Cloud Native and Industry News - Week of January 31, 2022
To join Nick and Eric next Wednesday, February 9, at 1:00pm EST/10:00am PST, register here.
Topics covered this week include:
- Mirantis Container Cloud 2.15 released
- Grace period for Docker Desktop ends
- Rancher Desktop 1.0 released
- Prometheus 2.33 released
- MariaDB goes public
- India proposes 30% tax on crypto and NFT income
- Sysdig report finds major gaps in container security
Mirantis Container Cloud 2.15 released
Eric Gregory: This week we released Mirantis Container Cloud 2.15. In addition to a new and upgraded product tour to ease onboarding for new and existing users, this new version boasts several important features, including expanded configuration options for upgrade and maintenance scheduling and an API for putting machines into maintenance mode. The maintenance upgrades in particular really come together to give users more control over maintenance processes, so they can tailor scheduling to their specific needs in a fine-tuned, granular way.
Grace period for Docker Desktop ends
Out in the wider cloud-native world, the big news this week was forecast almost six months ago, as the grace period for free institutional use of Docker Desktop came to an end. This comes after Docker Inc’s announcement last August that they were updating their subscription tiers so that Docker Desktop would be free only for personal or educational use, non-commercial open source projects, or small businesses, which they define as less than 250 employees and less than $10 million in revenue.
While last summer’s announcement caused a great deal of furor online, the primary impact here is for large businesses, some of which were using Docker Desktop for ill-advisedly critical production purposes. Now large companies need to make a final decision on whether to purchase organizational subscriptions or not.
Rancher Desktop 1.0 released
SUSE hopes to complicate the decision with its 1.0 General Availability release of Rancher Desktop this week. Like Docker Desktop, Rancher Desktop is a container management platform operated through a graphical user interface. But Rancher Desktop places an emphasis on the management of Kubernetes environments for local development and testing, making it more analogous in some ways to minikube, though of course using Rancher’s k3s distribution by default.
Prometheus 2.33 release
In other release news, monitoring tool Prometheus hit 2.33. Headline features are mostly promotions of existing features, including the remote write receiver being promoted to stable, and the PromQL query language now being able to use absolute timestamps for selections, both very useful features to have a little more reliably in hand.
MariaDB goes public
Speaking of databases, the open source relational database MariaDB saw a different sort of release this week as the MariaDB Corporation announced an IPO through a SPAC. As MariaDB is a fork of MySQL, this will mark the second time developer Michael Widenius’ core technology has gone public.
India proposes 30% tax on crypto and NFT income
Over the past few weeks we’ve discussed a number of stories dealing with 1) blockchain or 2) tech regulation. India is helping us to bring those threads together this week, with an announcement from Finance Minister Nirmala Sitharaman that the country proposes to tax income from cryptocurrency, NFTs, and other “virtual assets” at 30%. According to Sitharaman, “The magnitude and frequency of [cryptocurrency] transactions have made it imperative to provide for a specific tax regime.”
For some international context, the United States taxes cryptocurrency as “property” like assets such as stock or gold. The tax rate on capital gains in the U.S. varies depending on factors like household composition, income bracket, and how long you’ve held the cryptocurrency, maxing out at a rate of 20%. Policies differ across the EU, at present, and China, by contrast, has banned all private cryptocurrency transactions, instead adopting a central bank digital currency which it says has been used in over 3 million transactions.
India likewise aims to launch a central bank digital currency (or CBDC) after experimenting with it in limited trials. In addition to the discussion of taxing cryptocurrency, Sitharaman announced that India would aim to roll out the CBDC before 2023.
Sysdig report finds major gaps in container security
Shifting gears to Security, Container security firm Sysdig published a report on the container security landscape with some revealing conclusions. Among the headlines was the finding that 85% of container images running in production include at least one known vulnerability, and 75% of those are rated high or critical.
In addition, the report found that fewer than half of container images going into production are ever scanned for vulnerabilities, and over 75% are running as root.
How can this be addressed? As we’ve seen in a multitude of contexts, solving a big, distributed problem by trying to change attitudes is challenging. It’s likely part of the answer, but it’s slow going—and in the meantime, we still have that big problem. In the short term, addressing security gaps will likely require more automated security processes, and tight CI/CD integration for security tools, so we can secure an environment where developers can work quickly and creatively.