Google Announces Kubernetes 1.0

Google has announced the Kubernetes container orchestration system has reached the v1.0 milestone. Kubernetes runs within a "Google-style infrastructure stack" to manage and orchestrate a container-based data center environment. The 1.0 version number is a major step that means the developers believe they have met their initial objectives, although they acknowledge that much work remains to complete their vision of a universal container-based toolset.

According to Google, the most significant feature of the new release is "API stability, meaning developers can build on top of the core Kubernetes tools without worrying about upcoming releases pulling the rug out from under their work."

The announcement reports that the project has had over 14,000 commits and includes contributions from 400 developers, including coders from Red Hat, CoreOS, IBM, Intel, Microsoft, VMware, and other companies.

Linux Foundation Launches New Cloud Native Computing Project

The Linux Foundation has announced the launch of a new nonprofit organization dedicated to advancing "the state of the art for building cloud native applications and services." The new Cloud Native Computing Foundation will "… create and drive the adoption of a new set of common container technologies driven and informed by technical merit and end user value and inspired by Internet-scale computing."

Founding members include a number of leading Internet companies, such as AT&T, Cisco, CoreOS, Docker, eBay, Google, IBM, Intel, Red Hat, Twitter, VMware, and others. The goal of the group is to define APIs and standards that will lead to better and more open technology for containers and cloud computing.

According to Linux Foundation executive director Jim Zemlin, "The Cloud Native Computing Foundation will help facilitate collaboration among developers and operators on common technologies for deploying cloud-native applications and services. By bringing together the open source community's very best talent and code in a neutral and collaborative forum, the Cloud Native Computing Foundation aims to advance the state of the art of application development at Internet scale."

See the Cloud Native Computing Foundation website for more information: https://cncf.io/.

Emergency Fix for OpenSSL

The OpenSSL project announced a new release to the encryption toolkit to address a "certificate forgery" issue. The problem affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n, and 1.0.1o. According to the security advisory (CVE-2015-1793), the vulnerable OpenSSL versions will "…attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be bypassed…"

The OpenSSL team released versions 1.0.2d and 1.0.1p on July 9 to fix the problem.