers are not limited to the US. This week, the European Parliament has adopted changes to the Digital Services Act to prevent certain types of ads targeting such as targeting to children, as well as to require labeling of ads with who actually paid for them, and also to require lead labeling of deep fakes, the sort of video equivalent of photoshopping one person's head onto another person's body. But again, there are those who are worried, will this result in a sort of legalized censorship? So back and forth on both of these things. What do you think about all this, Eric?

Eric Gregory: What I find interesting is the way that this debate scrambled some of the ideological priors that you might expect, you know. Ordinarily, we'd be arguing about how much you want to regulate a market, how far you want to take it away from being free. But in this case, we're talking about markets within markets a lot of the time whether that's the Google Play Store or you know Amazon's market that it creates or the Apple store or whatever, and your Googles and your Apples and your Amazons tend to want the benefit of competing within a maximally free market, but they want maximum control over the markets that they themselves set up and run, right? So occasionally that puts these giants at odds with one another, but really, they all kind of want roughly the same soft touch regulatory regime.


But it can really put them at odds with smaller companies, like the Apple and Epic Games fight of the last couple of years. We saw these kinds of funky dynamics where a company like Epic is asking the state to regulate Apple into running a freer market for them to play in. So, you know, personally, I'd say as far as the idea of legalized censorship, I don't have a lot of concern about that, as concerning corporations. You know, they're subject to all kinds of constraints on expression, but I tend to worry more about the ways that corporations themselves can obscure or selectively surface individual speech themselves. And I think this is the theme that kind of binds these two major cases.


What I'm really interested in is the governance of knowledge. And I think that's what's at stake here, especially when you think about someone like Google and their search results, since they've made themselves so foundational, so fundamental to the way that we gather knowledge, by making their product free, right, it goes back to that aspect that is confusing the FTC.  I don't really care whether and how Epic Games can sell fortnight skins on the iPhone, but I care a lot about how a Google search surfaces information. So in broad terms, I think it makes sense to put up some guardrails there and to construe them in such a way that it affects all of the tech giants in the same way. But obviously, that's a complicated legal challenge, and it makes sense that they're seeking input.

Nick Chase: Exactly. It is a complicated legal challenge, and I think a lot of people don't take it as seriously as they might. I mean, what people have to realize is, you know, if you're not paying for the product, you are the product, and people have to take it that seriously. and I don't think that they do as a general rule. But I think the government is starting to realize it really should think about that. Well, we'll see what happens. I'd be interested to see how some of those comments kind of evolve as we go along. So I have no clever segue for this but it just was not happening. So what's going on in security?

SUSE acquires Neuvector and open sources container security platform

Eric Gregory: I talked about guardrails. We might have legal guard rails, but we might also have security guard rails and over in the security space, after acquiring Neuvector, SUSE has made the container security platform Neuvector open source, releasing the complete codebase this week. In the long term, SUSE clearly means to more closely integrate Neuector with Rancher. But in the meantime, SUSE President of Engineering and Innovation Sheng Liang suggests that it will be easier for more organizations to adopt a free and open source container security solution, kind of going back to what we were talking about, about free services often being easy to adopt, right.


And of course it is addressing a widespread concern right now. Lots of teams are closely eyeing container security. The last few months have seen a deluge of high profile CVEs  you we've on the show talked a lot about log4shell and everything coming out of that I was just right before we started the broadcast, reading a StackExchange blog about the massive escalation in searches related to log4j. Not surprising.

Linux kernel vulnerability

But the vulnerability that emerged this week is something different. This one affects the Linux kernel and allows exploits to escape from a given container on a Kubernetes cluster and freely access resources on the host. So this vulnerability designated CVE 2022 0185 emerges from the confluence of several different elements. It requires that the system be running an older version of the Linux kernel, and that certain security configurations of Docker such as the SECCOMP filter, be disabled, as they are by default when used with Kubernetes, but it's enabled by default when you're just using Docker for something. So really, you have to have all these puzzle pieces in play just so, for this vulnerability to exist, but often these pieces are actually in that configuration.

Eric Gregory: So what exactly can organizations do to protect themselves from this vulnerability? The easiest way is to upgrade the Linux kernel to version 5.1 6.2 But since that update isn't available for all Linux distributions, you may need to take additional steps such as disabling the unprivileged user namespaces that are necessary to make the exploit work. To do this in Ubuntu, you can use this command: sysctl -w kernel.unprivileged_userns_clone=0

Eric Gregory: If you need unprivileged user namespaces in your cluster, you can also mitigate the exploit by making sure that the SATCOM filter is enabled and you can find instructions from the Kubernetes docs.

Eric Gregory: All right, so that's a software supply chain security question. Are there any physical supply chain issues we might need to know about?

Chip manufacturing localization amid chip shortages

Nick Chase: Which brings us back to the chip shortage. We always come back to the chip shortage. Meanwhile, the chip shortage is again in the news this week. The European Commission has introduced the European Chips Act, which is intended to increase local chip production to, and by local I mean Europe, to at least 20%. This is part of a localization trend. That includes Intel's announcement that they're going to spend $20 billion on two factories in Ohio, Samsung and the Taiwan Semiconductor Company also have factories in the U.S.


Anyway, this localization trend was cited by a Deloitte report, speculating that many of the chip shortages that we've been seeing are going to start to abate later this year, although those projects with longer lead times may go into next year or before they start to kind of ease up a bit. All this is good news as the U.S. Department of Commerce reported this week that in 2021, some manufacturers were down to a five day supply of chips, down from an average of 40 days' worth in 2019, which kind of sheds a new light on the whole just in time manufacturing thing. Yeah, kind of scary there when you think about it. So what do you think Eric? Do you think we're going to see any relief anytime soon?

Eric Gregory: Fingers crossed, you know, I want all those eager gamers to get their PS5s.

Nick Chase: You know, it's true. We laugh about the PS5s, but the report from Deloitte talks about the fact that chips are every bit as essential to the world economies as food and oil. But they're as much as they are every bit as essential to the world economy, they have one thing that those two industries don't, which is they're controlled by like five manufacturers. You don't have that with food. Yes, there are certainly food mega corporations and there are farm supply mega corporations squeezing family farmers. Yes, I agree with that. And yes, there are a finite number of major oil companies. But it's not as bad as in the chip industry. And particularly when you think you know, the report points out, you can have a chip that costs less than $1 that affects whether you can sell, say, a car for tens of thousands of dollars, and so it's the knock on effects of the ship shortage are really quite interesting.

Nick Chase: From a financial standpoint, don't cry for the chip companies. Their profits went up something like 25% last year to over $500 billion, something like that. Yeah, it's crazy. Or the revenues were $500 billion. What's that mix up revenue and profit. Yes, so as the proverb says, may you live in interesting times.

Eric Gregory: Well, it's interesting too, maybe a point of slight distinction with oil or food but not totally, but a little bit is that chips can be used for such a dramatic range of purposes like such a diverse range of applications from like, total luxury, to totally essential. You know, of course, there are elements of that and energy and food as well, but it seems particularly pronounced there, where it's going to be applied often in a very particular and specific way that may generate value, that kind of wider scope and may not at all.


One thing that people might use those chips for is crypto mining.

EthereumMax lawsuits

Nick Chase: You are so winning the segue game today. All right. Let's talk about crypto. So last couple of weeks have not been kind of crypto. If you have any bitcoin or Etherium investments, you know that they're both down to multi-month lows. And there are a couple of reasons for that.


So all of these cryptocurrencies are very strongly affected by public perception. Their people have to believe that they're worth more in order to want to buy them, like stocks. It's not like what they call fiat currency, where you know, a dollar is a dollar is a dollar. So because they're so strongly affected by public perception, they're vulnerable to what's called a pump and dump scheme.


So one example of that is happening right now with EthereumMax, which is getting sued for exactly that. So  allegedly, the company hired celebrities such as Kim Kardashian, and boxer Floyd Mayweather Jr. and former NBA player Paul Pierce, who are also being sued to promote their EMAX tokens, which of course increased the price everybody said, oh, you know, all these celebrities and we're gonna buy these tokens. And then the company allegedly sold its own shares, and of course, the price tanked.


This is a common thing. This happens with all kinds of tokens. It's not just EthereumMax. And this kind of thinking is starting to take hold Mozilla had announced that it would be accepting donations in crypto, and it stopped partly because of these environmental concerns, but more so at least the impression I get more so because they're starting to be this thought that this is not perhaps such a legitimate thing. I'm not saying it is or it isn't. Just as they say in “The Quiet Man,” I can't say it's true. And I won't say it's not but there's been talk.

Blockchain concerns in Kickstarter campaigns for tabletop games

Eric, last week, we talked about Kickstarter shifting over to blockchain. How has that been working out?

Eric Gregory: Early signs are that Kickstarter's announcement has alienated some at least within key blocs of their user base, and they've certainly had to run some messaging damage control. Polygon just today reported that growth in their tabletop game space has slowed in 2021 and heading into 2022. In an article that they headlined, Tabletop growth slows on Kickstarter, as shift to blockchain causes creator concerns. Now, there's some context we should add there, along with a few caveats. For context, tabletop games are relevant. I mean, I love them so I like talking about them, but they're relevant here because these campaigns are among the very largest on Kickstarter, and they've been on a rapid growth trajectory for the last five years or so. And according to this Polygon article, tabletop game campaigns, including board games and role playing games, like Dungeons and Dragons, and things doing a similar thing, they amount to about 1/3 of Kickstarter's overall revenue.

Nick Chase: Wow, I had no idea.

Eric Gregory: Yep, it's huge and they rake in anonymous amounts of money. Popular campaigns have been setting records for funding kind of year after year. The most popular last year took in numbers like $8-9 million. So this is a space fascinatingly that isn't dominated purely by large companies. In fact, there aren't that many large companies playing in that ground. You see small studios and independent creators driving really large campaigns.


So these big campaigns, often run by small teams or individual creators, who are apt to be guided by strong opinions on issues like blockchain, or at least could be in a way that a larger company might be less likely to, they're responsible for a major chunk of Kickstarter's revenue. And in 2021, growth in this space was down from 32% year over year in 2020 to 14% and 2021. That's still growth, to be clear, and the Polygon headline is arguably a little misleading in highlighting that slowed growth alongside creators' blockchain concerns, since the blockchain announcement came late in the year, but I think it highlights the somewhat precarious position that Kickstarter finds itself in. A massively important source of revenue is already slowing down, and it's powered in large part by individual creators, many of whom are loudly expressing their kind of revulsion around blockchain then leaving the platform because of it.


So I think this is a dynamic partly that's particular to Kickstarter right because they're so reliant on small creators, but a lot of online platforms are, and I think we're gonna see more of this dynamic with companies trying to thread the needle between enthusiasm for blockchain in the investor class and sometimes in the tech class, but also often a strong suspicion of it in some communities and user bases. But it's not just Kickstarter users and commentators on Twitter who are suspicious of blockchain, is it?

Russia and Myanmar consider bans on cryptocurrencies

Nick Chase: No, it definitely is not. Another thing that's affecting these cryptocurrencies is potential legislation. This week we heard about Russia and Myanmar who are both considering banning crypto because of the way, well, they're not saying this, but the assumption is that it's because of the way that it loosens government control, which is a bit of a mixed bag. Yes, ransomware usually demands crypto as payment, but at the same time, you'll note the regimes there talking about this. In Myanmar, for example, that same bill also criminalizes the use of VPNs, so hopefully that sort of thing is not going to spread. It is a mixed bag, as you say, I mean, the initial point of Bitcoin was to sort of loosen government control over currency. You know, I mean, but you gotta take the good with the bad I guess in a lot of cases. What do you think?

Eric Gregory: Yeah, no big conclusions or easy answers. But you know, I think it's notable that a lot of Web 3 technologies, which are usually you know, relying on the blockchain here are so much about trying to solidify the sense of private property online, and they're also trying to thread the needle of having that cake, but also eating the more old school sense of kind of anonymity on the internet. I think those two goals are like, somewhat intention, and it's interesting to see how a lot of these initiatives tried to try to navigate them and balance them, and it's interesting to see how states are sometimes lumping them together. In my mind VPN is like a very fundamentally different thing than a Web 3 technology and like guided, guided by a very different kind of philosophy and an older era of the internet. But, you know, you can see how both are driving towards a kind of anonymity that a state, especially one that's kind of paranoid, might be scared of.

Nick Chase: So yeah, that is very sure. I mean, legitimate companies and large companies, financial companies are investigating not so much cryptocurrency, although some of them are, but the sort of blockchain technologies that can lead to smart contracts, and things like that. There are legitimate uses for these technologies. We'll have to see kind of how that comes out.


Technology typically has this balancing act. Look at transferring files. We could not have a world economy these days, if you could not transfer a file from one place to another, be it you know, web or just applications or just companies transferring files from one place to another. At the same time, that's how you pirate movies. You know, you transfer files from one side to the other. So yeah, it'll be interesting to see how that all works out.

Wackadoodle - petfluencers, drone rescues and Rolls Royce real estate

So that brings us to this week's wackadoodle. Speaking of strange things, this week in the news was a story about influencers, many of whom are on Instagram, who have become famous by talking about their pets, who apparently are called petfluencers, which to me, that's a wackadoodle thing right there, to give them the name of petfluencers. So these petfluencers are doing something that even a few years ago would not have been possible, much less getting to be fairly common. Wanna take a guess?

Eric Gregory: Oh, no. Live streaming their pets visits to the vet?

Nick Chase: Nope. Let's say that you are a petfluencer, and you have made your living talking about your dog. You've been doing this since your dog was a puppy and your dog passes on. Well, what do you do?

Eric Gregory: I see where this is going?

Nick Chase: Tell me where it's going.

Eric Gregory: Well, I suppose you get a new dog that looks a lot like that old dog. You pull the time-worn trick that maybe some parents have pulled and say look, it's still Spot just like normal.

Nick Chase: Close but no cigar. They are cloning their pets.They are getting animals that look exactly like their old pets. It's interesting that you can do this now. This is something that apparently you can now do as a member of the public. You can clone your pets.

Eric Gregory: If you are a member of the petfluencer elite.

Nick Chase: Well, yes, it's not. It is not cheap. It is not cheap. It does. It is expensive. It costs anywhere between 35,000 and 50,000 dollars. So apparently it's very similar to in vitro fertilization, it’s just with one cell rather than a mommy and daddy.


In other pet news, this week we heard about a dog who was rescued from drowning in a marsh by what?

Eric Gregory: A drone.

Nick Chase: Yes, that is true. But the drone did not pick up the dog, because that would have to be a very big drone. What did the drone do?

Eric Gregory: I'm going to go with the cutest possibility which is that it delicately installed the scuba equipment on the dog.

Nick Chase: Okay, I would pay money to see that. No. The drone dangled a sausage to lure the dog out of the marsh. Apparently a dog was in this marsh area and in order to get out before the tide completely rushed in, it had to go through this incoming water, and so in order to distract the dog, they dangled a sausage from a drone and lured the dog out of the marsh. So there you go. So kudos to them. So that's the answer

Eric Gregory: That justified the existence of drones right there.

Nick Chase: And then our last question, a last question for you. Rolls Royce is looking for space in the UK to build what?

Eric Gregory: I want to keep with the pet theme. So an augmented reality cat cafe.

Nick Chase: An augmented reality cat cafe.

Eric Gregory: With car relevance somehow. A drive through.

Nick Chase: A drive thru augmented reality cat cafe? You're right! No you're not. No, they are building mini nuclear reactors. Currently, Rolls Royce is building mini nuclear reactors, which that they're building a factory for these mini nuclear reactors which can be put together modularly in order to reduce the price of electricity generation. Yes. So there we go. Alright, so that brings us to the end of wackadoodle for today and also the end of today's news.

Thanks for reading! Nick and Eric's next broadcast will be this Thursday, February 2 at 10am PST. Register here on LinkedIn.

Choose your cloud native journey.

Whatever your role, we’re here to help with open source tools and world-class support.

GET STARTED
NEWSLETTER

Subscribe to our bi-weekly newsletter for exclusive interviews, expert commentary, and thought leadership on topics shaping the cloud native world.

JOIN NOW
Mirantis logo

900 E Hamilton Avenue
Suite 650
Campbell, CA 95008
+1-650-963-9828

Privacy Policy

Do Not Sell My Information

UK Modern Slavery Act Statement

Sitemap

Digital Self-Determination
Services
Platform
Company

© 2005 - 2024 Mirantis, Inc. All rights reserved. “Mirantis” and “FUEL” are registered trademarks of Mirantis, Inc. All other trademarks are the property of their respective owners.