What’s the point: Nomad, Waypoint, Lens, NetBeans, GitLab, cri-o, and Ansible Builder

What's the point

HashiCorp has pushed v1.0 of its workload orchestrator Nomad into general availability. The latest iteration allows users to set up namespaces, and provides them with an event stream to keep an eye on a cluster’s performance. HashiCorp has also followed the market trend by injecting a sort of topology visualisation into the tool, alongside improved compatibility with the container networking interface CNI. The latter provides ways to expose and register IP addresses created through CNI directly with Consul.

Customers of the project’s enterprise version will be able to use dynamic application sizing in Nomad 1.0. The new feature is designed to help teams optimise their apps resource consumption by recommending CPU and memory parameters. To do so, Nomad monitors jobs and their resource usage, and evaluates the collected data to generate configuration guidance.

Nomad has been around since 2015 and can be found in production systems at web infrastructure provider Cloudflare, and US-only music streaming service Pandora. 

The company’s Waypoint was only introduced officially in October but has already made a small version jump bringing it to v0.2. Since its introduction, the workflow codification tool has learned to configure applications “via environment variables that are synced with an external system”, which for example helps with separation of concerns. Other improvements include the availability of prior operation results, entrypoint-related logs for debugging, and new templating functions to render Dockerfiles, Kubernetes Configs, and the like.

Kubernetes IDE celebrates 4.0 with new extension API

Docker Enterprise proprietor Mirantis has put the finishing touches on version 4.0 of its Kubernetes IDE Lens. The focal point of the release is an extension API, providing developers with a way of writing integrations to customise the development environment. 

Other enhancements include information on a container’s last status or the LoadBalancer, the ability to restart deployment, and a mechanism to specify accessible namespaces. 

Windows users might have to get a little more hands-on if they’re interested in upgrading as automatic updates seem to be an issue under the Microsoft OS. Details can be found in the Lens repository.

Apache NetBeans gets grip on sealing

The Apache Software Foundation has released version 12.2 of its integrated development environment, NetBeans, to its user base of Java and web developers. The team behind the IDE spent the last couple of weeks improving support for more recent Java language features, like the sealed type, the Record variable, and various PHP 8.0 expressions and types. NetBeans now has the ability to show types of chained method invocations, and creates a new Java class (or interface or enum) when raw text is copied.

There’s a new GitLab security release in town

GitLab has flung out another round of security updates that it heartily recommends is downloaded by anyone looking to keep their systems secure and user data safe.

Versions 13.6.2, 13.5.5, and 13.4.7 are now available, and mostly deal with issues related to unauthorised access and data exposures of various kinds. For example, it takes care of a bug in versions 13.4 to 13.6.2 which could lead to user emails being exposed via the GraphQL endpoint of the system. GraphQL also played a role in a vulnerability that could reveal private group and project memberships that was introduced in version 13.1 of GitLab but has been mitigated in the just announced new versions.

As usual, the releases also came with an updated GitLab Omnibus. This time the packaging tool includes upgrades on dependencies GraphicsMagick, GnuPG, and libxml which are meant to mitigate various security concerns. Details on that can be found in the blog post fleshing out the new versions.

cri-o levels up to 1.20

After receiving some shoutouts from the Kubernetes team in the FAQs thrown together for the dockershim deprecation in K8s 1.20, the cri-o devs have thrown their v1.20 into the ring. The most recent iteration of the implementation of the Kubernetes container runtime interface includes a new annotation for adding devices to a container, as well as an option to override “an unspecified seccomp profile from being unconfined to being the runtime default”.

Ansible starts Builder project for better execution environments

Red Hat has introduced followers of it’s IT automation tool Ansible to Ansible Builder, built to automate the creation of execution environments to ease some of the pains when working with Ansible Content Collections. 

The term execution environment in the Ansible world describes a sort of container image that can be used as a control node to automate processes. Building one by hand could quickly turn into a challenge, as you often have to take various dependencies into account, make sure they work well together, and ensure it stays that way as versions change. 

This is where the open source Builder tool jumps in by finding ways to automate the process “using schemas and tooling defined in various Ansible Content Collections and by the user”. An example of this can be found in an introductory blog post.