Our twenty-seventh issue of the Architects’ Newsletter focuses on multi-cloud and cloud-native application development. We believe these topics are vitally important, and these themes are visible, at every stage of adoption, in our latest DevOps and Cloud InfoQ Trends Report. Understanding all the emerging technologies, patterns, and techniques is essential for a modern software architect.

News

Pulumi 1.0: Reducing the Friction in Multi-Cloud Deployments

The release of Pulumi 1.0 was recently announced. This modern infrastructure-as-code (IaC) platform aims to reduce challenges associated with managing multiple cloud deployments. The solution includes consistent tooling, based on popular programming languages like TypeScript, JavaScript, Python and Go, in order to define infrastructure. In addition to SDK support, Pulumi also provides a SaaS Management console for configuring identities, organizations, and policies.

Pulumi provides support for the major public cloud providers, including Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). But, Pulumi is not the only startup trying to address the challenges associated with multi-cloud deployments. HashiCorp recently released Terraform Cloud, which seeks to solve many of these same problems.

As we noted in our recent programming language trends report, we’re seeing growing interest in infrastructure-focused languages, with Pulumi, Terraform, and Dark competing in this space — albeit providing different programming abstractions. We’ll be exploring languages of infrastructure with a dedicated track at QCon San Francisco.

Improving Security in the Cloud: Q&A With Christopher Gerg

Developers and IT leaders say security is a top priority. Survey after survey show — it’s easy to say and hard to do. To shine a light on effective security practices in the cloud age, InfoQ recently spoke with Christopher Gerg, the CISO at Gillware, a data recovery and digital forensics company.

Key takeaways included:

• Good security needs to be designed and built into applications and infrastructure from the start,not bolted on after the fact.
• Leverage some of the service offerings at the cloud provider, and recognize that the security fundamentals — network segregation, patches and updates, monitoring and alerting, authentication and authorization, encryption, and anti-malware — stay the same.
• Don't fall in love with advanced security tools if you haven't mastered the fundamentals like patch management.

Readers interested in this topic should read this recent article: “Three Major Cybersecurity Pain Points to Address for Improved Threat Defense”

Azure Sentinel, a Cloud Native SIEM, Now General Availability

As InfoQ recently reported, Microsoft has announced the general availability of Azure Sentinel, a Security Information and Event Management (SIEM) service in Azure, that provides customers with intelligent security analytics across their enterprise. In March this year, InfoQ reported on the first announcement of Azure Sentinel, which used machine learning and artificial intelligence (AI) to analyze incoming data, and detect and adapt to evolving threats. Since then, more than 12,000 customers have joined the preview program, and Microsoft has continued investing in the service, for example, by providing more than 100 built-in alert rules, and the provision of a new alert wizard to create custom rules.

Google Releases Cloud Dataproc for Kubernetes in Alpha

Google Cloud Dataproc is an open-source data and analytic processing service based on Hadoop and Spark. The Cloud Dataproc service has been generally available for over three years, and now offers preview access to running Spark jobs on Google Kubernetes Engine (GKE). Typically, Spark applications run on Hadoop YARN clusters, however, with Cloud Dataproc for Kubernetes, users will have one central view that can span both YARN and Kubernetes clusters, and they don’t need to manage them separately.

Amazon Updates S3 Service with Same-Region Replication

Amazon recently introduced a new option to its cloud storage service, S3 — Same Region Replication (SRR). With this new option in S3, customers can create a replica of their uploaded data in the same region, but in a different S3 bucket. S3 Replication goes beyond simply creating a copy; it allows engineers to switch accounts, switch storage classes, and conduct other operations on the replica.

Case Study

Open Core Summit: The Value of Cloud and Commercial Open-Source Software

Key takeaways and opinions from the inaugural Open Core Summit (OCS), held in San Francisco, include:

• The relationship between cloud computing and commercial open-source software is an “and” relationship, rather than “versus”
• Open core is a business model, and should not be confused with open-source software
• Open core companies build on the foundation of open source and extract a small amount of the total value they create.

As reported in the pre-event Q&A with OCS founder Joseph Jacks, the event’s aim is a meeting and learning place for industry participants, to share experiences and ideas around commercial open-source software. Jacks and Bruce Perens, partner at OSS Capital and one of the founders of the open-source software movement, opened the event, by stating that although there is a lot of discussion focused on cloud vendors versus commercial open-source software (COSS), this should be refocused on “cloud and COSS,” as the two are not in direct conflict.

Perens provided a brief overview of the history of open-source software, and explored the opportunities this movement has provided to individuals and organisations. He said, “most companies would spend a billion dollars to build the brand that the open-source software movement has,” and argued that open-core companies build on the foundation of open source, and extract a smaller amount of value than the total value they provide to society.

Although the concept of open core is largely understood across the industry, it has proven to be somewhat controversial, as many developers don’t consider the business model to be compatible with the original ideas of free, open-source software (FOSS). The history, benefits, and some of the controversy of open core was explored in more detail throughout the day, via talks from a number of eminent members of the open-source community and industry, and also via Twitter conversations involving open-source luminaries.

This is an excerpt of a full OCS conference report that can be found on InfoQ.

To get notifications when InfoQ publishes content on these topics follow “Cloud,” “Cloud Computing,” and “Cloud Architecture” on InfoQ.

Missed a newsletter? You can find all of the previous issues on InfoQ.

This edition of The Software Architects' Newsletter is brought to you by:

What Belongs in a Container?

There’s no technical reason you can’t run as many processes as you want to inside a container: you could run a complete Linux distribution, with multiple running applications, network services, and so on, all inside the same container. This is why you sometimes hear containers referred to as lightweight virtual machines. But this isn’t the best way to use containers, because then you don’t get the benefits of resource isolation. If processes don’t need to know about each other, then they don’t need to run in the same container. A good rule of thumb with a container is that it should do one thing.

InfoQ strives to facilitate the spread of knowledge and innovation within this space, and in this newsletter we aim to curate and summarise key learnings from news items, articles and presentations created by industry peers, both on InfoQ and across the web. We aim to keep readers informed and educated about emerging trends, peer-validated early adoption of technologies, and architectural best practices, and are always keen to receive feedback from our readers. We hope you find it useful, but if not you can unsubscribe using the link below.

Forwarded email? Subscribe and get your own copy.