Containers offer many advantages over monolithic applications, packaged as VMs. Most importantly, a container image is immutable, easily built and deployed without reliance on permanent infrastructure. Nevertheless, containers are a challenge to IT operations teams, who need full visibility and control of their software supply chain to implement security and governance policies. To address this problem, today Google announced Grafeas, an Open Source Project that provides a flexible verification framework to connect components deployed in production with their origins. Grafeas is a metadata API that aggregates information about all the software components in a container, including package descriptions, build and deployment histories, and known component vulnerabilities. The Grafeas API can be used to store, query, and retrieve comprehensive metadata on software components of all kinds.
We heard our customers loud and clear. Our old AppManager product on which we ran the Hub on wasn’t working for you. That’s why we replatformed our Black Duck Hub solution on the Docker platform.
We’re shifting the Black Duck Hub to a Docker-based architecture, so we created this quick video to give you an overview of some key questions we’ve heard from our customers about this change.
Today, we’re excited to share the story of the Ansible Container project. It is platform-agnostic, able to target the most common container orchestration engines including Kubernetes, Docker and OpenShift.
Are modern enterprise software architectures doomed to produce suboptimal processes and outcomes? Today, enterprise architects value componentization perhaps more than ever before, given the mass glorification of microservices. Microservices are loosely defined as isolated, independent components designed to address a singular business need. Sounds great, until you consider that with this architecture, the creator(s) and the consumer(s) of any service are likely to become rigorously isolated from each other, the API boundary falling like an iron curtain between them.
One of the fun parts of my job is participating in events. I enjoy the feedback I receive from the communities I work with and I have the opportunity to speak about topics I’m passionate about. While I have the luxury of travel, that’s not the case for the majority of community members I speak with. For them, #dayjob is likely to sponsor their attendance at one or two events per year. This is why we not only attend open source conferences, but created our own.
This is the eighth year we’ve run the Black Duck Open Source Rookies of the Year. Each year we review the world of open source and recognize top new projects launched during the past year, be sure to check out the top new projects of 2016. Today, we’re excited to share the story of the Rocket.Chat project, which enables privately hosted chat services.
This is the eighth year we’ve run the Black Duck Open Source Rookies of the Year awards. Each year we review the world of open source and recognize top new projects launched during the past year. We’re delighted to share the story of the Kontena project.