Operations | Monitoring | ITSM | DevOps | Cloud

Writing software is hard. Balancing the demands of shipping with assuring quality presents challenges. Also, you must have an eye on keeping code readable and maintainable. It’s not easy. Beyond mere development, maintaining a running application is still harder. Serving users requires responding to problems in a timely fashion. In order to respond to problems, you need to know they exist. In short: writing software is hard; running software is often harder. And that’s why we monitor.

2019 has been a great year for cloud native technologies. This year we launched the world's first managed Kubernetes service back-ended by Rancher's k3s distribution, opened the #KUBE100 beta, and watched our users create some really neat things on our platform. To that end, we wanted to highlight some of our top posts from the wider Civo community, and posts that showcase the exciting state of play of the cloud native landscape at the moment.

If you are a developer, a systems administrator, you work in the information technology sector or you are simply a technology enthusiast who has ever deployed some type of application, surely you will have faced the same problem we all ran into. If you are thinking of dependencies, bingo!

Kubernetes has become the de-facto solution for container orchestration. While it has, in some ways, simplified the management and deployment of your distributed applications and services, it has also introduced new levels of complexity. When maintaining a Kubernetes cluster, one must be mindful of all the different abstractions in its ecosystem and how the various pieces and layers interact with each other in order to avoid failed deployments, resource exhaustion, and application crashes.

Two malicious Python libraries, jeilyfish (with a capital i and a lowercase L in the original name) and python3-dateutil, were detected on PyPI (Python Package Index) on December 1st. They were typosquatting similar named legitimate libraries jellyfish (with a double lowercase L) and python-dateutil libraries, a malicious technique aiming to trick developers to use the similar named modified libraries.

Organizations are rapidly moving more and more mission-critical applications to Kubernetes (K8s) and the cloud to reduce costs, achieve faster deployment times, and improve operational efficiencies, but are struggling to achieve a strong security posture because of their inability to apply conventional security practices in the cloud environment. Commitment to cloud security grows, but security safeguards are not keeping up with the increased use of the various cloud platforms.