Despite all of the valuable technology products available today on the cloud, many corporations who are considering migrating to the cloud have concerns. And one of the primary issues is vendor lock-in.

For starters, vendor lock-in means a condition where the price of switching to another vendor is so high that the customer is stuck with the first vendor. Because of budgetary pressures, an inadequate workforce, or the necessity to avoid obstructions to business operations, the customer is locked-in to what may be a substandard product or service.

Today, many companies have no dedicated servers or dedicated capacity and are priced according to the compute capacity consumed by them. In theory, cloud workloads can be moved from one public cloud provider to another, but it would be a complicated task by embedding a company into a single public cloud infrastructure limits the ability to change vendors.

If a vendors quality of service declines, or never meets the desired threshold, to begin with, the client will be stuck with it. The vendor may also drastically change their product offerings in such a way that they no longer meet business needs. Finally, a vendor may impose massive price increases for the service, knowing that their clients are locked in.

Vendor lock-in that comes in with cloud platforms like AWS, Google and Microsoft, among others, which provide machine-learning-as-a-service (MLaaS) can act as a roadblock to some enterprises.

Choosing the correct vendor or cloud-based analytics can help companies to avoid massive costs and gain benefits in the long run.

The fact is that vendors can make decisions that are in line with the goals of their customers, especially those companies that are small or use cloud products in very niche applications and use cases. But public cloud vendors (Amazon, Microsoft, and Google) are so huge that it is quite unlikely they will make decisions that negatively impact a large number of users.

Companies are always worried about the safe and secure portability of data and workloads across different cloud environments. Today open-source data solutions such as MongoDB, Apache Hadoop, Apache Kafka, etc. have emerged to give a great answer to the big data problem and helped companies escape the draconian pricing of traditional cloud vendor lock-ins.

Lets say if a company has an entire data lake and analytics solution on a public cloud platform for a particular region and needs to deploy that solution to another cloud. Implementing this solution on a separate cloud platform would demand a lot of re-work. Therefore, a large number of companies are now exploring flexibility to implement their solutions on any of the widely accessible public or private cloud platforms.

But despite many of the platforms having APIs and open-source connectivity, frameworks are generally inflexible. For example, data scientists can use AWS Sagemaker as the tool to use for training and deploying models. Sagemaker promises to cut in training and deployment time by handling all the infrastructure but runs exclusively on AWS. This may not be a problem if you run your business on AWS, but if new products or tools are offered on other public clouds, there is no way to access them.

There are also many companies, particularly startups which provide solutions for streamlining operations across various servers, cloud and containers, by providing a transparent platform built to work across multiple clouds. For instance, Cloud Foundry, a container-based architecture that runs apps in any programming language, helps users deploy, and manage high-availability Kubernetes clusters with its open-source project BOSH on any cloud. The project can help decouple applications from infrastructure, so users can host workloads on-premise, in public clouds, or in managed infrastructures.

Cloud giants too, have introduced solutions that may help escape vendor lock-ins. For example, by using Anthos from Google, companies can manage their cloud data workloads across multi-cloud, so that a particular cloud provider does not restrict developers and data scientists.

Home How Vendor Lock-in Works In Analytics And How To Avoid It

Customers today have alternatives to proprietary tools with advances in open source software technologies, along with a range of as-a-service capabilities that can remake traditional IT. Projects like Apache Kafka, Apache Spark and Kubernetes are widely accessible as a service on the large cloud platforms. This convergence of open source and proprietary platforms is one of the ways to avoid vendor lock-in in todays era.

Open source is the king. It is perfectly fine to augment whatever you are doing with proprietary tools, but do not be too dependent on them and do learn how to do it without relying on a single vendor.

In a recent survey by Anaconda, it found that developers and data scientists value open source so they can get work done right away. It also suggested that many responders believe open source helps prevent vendor lock-ins in data science. An open cloud architecture helps prevent vendor lock-ins and makes it simpler to operate with various analytics services.

With the fight over cloud becoming intense, and users trying to avoid the situation of cloud lock-ins, cloud companies themselves are increasingly turning to open-source container technologies and providing them via managed containers. Growth and acceptance of containers have a positive impact on big data analytics and vice versa as they can process and manage vast amounts of data from disparate sources on the cloud via managed containers.

In recent years, Kubernetes has appeared as a gold-standard of implementing cloud-native yet cloud-agnostic solutions. It is paving the way for innovation across the cloud infrastructure domain. Containers and microservices make the development process simple and render other benefits, like decreasing the complexity of running and updating apps and advancing the consistency linking testing and production environments.

comments

Originally posted here:
How Vendor Lock-in Works In Analytics And How To Avoid It - Analytics India Magazine

Latest collaboration showcases how Ironic open source software delivers abstraction and automation for container workloads including production case studies.

AUSTIN, Texas (PRWEB) July 20, 2020

Today, the Ironic community published a white paper that highlights the scope, growth and maturity of the bare metal provisioning software. The white paper was developed by more than 26 contributors over 12 months and details all aspects of bare metal provisioning and lifecycle management via the OpenStack project. It provides information on performance, security, compliance and stack independence, as well as non-virtualizable resources associated with bare metal.

The white paper is a deep dive into the tools, clients and automation that demonstrate how the mature Ironic software delivers stable, production-proven bare metal compute instances, a popular option for deployment of container-based workloads because bare metal avoids the overhead and performance penalties common with full-featured hypervisors such as KVM.

*** Download now: "Building the Future on Bare Metal: How Ironic Delivers Abstraction and Automation using Open Source Infrastructure" here: https://www.openstack.org/bare-metal/how-ironic-delivers-abstraction-and-automation-using-open-source-infrastructure

Ironic Case Studies Highlighted

The white paper includes case studies from users including StackHPC, SuperCloud, Red Hat, VEXXHOST and more. Use cases highlighted in these stories include:

Julia Kreger, Ironic Project Team Lead, recalled an anecdote about hearing first-hand about the value of the Ironic software: "At a conference a few years ago, I sat down to dinner next to someone I did not know. He started to tell me of his job and his long hours in the data center. He asked me what I did, and I told him I worked as a software engineer in open source. And he started talking about some tooling he recently found that took tasks that would normally take nearly two weeks for racks of servers, to just a few hours. He simply glowed with happiness because his quality of life and work happiness had exploded since finding this Bare Metal as a Service tooling called Ironic. As a contributor, this is why we contribute. To make those lives better."

The paper explores how the Open Infrastructure community has addressed the bare metal provisioning problem with entirely free open source software. It discusses the issues operators face in discovering and provisioning servers, how the OpenStack community has solved these issues with Ironic and the future of open infrastructure and hardware management, emphasizing the necessity of open source and the value of contributors continuing to build on top of strong foundations. For operators interested in deploying Ironic, they select a partner from the dozens of vendors in the Ironic Bare Metal Program.

About the OpenStack Foundation and Ironic

Ironic is an open source project that fully manages bare metal infrastructure and is part of OpenStack. The OpenStack Foundation (OSF) supports the development and adoption of open infrastructure globally, across a community of over 100,000 individuals in 187 countries, by hosting open source projects and communities of practice, including datacenter cloud, edge computing, NFV, CI/CD and container infrastructure.

###

For the original version on PRWeb visit: https://www.prweb.com/releases/openstack_community_delivers_future_of_bare_metal_white_paper_details_maturity_and_adoption_of_ironic_bare_metal_as_a_service/prweb17269256.htm

Read more:
OpenStack Community Delivers Future of Bare Metal: White Paper Details Maturity and Adoption of Ironic Bare Metal as a Service - Benzinga

Linux Foundation Public Health launches with open source exposure notification apps being deployed in Ireland, Canada, and multiple U.S. states

SAN FRANCISCO, July 20, 2020 /PRNewswire/ -- The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today launched a new initiative to use open source technologies to help public health authorities (PHAs) around the world combat COVID-19 and future epidemics. The new Linux Foundation Public Health (LFPH) initiative is launching with seven Premier members Cisco, doc.ai, Geometer, IBM, NearForm, Tencent, and VMware and two hosted exposure notifications projects, COVID ShieldTM and COVID GreenTM, which are currently being deployed in Canada, Ireland, and several U.S. states.

LFPH will initially focus on exposure notification applications that use the Google Apple Exposure Notification (GAEN) system and will be expanding to support all aspects of PHA's testing, tracing, and isolation activities.

"To catalyze this open source development, Linux Foundation Public Health is building a global community of leading technology and consulting companies, public health authorities, epidemiologists and other public health specialists, privacy and security experts, and individual developers," said Dan Kohn, LFPH general manager. "While we're excited to launch with two very important open source projects, we think our convening function to enable collaboration to battle this pandemic may be our biggest impact."

COVID Shield was developed by a volunteer team at Shopify and is in the process of being deployed in Canada. COVID Green was developed by a team at NearForm as part of the Irish Government's response to the pandemic. Since being deployed by Ireland's Health Services Executive two weeks ago, it has achieved extraordinarily high adoption of over 1/3rd of the country's adults. Both apps are available for other PHAs and their IT partners to use and customize and will soon be joined by other open source projects hosted by LFPH. Covid Watch, Kiel University of Applied Sciences, and US Digital Response have also joined as nonprofit associate members.

"During this grave global crisis, I'm committed to having all parts of the Linux Foundation community support LFPH," said Linux Foundation executive director Jim Zemlin. "Open source provides an architecture for global collaboration and that's what's needed to build, secure, and sustain critical components of our stressed public health infrastructure. The Linux Foundation has long enabled cross-industry collaboration in over a dozen verticals and Dan Kohn, who led the Cloud Native Computing Foundation to rapid growth that defined a multi-billion dollar industry, is an ideal choice to lead this effort."

Particularly in the U.S., PHAs have suffered from decades of underinvestment and urgently need to scale their capabilities to engage with the entire public during the worst pandemic in a century. Many companies and individuals in the technology industry are eager to assist PHAs in meeting these challenges and LFPH provides a forum and toolset for them to engage in constructive ways.

"We are pleased to contribute COVID Green, the open source code behind Ireland's COVID Tracker app, to LFPH," said Fran Thompson, Chief Information Officer of Ireland's Health Service Executive. "This app is a great demonstration of innovation within the Irish health sector combined with the IT capabilities of the Irish software industry. We're immensely proud of the work we've undertaken in partnership with NearForm in responding to the pandemic. We are looking forward to collaborating with other public health authorities around the world via LF Public Health to assist them in quickly replicating our approach while learning from their experiences."

COVID Shield was developed by a volunteer team of more than 40 developers from Shopify, along with members of the Ontario and Canadian Digital Services. While not an official Shopify project, the efforts were supported by Shopify CEO Tobi Ltke. "We're very happy to host COVID Shield with LFPH and we welcome contributions from other developers to make it as easy as possible for PHAs to get started with exposure notifications," said Aaron Olson, COVID Shield volunteer.

In addition to COVID Shield and COVID Green, an earlier cross-industry collaboration effort, the TCN Coalition, is merging into LFPH. The TCN Coalition is a global community of technologists supporting the development of privacy-preserving and cross-compatible exposure notification apps during the COVID-19 pandemic. Initially founded to ensure cross-border interoperability and to reduce duplication of development efforts, the TCN Coalition has evolved to include supporting public health authorities in their engagements with app-building teams and IT providers.

"The leadership and members of TCN are proud to join forces with the Linux Foundation to establish the new LFPH initiative," said Andreas Gebhard, Co-Founder and COO of TCN Coalition. TCN Coalition Executive Director Jenny Wanger added: "This is a logical next step for the work we've been doing since our inception. We look forward to an even wider collaboration to help navigate this fast-moving and essential endeavor." Wanger is now serving as the Head of the Implementer's Forum for LFPH, where she coordinates implementation teams around the world that are building COVID-19 tools, while publicly documenting best practices.

Last week, LFPH gathered representatives from nearly every country building a GAEN app at its GAEN Symposium and will host similar events in the future as well as ongoing special interest groups focused on areas like user interface/user experience (UI/UX), localization, and security and privacy. LFPH has also developed a landscape (shown below) to allow tracking the open and closed source applications in the COVID-19 response ecosystem and the current status of application rollouts around the world. Information on participating in LFPH activities and/or joining as a member is at lfph.io.

Quotes from Founding Premier Members:

Cisco, Vijoy Pandey, VP, Emerging Technologies and Incubation:

"Cisco is proud to be a founding Premier member of this initiative and to contribute to this global effort to develop open source software to help fight the biggest pandemic in a century, by enabling open technology for public health. As we have experienced at Cisco many times, technology and open source communities do some of their best work when they collaborate on such a socially relevant common cause."

doc.ai, Walter De Brouwer, CEO:

"We're proud to be a founding member of this consortium and contribute our deep experience in the digital health ecosystem to better improve open-source software that will help public health authorities around the world combat this and future epidemics. As a digital health company, we realize the critical need for privacy-first infrastructure to lead the way in mobile health development and will bring that focus to our work with the Linux Foundation Public Health community."

IBM, Theodore Tanner, Global CTO and Chief Architect Watson Health:

"To meet the global challenge of COVID-19, the world must quickly come together and collaborate in innovative ways while applying best practices from past experience. IBM's commitment to open source communities spans over two decades, and during this worldwide pandemic we see real value in working with public health authorities and the larger healthcare ecosystem as part of Linux Foundation Public Health. IBM has resources to share supercomputing power, code, and AI and we look forward to taking an active role working with leaders across the industry to solve the complex challenges ahead."

NearForm, Cian O'Maidin, CEO:

"We are thrilled to be a part of the Linux Foundation Public Health consortium in partnership with the Irish Government. As the fulfillment of a lifelong goal to improve the lives of people across the world, our partnership across nations will enable the creation of a new connective tissue for public health where we can work as one team globally to fight COVID."

Tencent, Dr. Alexander Ng, Vice President, Tencent Public Health:

"Tencent is very glad to be a founding member of LFPH. We hope to improve global public health by participating in open-source initiatives for public health. Tencent is looking forward to bringing more value to the global society. Through open-source cooperation, Tencent will continue to advocate technology for social good."

VMware, Ajay Patel, senior vice president and general manager, Modern Applications Platform Business Unit:

"VMware believes in the power of open source software and open ecosystems to deliver incredible software to solve today's challenges. The charter of the LFPH aligns with our values, our mission, and our purpose and we are proud to be a founding member of this effort. We believe LFPH will ultimately help us rally and contribute key work VMware has been doing to date for customers around the world ranging from: mobile apps to integrate state response and communication; managing PPE inventory; back-to-work attestation and beacon systems; digital and human contact tracing using GAEN and non-GAEN approaches; integrating testing systems and more."

About Linux Foundation Public Health

Linux Foundation Public Health (LFPH) uses open source software to help public health authorities (PHAs) around the world combat COVID-19 and future epidemics. LFPH projects include COVID Shield being deployed in Canada and COVID Green, which has been deployed in Ireland. As more projects are contributed, LFPH will expand its scope into software support for all phases of PHA's testing, tracing, and isolation activities. LFPH is part of the nonprofit Linux Foundation. For more information, please visit lfph.io.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: http://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contact

Chad Torbin Linux Foundation Public Health pr@lfph.io +1-415-548-6536

View original content to download multimedia: http://www.prnewswire.com/news-releases/tech-leaders-and-health-authorities-from-around-the-globe-collaborate-to-combat-covid-19-301096039.html

SOURCE LF Public Health

Follow this link:
Tech Leaders and Health Authorities from Around the Globe Collaborate to Combat COVID-19 - FOX5 Las Vegas

LFPH will initially focus on exposure notification applications that use the Google Apple Exposure Notification (GAEN) system and will be expanding to support all aspects of PHA's testing, tracing, and isolation activities.

"To catalyze this open source development, Linux Foundation Public Health is building a global community of leading technology and consulting companies, public health authorities, epidemiologists and other public health specialists, privacy and security experts, and individual developers," said Dan Kohn, LFPH general manager. "While we're excited to launch with two very important open source projects, we think our convening function to enable collaboration to battle this pandemic may be our biggest impact."

COVID Shieldwas developed by a volunteer team at Shopify and is in the process of being deployed in Canada. COVID Green was developed by a team at NearForm as part of the Irish Government's response to the pandemic. Since being deployed by Ireland's Health Services Executive two weeks ago, it has achieved extraordinarily high adoption of over 1/3rd of the country's adults. Both apps are available for other PHAs and their IT partners to use and customize and will soon be joined by other open source projects hosted by LFPH. Covid Watch, Kiel University of Applied Sciences, and US Digital Response have also joined as nonprofit associate members.

"During this grave global crisis, I'm committed to having all parts of the Linux Foundation community support LFPH," said Linux Foundation executive director Jim Zemlin. "Open source provides an architecture for global collaboration and that's what's needed to build, secure, and sustain critical components of our stressed public health infrastructure. The Linux Foundation has long enabled cross-industry collaboration in over a dozen verticals and Dan Kohn, who led the Cloud Native Computing Foundation to rapid growth that defined a multi-billion dollar industry, is an ideal choice to lead this effort."

Particularly in the U.S., PHAs have suffered from decades of underinvestment and urgently need to scale their capabilities to engage with the entire public during the worst pandemic in a century. Many companies and individuals in the technology industry are eager to assist PHAs in meeting these challenges and LFPH provides a forum and toolset for them to engage in constructive ways.

"We are pleased to contribute COVID Green, the open source code behind Ireland's COVID Tracker app, to LFPH," said Fran Thompson, Chief Information Officer of Ireland's Health Service Executive. "This app is a great demonstration of innovation within the Irish health sector combined with the IT capabilities of the Irish software industry. We're immensely proud of the work we've undertaken in partnership with NearForm in responding to the pandemic. We are looking forward to collaborating with other public health authorities around the world via LF Public Health to assist them in quickly replicating our approach while learning from their experiences."

COVID Shield was developed by a volunteer team of more than 40 developers from Shopify, along with members of the Ontario and Canadian Digital Services. While not an official Shopify project, the efforts were supported by Shopify CEO Tobi Ltke. "We're very happy to host COVID Shield with LFPH and we welcome contributions from other developers to make it as easy as possible for PHAs to get started with exposure notifications," said Aaron Olson, COVID Shield volunteer.

In addition to COVID Shield and COVID Green, an earlier cross-industry collaboration effort, the TCN Coalition, is merging into LFPH. The TCN Coalition is a global community of technologists supporting the development of privacy-preserving and cross-compatible exposure notification apps during the COVID-19 pandemic. Initially founded to ensure cross-border interoperability and to reduce duplication of development efforts, the TCN Coalition has evolved to include supporting public health authorities in their engagements with app-building teams and IT providers.

"The leadership and members of TCN are proud to join forces with the Linux Foundation to establish the new LFPH initiative," said Andreas Gebhard, Co-Founder and COO of TCN Coalition. TCN Coalition Executive Director Jenny Wanger added: "This is a logical next step for the work we've been doing since our inception. We look forward to an even wider collaboration to help navigate this fast-moving and essential endeavor." Wanger is now serving as the Head of the Implementer's Forum for LFPH, where she coordinates implementation teams around the world that are building COVID-19 tools, while publicly documenting best practices.

Last week, LFPH gathered representatives from nearly every country building a GAEN app at its GAEN Symposium and will host similar events in the future as well as ongoing special interest groups focused on areas like user interface/user experience (UI/UX), localization, and security and privacy. LFPH has also developed a landscape (shown below) to allow tracking the open and closed source applications in the COVID-19 response ecosystem and the current status of application rollouts around the world. Information on participating in LFPH activities and/or joining as a member is at lfph.io.

Quotes from Founding Premier Members:

Cisco, Vijoy Pandey, VP, Emerging Technologies and Incubation:

"Cisco is proud to be a founding Premier member of this initiative and to contribute to this global effort to develop open source software to help fight the biggest pandemic in a century, by enabling open technology for public health. As we have experienced at Cisco many times, technology and open source communities do some of their best work when they collaborate on such a socially relevant common cause."

doc.ai, Walter De Brouwer, CEO:

"We're proud to be a founding member of this consortium and contribute our deep experience in the digital health ecosystem to better improve open-source software that will help public health authorities around the world combat this and future epidemics. As a digital health company, we realize the critical need for privacy-first infrastructure to lead the way in mobile health development and will bring that focus to our work with the Linux Foundation Public Health community."

IBM, Theodore Tanner, Global CTO and Chief Architect Watson Health:

"To meet the global challenge of COVID-19, the world must quickly come together and collaborate in innovative ways while applying best practices from past experience. IBM's commitment to open source communities spans over two decades, and during this worldwide pandemic we see real value in working with public health authorities and the larger healthcare ecosystem as part of Linux Foundation Public Health. IBM has resources to share supercomputing power, code, and AI and we look forward to taking an active role working with leaders across the industry to solve the complex challenges ahead."

NearForm, Cian O'Maidin, CEO:

"We are thrilled to be a part of the Linux Foundation Public Health consortium in partnership with the Irish Government. As the fulfillment of a lifelong goal to improve the lives of people across the world, our partnership across nations will enable the creation of a new connective tissue for public health where we can work as one team globally to fight COVID."

Tencent, Dr. Alexander Ng, Vice President, Tencent Public Health:

"Tencent is very glad to be a founding member of LFPH. We hope to improve global public health by participating in open-source initiatives for public health. Tencent is looking forward to bringing more value to the global society. Through open-source cooperation, Tencent will continue to advocate technology for social good."

VMware, Ajay Patel, senior vice president and general manager, Modern Applications Platform Business Unit:

"VMware believes in the power of open source software and open ecosystems to deliver incredible software to solve today's challenges. The charter of the LFPH aligns with our values, our mission, and our purpose and we are proud to be a founding member of this effort. We believe LFPH will ultimately help us rally and contribute key work VMware has been doing to date for customers around the world ranging from: mobile apps to integrate state response and communication; managing PPE inventory; back-to-work attestation and beacon systems; digital and human contact tracing using GAEN and non-GAEN approaches; integrating testing systems and more."

About Linux Foundation Public Health

Linux Foundation Public Health (LFPH) uses open source software to help public health authorities (PHAs) around the world combat COVID-19 and future epidemics. LFPH projects include COVID Shield being deployed in Canada and COVID Green, which has been deployed in Ireland. As more projects are contributed, LFPH will expand its scope into software support for all phases of PHA's testing, tracing, and isolation activities. LFPH is part of the nonprofit Linux Foundation. For more information, please visit lfph.io.

The Linux Foundation has registered trademarks and uses trademarks. For a list of trademarks of The Linux Foundation, please see its trademark usage page: http://www.linuxfoundation.org/trademark-usage. Linux is a registered trademark of Linus Torvalds.

Media Contact

Chad TorbinLinux Foundation Public Health[emailprotected]+1-415-548-6536

SOURCE LF Public Health

http://www.lfph.io

Read more here:
Tech Leaders and Health Authorities from Around the Globe Collaborate to Combat COVID-19 - PRNewswire

Fastify is an open-source, low-performance overhead Node.js web framework. Fastify version 3 introduces support for running Express applications inside Fastify, adds improvements to logging serialization and schema substitution, and provides better TypeScript definition support.

Fastify remains focused on lightweight performance. According to Fastify's most recent performance metrics, Fastify serves more requests per second than other Node.js frameworks, including Koa, Restify, hapi, Express, and the built-in http.Server. The 3.0 release more than doubles Fastify's requests per second compared to early 2.x versions.

Fastify version 3 improves its type system to support generic constraining and defaulting and more efficient definitions for schema types.

The fastify-express package provides full Express compatibility inside Fastify to ease the transition from Express to Fastify over time.

Validation and serialization receive a significant upgrade in Fastify 3. The setSchemaCompiler and setSchemaResolver options get replaced with the setValidatorCompiler enabling future tooling improvements. Further changes to preParsing and other hooks improve performance and consistency and leverage more of Fastify's internal APIs such as Fastify requests. Similarly, the Fastify logging serializers now use Fastify Request and Reply objects instead of native objects. Existing Fastify users should review the Fastify 3.0 migration guide for a complete list of updates.

Fastify now includes 136 official plugins ranging from features like Next.js server-side rendering, WebSockets, Webpack, and much more. Immediate support for all plugins was a significant priority for the 3.0 release. As explained by Tomas Della Vedova, software engineer at Elastic and Fastify contributor,

Im very happy about how the @fastifyjs v3 release went. As you might know by now, we have a rather big plugin ecosystem. With v2 we didnt have a specific plan for the upgrade, so we just released Fastify v2 and then slowly updated all the plugins. This year we started doing prereleases of all plugins, so a user was able to test Fastify v3 by installing the @.next version of every component of their application. Then on the release day, we published the final release of Fastify v3 and @matteocollina and me bumped all the plugins, so old and new users would not experience gaps or unwanted bugs while upgrading. Improvement for next year: automate this step as well!

Learn more about the Fastify 3.0 release from Matteo Collina, technical director at NearForm, Node.js Technical Steering Committee member, and Fastify project lead.

Or watch a more in-depth introduction to Fastify 3.

Fastify is open source software available under the MIT license and is part of the OpenJS Foundation. Contributions are welcome and should follow the Fastify contribution guidelines and code of conduct.

Originally posted here:
Fastify 3.0 Improves Performance, Logging, Schema, and TypeScript Support - InfoQ.com

Commentary: Cyral has been on a roll with two open source projects designed to make security a natural part of the development workflow.

Image: metamorworks, Getty Images/iStockphoto

Moving database applications to the cloud has been a boon for development teams anxious to move faster. It has also, however, exposed security flaws inherent in traditional security solutions, something data layer security startup Cyral has been tackling. To take this a step further, Cyral recently open sourced a project called Approzium to enable developers to better observe and secure data by themselves. It's a cool project for several reasons, not the least being that in security, obscurity really isn't your friend.

By open sourcing Approzium, Cyral makes it easier for developers to trust the project precisely because they don't really have to trust it--they can see the code. It turns out open source offers other advantages for Cyral, as well.

SEE:How to build a successful developer career (free PDF)(TechRepublic)

Approzium, available free for download under the Apache 2.0 open source software license, is designed to make lives easier for developers to iterate code faster and ship more secure applications and services. On the observability side, Approzium helps to eliminate blind spots in the diagnosis and tracing of complex performance problems within microservice architectures. On the security side, it also lets developers connect their applications to databases without the need to access credentials, thereby preventing leaks that can arise through inadvertent application logging, application compromise, or theft of secrets manager API keys.

In these ways, Approzium complements an organization's existing investments in monitoring tools like Datadog, New Relic, and Grafana, as well as secrets managers like HashiCorp's Vault. Out of the box, it supports Grafana, reporting performance and security metrics to the Grafana dashboard. With minor modifications, it can do the same for Datadog and other dashboards.

At first glance, I assumed Cyral was using a modified "open core" strategy here, but the company tells me that, no, Approzium is a fully functional, standalone service. It's simply an SDK that is easy to incorporate into an application and runs as a self-hosted service. It eliminates the need for credentials in code and provides confirmed identity information at runtime and enriches logs with service identity instead of simply logging a shared user.

Nice.Approzium follows Cyral's release in January of the open source brewOPA project, created to make it easier for developers, DevOps, and SecOps teams to interface with policy engines of the future. As Steven J. Vaughan-Nichols has written on TechRepublic sister site ZDNet, brewOPA helps developers to take advantage of YAML interfaces to bridge the gap between DSLs for data security in the new world of cloud-native, Kubernetes, service meshes, and more.Both open source projects help get developers invested in security from the start, rather than trying to bolt it on at the end of their development cycle. In this way, it has become critical to make security feel like a natural part of the development process so that it doesn't slow developers. Getting this balance right is increasingly critical to the success of open source projects, as well as the companies that hope to capitalize on them, like Cyral. In this case, Cyral seems to have handled the balance between its commercial complements to the open source Approzium and brewOPA projects with aplomb.

Disclosure: I work for AWS, but the views expressed herein are mine and don't reflect those of my employer.

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays

Continue reading here:
This new open source project could be key to securing database applications - TechRepublic

For those worried about preserving the heritage of open source coding for future generations, rest assured, a deposit of GitHubs public repositories has made it safely to the Arctic World Archive.

According to a GitHub blog post, the code was successfully deposited on July 8, 2020 to the Github Arctic Code Vaulta data repository preserved in the Arctic World Archive, a facility for data preservation in Svalbard, Norway. The effort is part of the Github Archive Program and is Githubs second deposit made through the program.

Our mission is to preserve open source software for future generations by storing your code in an archive built to last a thousand years, GitHub wrote.

According to the blog post, a snapshot of all the active public repositories on GitHub was taken on February 2, 2020, resulting in 21 TB of repository data. In GitHub, a repository is used to organize a project and contains all the folders and files needed for the project to run.

This data was then written onto 186 reels of piqlFilma digital photosensitive archival film. According to a spokesperson for Piql, the makers of the film, the technology is a completely self-contained medium and any files stored on it will be recoverable in the future regardless of available technologies.

All information required to recover stored information is written on the film itself in human readable text, along with file specifications and source code for the retrieval software, the spokesperson told Motherboard in an email.

This is good news for advocates of open source coding who want to preserve a snapshot of all of Githubs public repositories. GitHub says on its website that it has over 50 million users and more than 100 million repositories.

As todays vital code becomes yesterdays historical curiosity, it may be abandoned, forgotten, or lost, Github wrote on its website. Archiving software across multiple organizations and forms of storage will help ensure its long-term preservation.

Every reel in the archive will include a guide in five languages. Information documenting the technical history and cultural context of the archive will be included as well.

Partners with GitHub in the Github Archive Program include the Internet Archive, Software Heritage, and Project Silica.

According to its website, the Arctic World Archive was established in 2017 and holds a collection of digital artifacts and information from over 15 contributing countries. The archive is located in the permafrost of an arctic mountain in the Svalbard archipelago and is designed to withstand natural and man-made disasters.

Other artifacts stored in the archive include manuscripts from the Vatican Library and masterpieces from the National Museum of Norway.

By signing up to the VICE newsletter you agree to receive electronic communications from VICE that may sometimes include advertisements or sponsored content.

Read the original:
21 Terabytes of Open Source Code Is Now Stored in an Arctic Vault - VICE

Worker-owned Deliveroo alternative Kolyma2 offers a potential blueprint for transitioning the platform economy to a post-capitalist world.

The platform economy as the business model of Deliveroo, Lieferando, UBER and Airbnb is called is a relatively new phenomenon. When it appeared, traditional unions did nothing to protect the workers from the new forms of exploitation that came along with it. It appears as independent, freelance work, but in reality it is not. Class struggle still lies at the heart of it: Some platforms like e.g. UBER do employ freelancers because they dont want to pay social benefits like health insurance, sick leave, vacations etc. This disruptive behavior has fierce effects on national and global economies.

A delivery rider earns 10,50 Euro on average, which is more than minimum wage in Germany, but in fact its less: If no order is dispatched to you, you dont earn anything and flat hourly rates are rare. Most riders pay their own gear smartphone, bike, maintenance and dont have paid holidays or sick leave.

In big cities like Paris most of the delivery riders are (illegal) migrants that do the job because they simply wont find another one. They often work as subcontractors for other bicycle couriers that have a legal status and dont perceive the flexible working conditions as a benefit. This not entirely the fault of the platforms, however, but also a result of the general situation of migrants that politics failed to address. Also there is a fierce competition between different platform companies, as they aim for market dominance.

This caught my attention immediately because it touches on many of the topics that we at DiEM25 discussed in our seminal policy paper: Technological Sovereignty Democratising Technology and Innovation. I couldnt wait to observe our theoretical concepts in real life. In early summer 2020 I finally got to talk to some people of Kolyma2 in a video conference.

Stefano Lombardo the prolific founder of Kolyma2 had been working for Deliveroo for more than four years. He was already planning to form a cooperative during his Deliveroo years. While riding for the multinational company, however, the idea never kicked off. But when Deliveroo left Berlin, he seized the opportunity. This is how the food delivery cooperative Kolyma2 started: with a tiny landing page and a telegram channel.

As adorable as this lo-fi approach was, technology seemed to play a crucial part, as it was really complicated to complete an order. The amount of communication between customers and riders was enormous. As a result, in November 2019, Kolyma2 had to close down operations. Apart from the technology there have been other issues. It simply was too much work on the shoulders of too few people.

But that wasnt the end of Kolyma2. In January 2020 they returned, equipped with better infrastructure. They teamed up with the French developer Alexandre Segura, who goes by the moniker Mex, and the platform Coopcycle. For once the COVID-19-Shutdown came in handy and business boomed in spring 2020.

The Coopcycle app brought in new customers that insisted on using a real app. From 60 orders on one weekend, the turnover rose to 80 orders per day. This was important to sustain Kolyma2, says Stefano.

You need to generate revenue, because dedication and idealism alone dont sustain your life. In 2019 we just imploded. We burnt out.

Mex platform Coopycycle the new app that is at the core of Kolyma2 has been built upon the remains of another failed startup: The Belgian delivery company Take Eat Easy. Mex tried to wrap his head around the fact that this billion-dollar startup could fail so badly and lose all its money. He felt that it couldnt be so complicated to build a food-ordering app. So Mex cloned the application and played around with it. Meanwhile, the idea of rider cooperatives with collective bargaining power started circulating across Europe.

Until then, Mex had thought that cooperatives belonged in the 19th century, as he vaguely remembered some socialist writings by thinkers like Charles Fourier or Robert Owen. However, he suddenly realized that the concept makes perfect sense in the modern world.

The idea arose that he could develop an app that belonged to delivery riders and that it could act as the factory they commonly own. Riders could run the platform on a local scale without global structures involved. Technology is not everything, for sure, he adds, but you need to have an app and a functional website to compete.

So why not build an open source solution and spread it around? For cooperatives like Kolyma2, this means having a boilerplate code for a monthly fee that is based on their turnover on the platform.

The idea of (publicly financed) open source software platforms that dont belong to a private entity but can be used by all citizens is something that DiEM25 already identified in the Technological Sovereignty paper. Such a commonly usable tool is a crucial means to level the playing field: To make sure that newcomers like platform cooperatives have a fair chance to compete against global players.

Bike messaging organised as a cooperative has been a thing in urban areas for some time now. The individuals working in this field are particular, as they are often left-leaning, anarchist and ecological. In that regard, e.g. UBER drivers really are a different crowd.

Mattia and Dana early members of the Kolyma2 collective think that the difference between a cooperative like Kolyma2 and a company like Deliveroo is the level of group engagement. It is different to work for a collective that you are part of, as opposed to working for a boss that you will probably never meet. At Kolyma2 there are no regular meetings, but they communicate via text messenger as this feels more organic in terms of chaos and flow. Not everyone likes to get involved at the same level. Some people only want to ride a bike for a living. Self-organization can be a lot of work.

There is a benefit to getting to know the work process, says Mattia, because at a company like Deliveroo you always feel kept at bay and there also was a kind of anxiousness about how long your job was about to last.

Most people value their freedom more than a fixed contract. There can be flexibility for everyone, not just for the upper echelons of these emerging economies. For Dana, for example, security isnt really an issue when it comes to her job. She prefers to live in the now and not in a possible future. Mattia, on the other hand, did have a fixed contract while working for Deliveroo. In reality, however, he wasnt secure in his job. It was a six-month contract with automatic renewal, but when he became sick near the end of one contract it turned out that the contract hadnt been renewed. Now, he prefers to work for a cooperative that he trusts and where he despite his freelancer status feels safer.

As of now, Kolyma2 is just a network of freelancers, but that is going to change soon as the company is now joining Smart Cooperative. Smart is a legal structure that enables freelancers to employ themselves in a cooperative. You make a contract based on your projected income and they pay you a monthly wage. Smart will host Kolyma2 under a legal umbrella until they are ready to fund themselves.

An important issue in the platform economy is the agency workers have over managing their reputation. Even liberals will agree that someone that has a good working biography should be able to use it in the labor market. If you work for platforms like UBER or Deliveroo, however, your reputation or rating belongs to the company and it disappears as soon as you stop working for them. Thats one of the reasons why DiEM25 argues for data unions representative organisations of platform workers that make sure that they can negotiate the terms and conditions of their contracts and prevent such bad business conducts.

Furthermore, the software itself is a crucial tool for platform cooperative like Kolyma2. Coopcycles app runs on a license inspired by Dmytri Kleiners Copyleft concept Coopyleft. To prevent that a giant like Lieferando just comes and takes away the software, in the Coopyleft license, the source code can only be used by entities who stick to certain ethical principles. To use software protected by a Coopyleft license, you need to use a cooperative model and fit the definition of a social economy actor as defined by the European Union.

This certainly has to be explored in more detail, as the world of delivery drivers is a unique ecosystem that doesnt necessarily translate to other work areas.In any case platform cooperatives can play a crucial part in helping to imagine new models of workplace democracy and workers organization.

Nick Srnicek argues in his book Platform Capitalism that the state should act as a kind of Venture Capitalist in the platform economy to ensure competitiveness. Stefano doesnt agree, because he thinks the state should stay out of these issues. Workers should learn to run a company the hard way, instead of learning to fill in funding applications. Otherwise you dont learn to get to know your customers and their needs.

In our Technological Sovereignty policy paper we demand to make EU funding for research and innovation more easily accessible for civil society organisations, non-profit technology projects, cooperatives and other actors with a clear mission of green and social change. With that and a Universal Basic Dividend that makes sure society gets a fair return on its public investment future cooperatives might have the financial means to explore these possibilities in a safe space.

Do you want to be informed of DiEM25's actions? Sign up here

More here:
Platform Cooperatives: Workplace Democracy for the 21st Century? - DiEM25

We've pointed out how the mainstream media's constant reference to Bitcoin being 'untraceable' just isn't true, and the FBI agrees - saying they're "far from being anonymous" and that there are also various types of software, open source and proprietary, that carry out an exhaustive exploration of transactions on their blockchain.

But one coin does qualify as 'untraceable' at least for now, and it's a thorn in the FBI's side as they admit to having an inability to detect the destination of the funds in operations when Monero (XMR) is used.

The FBI report appeared in a leaked document repository, and shows three cases involving Panamanian cryptocurrency exchange MorphToken. The document explains three cases of supposedly illegal exchanges of bitcoin (BTC) to monero (XMR) in said exchange house.

The leaked report is part of the documents released in Blueleaks, an extensive collection of police reports and government office documents published by the Anonymous group.

The FBI points out in the document that it evaluated actors in the dark web market (Darknet Market or DNM) that turned bitcoin into monero, allegedly unlawfully . The federal office rates monero as an enhanced anonymity cryptocurrency (AEC), implying that the aforementioned conversion prevents law enforcement officials from mapping the destination of the funds.

But That's Not Necessarily A Dead End...

If someone is converting Bitcoin to Monero, they're using an exchange. This means there's still a way to find what IP address is behind a Montro transaction. Instead of following entries on the blockchain's ledger, they're looking at server logs of the exchanges used to execute the transactions.

The evaluation is highly reliable, says the FBI, and is based on that agency's research, analysis of blockchains, and the use of "proprietary software." Also, the FBI says in the leaked document that it used information from the MorphToken cryptocurrency exchange, which operates in Panama.

Given that after the conversion to monero, the FBI cannot detect the destination of the funds , this agency assumes that the DNM actors do not carry out such a conversion to "diversify their portfolio." The suspicion of illegal activities is based, according to the FBI, on two factors: the availability of information about the inability to trace the funds once converted to monero and the existing means to acquire them without providing user information.

In the first case addressed by the FBI, Bitcoin transaction fees processed by Cryptonia, which operates in the DNM, were detected between May and September 2019. These were sent to addresses associated with MorphToken, according to blockchain analysis and investigations. from the FBI. All bitcoin, says the FBI, was converted to monero.

In another case, bitcoin shipments from the sale of drugs to MorphToken were detected in November 2019, by 4 participants from the DNM. In this case, proprietary software that analyzes Bitcoin transactions and open source software for traceability of the Bitcoin blockchain were used. More recently, in January of this year, actors associated with the DNM Apollon sent at least 11 bitcoin to MorphToken for conversion to monero.

Reality Check...

We're for legitimate usage of cryptocurrencies, and believe it being used for illegal purposes does nothing but slow mass adoption, even though the reasoning behind this lacks any logic.

It's important to remind everyone that every government provides untraceable currency themselves - it's called cash.These days, physical cash can be turned digital easily via a pre-paid debit cards available at thousands of convenience stores, even many gas stations - with no ID needed.

So don't let any spin you find elsewhere convince you that cryptocurrencies provide a new level of anonymity.

Original post:
Leaked FBI Docs Show Just How Easily They Track Bitcoin - And The Untraceable Coin They're Frustrated With... - Global Crypto Press

Infrastructure as Code (IaC) is a fundamental component of modern DevOps practices because it enables you to deploy any version of your application infrastructure at will, and facilitates the full lifecycle management of all the resources required to run and monitor your application. Organizations who have adopted DevOps practices often deploy hundreds or even thousands of changes to production a day, allowing them to deliver software faster, cheaper, and with lower risk.

When you explore the IaC options available today, you quickly discover customers have many choices, and two of the most popular for deploying infrastructure to AWS are CloudFormation, a service native to AWS, and Terraform, an open-source offering from HashiCorp. HashiCorp is an AWS Partner Network (APN) Advanced Technology Partner and member of the AWS DevOps Competency, and Terraform is a widely used tool that allows you to create, update, and version your infrastructure. According to GitHub Octoverse, HashiCorp Configuration Language (HCL) as one of the fastest growing languages over the past several years.

CloudFormation YAML and Terraform HCL are popular IaC languages and the right fit for many customers use cases, however we often hear other customers say they want to define and provision infrastructure with the same familiar programming languages used to code their applications, rather than needing to learn a new domain specific language. The AWS Developer Tools team responded with the AWS CDK in 2019 for CloudFormation, and now, AWS and HashiCorp are proud to announce that were bringing the CDK to Terraform.

Today, wed like to tell you more about the developer preview of the Cloud Development Kit for Terraform, or cdktf, that lets you define application infrastructure with familiar programming languages, while leveraging the hundreds of providers and thousands of module definitions provided by Terraform and the Terraform community. The CDK for Terraform preview is initially available in TypeScript and Python, with other languages planned in the future.

The AWS Cloud Development Kit (CDK) and HashiCorp Terraform teams collaborated to create this new project by leveraging two key technologies of the AWS CDK: the CDK construct programming model, and the javascript interoperability interface, or jsii. The CDK construct programming model is a set of language native frameworks for defining infrastructure resources and adaptors to generate configuration files for an underlying provisioning engine. The jsii allows code in any supported language to naturally interact with JavaScript classes, enabling the delivery of libraries in multiple programming languages, all from a single codebase. Using these components, the AWS CDK generates CloudFormation configuration from code written in TypeScript, JavaScript, Python, Java, or C#. Similarly, the CDK for Terraform generates Terraform configuration to enable provisioning with the Terraform platform.

To better illustrate the developer experience using the CDK for Terraform, consider the following example. This example creates a new Terraform application called hello-terraform, that contains a single stack named HelloTerraform. Within the HelloTerraform stack, the AWS provider is used to define CDK constructs to provision a EC2 instance. When this code is run, it produces a Terraform JSON configuration file that you can use to run a terraform plan , terraform apply or use the cdktf-cli to run cdktf deploy.

This code when synthesized will produce the following Terraform JSON configuration.

For an in-depth tutorial of using CDK for Terraform, read the HashiCorp blog post.

HashiCorp Terraform follows an Infrastructure as Code approach and is extensible to support many providers of cloud infrastructure and software services.

Historically Terraform has supported HashiCorp Configuration Language (HCL) and JSON. While HCL is meant to be read and written by people, JSON can be machine-generated and consumed for programmatic interaction with the platform. Also, Kubernetes Custom Resource Definitions (CRDs) can be used to provision resources via the Terraform platform. Now, with the introduction of the CDK for Terraform, programming languages such as Python and TypeScript can be used to generate Terraform JSON configuration that is provisioned using Terraform.

Here are some additional things you need to know about CDK for Terraform:

Works with existing providers and modules. cdktf-cli includes a helpful CLI tool that lets you import anything hosted in the Terraform Registry into your project, allowing you to leverage any of the Terraform resource type providers or common infrastructure configuration modules.

Keep your current developer workflow. With the cdktf-cli, the core Terraform workflow remains the same, including the ability to plan changes before applying. Additionally, cdktf-cli supports commands like `cdktf diff` and `cdktf deploy` that are similar for AWS CDK users.

Familiar programming language to declarative state. cdktf code is written using familiar programming languages but produces your desired state as standard JSON. This means you can enjoy the expressiveness and power of programming languages without compromising on the robustness of the declarative desired state approach.

Language support. cdktf lets you define IaC using TypeScript and Python, with support for more languages coming in the future.

Open source. cdktf is an open source project and we cant wait for the contributions from the community. If you would like to see a feature for the CDK for Terraform, please review existing GitHub issues and upvote. If a feature does not exist in a GitHub issue, feel free to open a new issue. In addition to opening issues, you can contribute to the project by opening a pull request.

Project is in alpha. cdktf is in the early stages of development, and while we think it is ready for you to give it a try and let us know what you think, use it with care and at your own discretion.

We are very excited about this project, and helping make life more productive and fun for developers. To see the CDK for Terraform in action, we encourage you to read the HashiCorp blog post, and follow the step-by-step tutorial.

For more information about other projects that leverage the CDK construct programming model, check out the AWS CDK for defining CloudFormation configuration and cdk8s for defining Kubernetes configuration.

Happy Infrastructure-as-coding!

Chris is a Senior Product Manager at AWS on the Developer Tools team that brings you the AWS SDKs, the AWS CLI, and is a humble custodian of the AWS Cloud Development Kit (CDK). He is especially interested in emerging technology and seeing science fiction become science fact. When not thinking about DevOps and Infrastructure as Code, Chris can be found hiking, biking, boarding, camping, or paddling with his wife and two kids around the Pacific Northwest.

Anubhav Mishra is a Technical Advisor to the CTO at HashiCorp. He is passionate about Developer Advocacy and helping developers and operators do better. Previously, he worked at Hootsuite, where he created Atlantis An Open Source project that helps teams collaborate on Infrastructure using Terraform. Anubhav loves working with distributed systems and exploring new technologies. He also loves open source software and is continuously finding ways to contribute to projects that excite him. That has led him to contribute to projects like Virtual Kubelet (a CNCF project) and dapr. He often speaks at conferences. In his free time, he DJs, makes music and plays football. Hes a huge Manchester United supporter.

The content and opinions in this post are those of the third-party author and AWS is not responsible for the content or accuracy of this post.

See the original post here:
Introducing the Cloud Development Kit for Terraform (Preview) - idk.dev