Sunday Reading — September 8, 2019

Published in

Enterprise Te.ch

5 min readSep 8, 2019

An ounce of prevention: In July, municipal workers in New Bedford, MA returned from the Independence Day holiday found that some of the city’s computers were infected with the Ryuk ransomware. It wasn’t immediately clear how the infection happened or how far it had spread, but this week the mayor revealed that four percent of the city’s systems were affected and that some of those computers were still unusable. The attackers wanted $5.3 million. The city countered with a $400,000 offer to be paid from an insurance fund. The attackers went dark so the New Bedford IT teams set about recovering from backups. From Secalerts:

The city kept the attacker ‘talking’, buying time while its IT department worked to strengthen the city’s defenses. When it became obvious the attacker wasn’t going to play ball and take the counter offer, the city restored all of the encrypted files and information from the backup systems they have in place. Due to the timing of the attack and the resultant low number of computers affected, no critical systems were impacted and restoring from backup was easy.

Back that thing up: The Labor Day weekend power outage in Amazon AWS EAST-1 Region proved to be a reminder that data loss is very real even in the largest cloud providers. From The Register:

Our tipster told us they had more than 1TB of data in Amazon’s cloud-hosted Elastic Block Store (EBS), which disappeared during the outage: they were told “the underlying hardware related to your EBS volume has failed, and the data associated with the volume is unrecoverable.”
Our reader, who asked to remain anonymous, was able to restore their data by hand from an EBS snapshot conveniently taken roughly eight hours earlier. Without this backup, they may not have been able to recover any of the lost information: Amazon’s engineers were able to resuscitate the vast majority of downed systems, though not every storage volume survived the hard crash.

And what kind of remediation can you expect when your data evaporates? From BleepingComputer:

Even with these advertised features, Amazon protects themselves by specifically stating that they will only issue credits for loss of service availability and that they are not responsible for data loss.
“As part of using Amazon EC2, you agree that your Amazon EC2 resources may be terminated or replaced due to failure, retirement or other AWS requirement(s). We have no liability whatsoever for any damages, liabilities, losses (including any corruption, deletion, or destruction or loss of data, applications or profits), or any other consequences resulting from the foregoing. “
Amazon is not alone. For example, DropBox states that they offer “120 days of file recovery” for all their plans, including the free one. To most users this would mean that they would not need to worry about accidental deletions or hardware damage as the data is being backed up.

Kubernetes or die: There’s been some mild push back recently from some developers building applications on Kubernetes, particularly as it relates to networking. But momentum is definitely building. From HackerNews:

This meme needs to die. Kubernetes is not overkill for non-Google workloads.
In my current work, we run several Kubernetes clusters via GKE on Google Cloud Platform. We’re a tiny company — less than 20 nodes running web apps, microservices and search engines — but we’re benefiting hugely from the operational simplicity of Kubernetes. Much, much, much better than the old fleet of Puppet-managed VMs we used to run. Having surveyed the competition (Docker Swarm, Mesos/Marathon, Rancher, Nomad, LXD, etc.), I’m also confident that Kubernetes was the right choice.

Security still a concern for Kubernetes: While adoption is “skyrocketing,” security remains a top concern. From TripWire:

Our survey found that security has remained the top concern for IT professionals whose organizations have a container strategy. Additionally, the concern is growing — 40 percent of those surveyed said their company didn’t adequately invest in container security, compared to 35 percent in a similar survey six months prior. Even more concerning is that some organizations don’t even take the security threats seriously.

NetApp: Private Cloud Kubernetes for the Enterprise — Done Easily

We are excited to announce NKS on VMware, regardless of infrastructure, at VMworld 2019! Matt Baldwin did a great blog unpacking that announcement, including why we are doing it and the most significant functionality for our VMware based customers. NetApp Kubernetes Service (NKS) has been rapidly gaining adoption in the public cloud recently, for all the reasons Matt Baldwin identified in his blog, including single pane management of multicloud deployments, application management features, infrastructure and ecosystem integrations — all via a really slick, simple interface that anyone (even me) can immediately understand! Going forward, with on premises functionality via VMware added, I am sure this is going to be a HUGE tool for managing containers across clouds. Read more…