KubeCon + CloudNativeCon Europe 2024 is taking place from today until Friday in Paris, France. The event is an annual gathering of Kubernetes operators that is put on by the CNCF and Linux Foundation.
The CNCF has announced updates to some of its projects, and a number of vendors also released new things at the event.
Here are a few highlights:
Istio 1.22 adds ambient mode as beta feature
Ambient mode can be used as an alternative to sidecars, which reduces memory and CPU usage by over 90% in certain cases, according to the CNCF.
Ambient mode features in beta currently include a secure overlay layer with mutual TLS, Layer 4 authorization policies, and integration between the L4 secure overlay and L7 waypoint proxies. The implementation of L7 waypoints is currently an Alpha feature that is expected to be moved to Beta soon.
OpenTelemetry adds profiling support
Profiling allows for dynamic inspection of application code behavior and performance at runtime. Profiling data can be stored, queried, and analyzed over time, and this allows teams to gain insights into things like resource utilization or user experience across services.
“OpenTelemetry’s profiling signal expands upon the work that has been done in this space and, as a first for the industry, connects profiles with other telemetry signals from applications and infrastructure,” the CNCF wrote in a blog post.
wasmCloud 1.0 is released
The main highlight of this release is that Wasm Component Model and WASI 0.2 are being introduced to production environments.
Other key features include support for components of all languages via custom build commands, a new protocol for interacting with distributed components over networks (wRPC), support for OpenTelemetry logs and metrics, a lattice for automatic load balancing and immediate failover, and declarative orchestration.
Red Hat OpenShift 4.15, Quay 3.11, Podman Desktop 1.8, and Advanced Cluster Security 4.4
Red Hat released several product updates at the event. OpenShift 4.15 was announced with several updates, including OVN IPsec support with external providers, an updated networking observability dashboard with new metrics, Admin Network Policy, and more.
Quay 3.11’s updates are mainly related to permission management and image lifecycle automation. These include team sync with OIDC groups, pruning policies at the repository level, a new UI with easier access to features, AWS STS support, and operator enhancements.
Podman Desktop 1.8 includes additions like new learning guides, streamlined onboarding, and advanced Kubernetes support. And finally, Advanced Cluster Security 4.4 includes features around increasing consistency of scan results, strengthening security posture management, and automated security features.
Solo.io releases Spotlight Developer Platform
The Spotlight Developer Platform is an internal developer platform (IDP) based on the open-source project Backstage.
It provides benefits like tool discovery, CI/CD integration, curated Backstage plugins, standardized service creation, multi-cluster compatibility, an insights engine, and more.
Sonatype launches SBOM Manager
The SBOM Manager makes it easier to create and share SBOMs. It offers features like third-party ingestion, monitoring for policy violations and vulnerabilities, and SBOM storage.
“As the landscape of software development and distribution continues to evolve, so too do the challenges associated with managing software components and vulnerabilities in your software, as well as the vendors you use,” said Mitchell Johnson, chief product development officer at Sonatype. “Sonatype’s SBOM Manager was developed with a deep understanding of these challenges, offering a seamless solution for organizations to not only comply with emerging regulations but also enhance their overall software security posture by providing greater transparency and control.”
Mend.io releases Mend Container
Mend Container allows Mend SCA to be used in production environments. It extends the feature set to include identification of what vulnerable files and methods are being called, secrets detection, Kubernetes cluster scanning, and comprehensive security coverage across containers.
“While cloud-native development brilliantly solves problems related to scalability and effective resource use, it also results in increased complexity and new security challenges that traditional AppSec tools can’t solve,” said Rami Sass, co-founder and CEO of Mend.io. “But when 94 percent of all companies worldwide use cloud software, securing container-based applications has never been more important. That’s why we’re excited to announce the launch of Mend Container.”
New Relic offers native support for OpenTelemetry and Prometheus
According to New Relic, this will enable companies to “instrument Kubernetes clusters and hosts using the OpenTelemetry collector and Prometheus Node Exporter in a single step.” Along with this new support, the company is also updating the UI to make it easier to interact with those services from the New Relic Dashboard.
“Open source frameworks like OpenTelemetry are an integral part of the tech stack, and that reliance continues to grow. Most observability platforms only offer primitive support for these tools. There needs to be a shift in the industry to meet developers where they are,” said Manav Khurana, chief product officer at New Relic. “We saw this coming and as a result, we are miles ahead of other observability platforms by offering native support for OpenTelemetry in our platform. With this launch, we simplified observability for engineers using OpenTelemerty and Prometheus so they can spend less time on instrumentation, setup and troubleshooting and more time on what matters most to them – shipping code and driving innovation.”
Kubecost 2.2 released with sustainability features
With this latest update, Kubecost offers Carbon Cost Monitoring to enable energy audits and measure environmental cost, which can help companies make more informed decisions.
It also features monitoring of Datadog costs and a disk autoscaler that dynamically adjusts to optimize utilization and keep costs down.
Tigera Calico Cloud enhancements
The solution now provides a Security Score and recommended actions. This helps companies assess risk and prioritize what they need to focus on first.
Other new features include advanced logs for endpoints, the ability to use webhooks to monitor security events, and load balancing for egress traffic.
“As Kubernetes evolves into a nucleus of organizations’ tech stacks, it has become critical to proactively pinpoint where gaps in security posture exist, and quickly remediate before bad actors can strike,” said Amit Gupta, chief product officer at Tigera. “The advancements to Calico further support organizations on this mission, delivering the deep context and insights required to mitigate risk in these highly complex environments.”
Logz.io survey reveals that only 10% of companies are using full observability
The company revealed the results of its 2024 Observability Pulse Report at the event, where it found that observability is still an emerging practice for a majority of organizations.
One of the top reasons they found for lack of adoption is lack of knowledge among the team. Another challenge is that many companies are being alerted from imprecise technical drivers instead of following a strategic approach to alerting.
Other findings is the MTTR is going up, OpenTelemetry-centric tooling is important to observability strategies, and many organizations are exploring platform engineering models for observability.