Member post originally published on Sysdig’s blog by Nigel Douglas The recent discovery of a backdoor in XZ Utils (CVE-2024-3094), a data compression utility used by a wide array of various open-source, Linux-based computer applications, underscores the importance of open-source software security. While it is often not consumer-facing, open-source software is a critical component of computing and internet functions, such as secure communications between machines. Open source software (abbreviated as OSS) has become a cornerstone of the tech industry, influencing everything from small ..read more

Member post originally published on Netris’s blog Let’s face it: The world of open source software can feel boring – in a good way. Open source has become so pervasive, and so deeply entrenched within modern software stacks and ecosystems, that it’s easy not to think much about it. The era of AI, cloud and big data is here – and now, more than ever, open-source is playing a critical role. Yet the recent roundtable discussion that Netris hosted with Kelsey Hightower was a reminder that there is still plenty of change afoot for open source software and everyone who uses it ..read more

Member post originally published on Katalyst’s blog In the previous post[1], we introduced Katalyst – a QoS-based resource management system that helps ByteDance improve resource efficiency through colocation of online and offline workloads. In the colocation scenario, memory management is a crucial topic. On the one hand, when memory is tight on nodes or containers, the performance of the application may be affected, leading to issues like latency jitter or OOM (Out of Memory) errors. In colocation scenarios, where memory is overcommitted, this problem can become more severe. On the other han ..read more

Community post originally published on Medium by Ryan Gough and Majid Att This year, we (JYSK tech) took to Paris to attend KubeCon + CloudNativeCon Europe 2024. After three days of talks, networking and workshops. We put together a small list of observations that carry us forward into the Cloud Native realm. JYSK is a CNCF End User member, which means we are able to observe the community and contribute to shaping the cloud native technologies that are at the core of our operational infrastructure. Our team was particularly impressed with the evolution of the Kubernetes ecosystem, r ..read more

Member post originally published on Greptime’s blog by Tison Nowadays, typing is a nearly daily occurrence for most people. Interestingly, your typing habits may vary significantly from what you might assume. Below, you’ll find a dashboard that provides a visualization of my own typing tendencies. It’s expected that I always use Key.space to confirm my inputs and Key.cmd + Key.tab to switch between windows since I have only one displayer. But it’s surprising that I type Key.cmd + v much more frequently than type Key.cmd + c, and I keep unconsciously typing&n ..read more

Project post by Cloud Custodian maintainers The Cloud Custodian maintainers are happy to complete a successful security audit with Ada Logics. The Open Source Technology Improvement Fund (OSTIF) facilitated this audit, which was generously funded by the Cloud Native Computing Foundation (CNCF). This audit marks a significant step in our ongoing commitment to strengthening the security posture of Cloud Custodian. Over the years, Cloud Custodian has become the de-facto standard for cloud governance. The project allows you to codify and automate all aspects of governance, including operation ..read more

Community post originally published on Medium by Maryam Tavakkoli This year, I had the opportunity to attend KubeCon + CloudNativeCon Europe in Paris. While this marked my second in-person KubeCon attendance, it was my first experience as an ambassador and a member of the community (You can find insights into my first KubeCon 2023 experience here.). In this article, I aim to summarize my experiences and observations from the event, hoping to offer insights into the dynamic world of cloud-native technology and community collaboration. Cloud Native Rejekts I have not yet attended the ..read more

Member post by Jake O’Donnell, Logz.io Data volumes are soaring. Environments are increasingly intricate. The risk of applications and systems encountering breakdowns is sky-high, and the mean time to recovery (MTTR) for production incidents is moving in the wrong direction.  Disruptions not only jeopardize critical infrastructure but also have a direct impact on the bottom line of organizations. Swift recovery of affected services becomes paramount, as it directly correlates with business continuity and resilience. MTTR is a pivotal metric for observability. It serves as a barometer of a ..read more

Project post by Yufei Chen, Miao Hao, and Min Huang, Dragonfly project This document will help you experience how to use dragonfly with TritonServe. During the downloading of models, the file size is large and there are many services downloading the files at the same time. The bandwidth of the storage will reach the limit and the download will be slow.  Dragonfly can be used to eliminate the bandwidth limit of the storage through P2P technology, thereby accelerating file downloading. Installation By integrating Dragonfly Repository Agent into Triton, download traffic through Dragonfly to ..read more

 Community post by Anup Ghatage Log messages are essential for debugging and monitoring applications, but they can often be overly verbose and cluttered, making it difficult to quickly identify and understand critical information. This is especially true in large codebases with multiple contributors over time, leading to inconsistencies in log line formats, lengths, and language due to employee churn and transient open-source contributions. Most organizations are ‘AI curious’ in terms of using it to solve some of their existing workflows and problems, but have the common conundrum: It is ..read more