Automation, edge computing, and the open source supply chain – Amateur tech diviner – Issue #15

As part of my role as a senior product marketing manager at an enterprise software company with an open source development model, I publish a regular update about market trends for product marketers, managers, and other influencers. In the spirit of open source, here are the 5 articles my audience found the most interesting last week (as measured by clicks) and why I think that’s so.

Miller: Red Hat, IBM, and Fedora:

“Today marks a new day in the 26-year history of Red Hat. IBM has finalized its acquisition of Red Hat, which will operate as a distinct unit within IBM. What does this mean for Red Hat’s participation in the Fedora Project? In short, nothing.”

Why this was impactful: Everyone looks uncomfortably at the elephant in the room. Is someone going to say something? Yep, it’s Adam. Fedora will continue to power our workstations, development environments, gaming machines, and televisions. 

I have trust issues with automation:

“Modern automation tools are designed for scale — they bring the capability to modify tens, hundreds or thousands of servers during a single run. That’s a massive ‘blast radius’ if anything goes wrong — the recent Google Cloud outage is a good example of automation run a bit too far. And if it does go wrong, do you know enough about what that automation was doing to perform corrective actions?”

Why this was impactful: The job-stealing dark side of automation is something we read about often; the screw-up amplifying potential is more immediately damaging. IT automation gives regular people super powers with no Lady of the Lake to determine their worthiness. What could go wrong?

Linux a key player in the edge computing revolution:

“Some forms of edge computing include consumer electronics that are used and installed in millions of homes, others that serve tens of thousands of small businesses with operating their facilities, and still others that tie large companies to their remote sites. Key to this elusive definition is the idea that edge computing always involves distributing the workload in such a way that the bulk of the computing work is done remotely from the central core of the business and close to the business problem being addressed.”

Why this was impactful: To me edge computing is mostly a different way of conceiving of the computation devices that have been around us for a while now. Your phone? Edge. Your media server? Edge. Your IP enabled baby cam? Edge. The idea that these edge devices are increasingly running the open source software we know and love is reassuring. 

Logs vs. metrics: a false dichotomy:

“Logs and metrics are not two fundamentally different approaches. They are different projections of the same underlying data. Logs are necessarily more complete, because they preserve context. Sometimes this makes them more expensive to handle. Sometimes it makes the difference between understanding an issue and not.”

Why this was impactful: Long story short; the forest and the trees are important. You’ll need to be able to be able to think along both dimensions. While the article is about monitoring and alerting on servers(ish), the distinction is useful to anyone who has to pay attention to execution at multiple levels (“when you say yellow, how yellow are we talking about?”)

When less open source is more: Report finds that fewer components work best:

“We’ve long advised organizations to rely on the fewest open-source components suppliers with the best track records in order to develop the highest quality and lowest risk software,” says Wayne Jackson, Sonatype CEO. The report recommends companies “tame their software supply chains” through better supplier choices, component selection and use of automation thereby reducing vulnerable components by 55 percent.”

Why this was impactful: For a long time it seemed as if open source software appeared by magic; almost any library or package you could want could be easily found. Not in the official repository? Just grab it off the COPR / PPA. Thankfully the idea of the open source software supply chain is becoming increasingly well understood, and the idea of just grabbing something from the internet and building on top of it is something getting a longer, harder look.  

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.