Wednesday, October 4, 2017

Meet the Bitnami Team: Brad Bock

The Bitnami team is a diverse group of talented people distributed all over the world. Get to know them better through this series of blog posts.

Brad is the Program Manager for Cloud Partnerships on the Business Development team, and works from our San Francisco office.

A brief bio

I come from Southern California, where I grew up obsessed with reading, playing music, and trying to figure out how things like small engines and radios worked by taking them apart and (sometimes successfully) putting them back together again. I had an entrepreneurial streak from a very young age as well, and by the time I was 12 I had cornered the neighborhood market on lawn-mowing and car-washing.

Around that same time I also discovered computers when my parents got our first desktop PC, a Tandy 386 with Windows 3.1 and a 14.4kbps modem purchased from Radio Shack. I was totally hooked- the ability to communicate with people all over the world was extremely interesting, not to mention that I could program it to do my math homework!

When I was a little older, I needed some help paying for college so I joined the US Navy. That took me all over the world, working in intelligence for a certain three-letter agency and feeding my passion for experiencing and learning about other cultures. After the Navy, I moved back to SoCal to study economics and philosophy. I met my future wife, Tiffany, and went to work in the motion picture industry after graduating. We eventually decided it was too damn hot in Southern California, and made the decision to move to the Bay Area where Tiff grew up.

Why you joined Bitnami and what excites you about working here?

During my time working in the movie industry, Tiff and I started building websites using WordPress and shared hosting. Before long, I was also hosting our websites to save some money… and not long after that I had a nice little side hustle building and hosting other websites for friends, family, and small businesses.

When we moved to the Bay, I was looking for a way to host WordPress websites in the cloud and happened across Bitnami. I immediately knew this was the company I wanted to work for- they made it so easy to deploy all these open source apps in the cloud, I was kicking myself for not finding them earlier! Now that I’ve been here a couple years, I’ve realized how tremendously exciting open source software is, and how much good Bitnami does for everyone from individual tinkerers to corporate titans by making it more accessible and flexible to use. Now we are doing some next-level s#$& with our application packaging toolchain, Docker, and Kubernetes that is going to have a significant impact on the way big companies adopt tomorrow’s cloud technology. It is almost surreal working at a company this size that can justifiably say that.

When I think back about the things that didn’t exist when I was a kid, and daydream about the things my own kids will take for granted, I get really excited about working for Bitnami. How cool is it that my (currently gestating) child will have the opportunity to start coding around the time he learns to write his name, and that some of the same technologies used to run the coolest tech companies will be at his fingertips to play with on a whim. Imagine the things the next couple generations are going to come up with! I feel that Bitnami’s raison d’etre is removing barriers to that future, and I am excited to be part of it.

The other thing that excites me most is working with such a diverse, talented, and humorous group of people from around the globe, among whom I am very sure many will be lifelong friends. I feel proud to work at a company where people are welcome and accepted whatever their age, sex/sexual orientation, ethnicity, religion, etc. I’m not just saying that because it sounds good- it is a very important issue to me, and I feel that as a company we’re getting it right.

What are you working on?

I wear a lot of hats at Bitnami; a little bit of product, a little marketing, some account management, design, you name it. Officially, I am a Program Manager for Cloud Partnerships; formerly I worked in a similar role with ISVs and then Systems Integrators.

It’s my job to be an expert in every aspect of Bitnami’s technology and business. I’ve always got my eyes open for opportunities to help people unlock value in their relationships with us.

What do you like to do for fun?

Enjoying the night market in Taipei

I am really interested in making things to eat and drink that were once made at home but are now almost universally mass-produced. I have become a one-man cottage industry of sorts, producing some fine home-made beer, smoked sausages, cheese, and other delicious treats. I am also obsessed with travel and meeting interesting people around the world, and especially sampling the many wonderful things to eat and drink.

When I’m not chasing new adventures around the globe, there’s nothing better than hanging out with family and friends (and four-legged friends), cooking out and enjoying each other’s company at home.

Interested in working with Bitnami and Brad? Apply for one of our open positions!

Monday, October 2, 2017

Bitnami User Survey Part 3: Containers Orchestration War or Peace?

We’ve all seen the many articles and blogs about container orchestration wars. Is that a vendor war? a user war? or not a war at all? I’m always interested in a good fight but I’m not sure there is one here. Our data seems to show there might not be a skirmish or even a scuffle, in fact it looks more like a peace treaty with the happy coexistence of multiple container orchestration services and solutions.

In part 3 of our user survey blog series, I wanted to expand on something we discovered in reviewing the results related to container orchestration adoption…that in over 40% of cases, container users reported using more than one orchestration solution, with some users reportedly using as many as 5. (two people actually reported using 7 !!!)

Figure 1. Number of Container Orchestrators Used

There are several logical explanation for this: 1. they are being used to manage workloads in different clouds 2. users are evaluating multiple solutions side-by-side to determine which will best fit their need 3. they're using different solutions to solve different use-cases.

To understand this better, we broke down the data even further to look at the number of orchestration solutions reportedly being used within each of the container services from the big public cloud providers.

Figure 2. Container Orchestration by Cloud Container Service

Key Data:

1. Amazon ECS uses are the most likely to have standardized on a single orchestrator.

2. Azure Container Service users are slightly more likely to be using more than one orchestrator

(this is perhaps reflecting the fact that ACS supports Kubernetes, Mesosphere or Swarm.)

Another interesting way to look at these results is by evaluating how orchestration solution adoption is distributed from single solution to multi-solution environments. Of course, the single solution leader will be some indication of a selection of a preferred platform but more interesting should be the distribution among users claiming multiple platforms. We know that from pure number of users that Kubernetes is the leading container orchestration tool (See Container Trends - Bitnami User Survey Part 2). What is interesting is that it is not the most widely chosen solution among those only using one, that position belongs to Docker Swarm.

Figure 3. Container Orchestration Usage by Solution

Key Data:

1. Amongst the container orchestration projects Swarm seems to have “platform loyalty” in the same way ECS does

2. People who are using Kubernetes are also using Swarm and AWS ECS, perhaps to cover different use-cases inside their organizations.

While not explicitly covered in the survey we can connect anecdotal data from customer conversations that suggests that Docker-compose/Swarm is more commonly used for development whereas Kubernetes or ECS is used more frequently in production.

If you are making a decision on where to invest as you build out a container strategy or you’re looking for tools that can help you manage your Kubernetes environment, you’ve come to the right place. Bitnami can get you started on your journey with pre-packaged container images from our vast catalog of ready-to-run applications and we’re actively developing a contributing to a number of leading edge Kubernetes projects.

Stay tuned for more from our 2017 Bitnami user survey. 

Wednesday, September 27, 2017

TensorFlow Serving Now Available in Bitnami!

Interested in experimenting with machine learning, or looking to add image recognition to your own application stack? Bitnami is pleased to announce that doing so just got easier, with the release of TensorFlow Serving with Inception-v3 framework!

TensorFlow Serving was developed and open sourced by the Google Brain team in 2015. It uses a standard architecture and set of APIs on which you can deploy machine learning algorithms, and is compatible with both TensorFlow models such as Inception-v3 and other types of models and data.

The Bitnami TensorFlow Serving stack comes with the Inception-v3 framework pre-installed and configured. Inception-v3 was developed for classifying complete images into 1,000 classes (such as llama, zebra, aircraft carrier, or even Pembroke Welsh Corgi) as part of the ImageNet Large Visual Recognition Challenge. You can use TensorFlow Serving for tasks like captioning images out-of-the-box, or you can add/create your own models and serve them instead.

We have a number of get started guides for using TensorFlow Serving in the cloud, on your Linux laptop, or even on your Kubernetes cluster! It has never been easier to start experimenting with this exciting technology, and the software is absolutely free to use. Give it a try!

Meet the Bitnami team: Sameer Naik

The Bitnami team is a diverse group of talented people distributed all over the world. Get to know them better through this series of blog posts.

Sameer is an Engineer on the Kubernetes team, and works remotely from Goa, India.

A brief bio

I am from and India, living in the beautiful state of Goa. As a young boy I loved tinkering with electronics. I would often take them apart and put them back together. I had my first experience with computers at an early age (it was a PC with 233 MHz and 16 MB RAM running Windows 95) and I would often watch my brother try to get Linux running on it and write computer programs for it. My journey in the world of computer science had begun as soon as I started to write code myself.

After graduating with a Computer Science degree, I co-founded a hardware startup to work on multimedia devices and developing the software stack for the platforms. I enjoyed the startup work culture and after some very memorable years, I decided to pursue my new found interest in cloud and container technologies and found Bitnami to be the perfect fit to start my new journey.

Why did you join Bitnami and what excites you about working here?

When I came across Docker, I was fascinated by the potential of Linux containers in the software development and delivery life cycle. I began experimenting with the tool and in the process published images for GitLab and Redmine, which became very popular in the Docker community.

I wanted to learn more about software delivery, container orchestration and cloud platforms and in the process came across Bitnami. From that point, it was clear that Bitnami was the place where I could learn more about these technologies.

The container landscape has evolved rapidly and I am proud to say that Bitnami has made significant contributions in the space with its efforts around the Kubernetes, Helm projects, and more! We have been hiring some amazing engineers and our team has grown significantly over the last year as well, which has been exciting to see.

What are you working on?

I am a part of the Kubernetes team at Bitnami. Our sole focus is to always improve our offerings in the container space. We are very proud of the Kubeless and Monocular projects that we have contributed to the Kubernetes community and will continue to enhance the user experience for these tools.

Our team has contributed significantly to the Helm project and are consistently engaged with the user community to understand how users are deploying Linux containers in their infrastructure.

                                                                                  What do you like to do for fun?

I enjoy the company of my pets. I have four dogs, which is a lot fun. I am a avid gym goer and try to workout as often as possible.

I love food, especially middle eastern cuisine. Like every foodie, this one likes to cook.

I am a self taught guitarist and played in a college rock band. It's been a really really long time since I last touched a guitar. I intend to pick it up again soon :)

I have become interested in blockchain technologies and often spend time exploring the exciting new world of blockchain products and services.

Interested in working with Bitnami and Sameer? Apply for one of our open positions!

Tuesday, September 26, 2017

7 Bitnami Engineers Among the First Certified Kubernetes Administrators

At Bitnami, we have been packaging applications for over a decade and we see application deployment as a continuum from bare metal, VMs, cloud images, containers even through to serverless. We made an early bet that Kubernetes was going to be the dominant orchestrator for containers in production and have been leading a number of Kubernetes projects that are simplifying packaging and deployment. (check out for 100+ ready-to-run kubernetes helm charts) As we built in-house expertise, we started training our users and customers at industry events and through an ongoing webinar series throughout 2017. So naturally when the Linux Foundation announced the start of their Kubernetes Certified Service Program we jumped at the chance to participate.

Kubernetes Certified Service Provider Requirements:
  • Three or more engineers passing the Certified Kubernetes Administrator (CKA) exam
  • Demonstrable activity in the Kubernetes community including active contribution, and a business model that supports enterprise end users including putting engineers at a customer site

Our Kubernetes team went above and beyond the requirement by having 7 of our engineerspass the CKA exam, 3 of which are our Kubernetes trainers.

22 companies were included in the founding class, and we are proud to say that Bitnami was one of them. Along with names such as Canonical, Huawei, and IBM, Bitnami is trusted partner of the Kubernetes ecosystem that can provide Kubernetes support to the world’s leading enterprise companies.

“As Kubernetes has grown, so has the demand from enterprises needing expert services and support. Enterprises working with KCSPs can be confident the partner they’ve chosen to work with has the training and skills needed to help them succeed with Kubernetes.” - Dan Kohn, Executive Director of the Cloud Native Computing Foundation, in the Linux Foundation Press Release.

Along with our continued contributions to the project, our KCSP certified trainers look forward to spreading their Kubernetes knowledge to enterprises around the world with our customized and detailed training offerings.

If your team is in need of Kubernetes training by a KCSP provider, 
please reach out to us

Thursday, September 21, 2017

Meet the Team: Victor Tuson Palau

The Bitnami team is a diverse group of talented people distributed all over the world. Get to know them better through this series of blog posts

Victor is the Director of Engineering, and works from our Sevilla Office.

A brief bio

I was born and raised in Barcelona. Growing up, I was always keen to learn about how things worked. My interest was equally divided between technology and nature. So much so, that the decision to do engineering came a few days before submitting my university choices. I set Computer Networks as first choice, followed by Veterinary Medicine as second. Luckily for the animal kingdom, I got my first choice.

Another of my passions is learning new cultures, so to complete my final-year degree project, I moved to England for 6 months… long-story short: I stayed there for 17 years, married an English woman and had two kids. In between, my wife and I managed to fit in 18 months living and working in India. 

Enjoying some outdoor time with the family
I soon discovered that although I liked engineering, I really loved working with engineers and helping them build awesome products. Over the years, I worked in the mobile phone industry (Nortel,Symbian and Nokia) before moving towards Open Source.

Before Bitnami, I was the Vice President of Customer Engineering at Canonical, helping our commercial partners to build and ship Ubuntu products.

Why you joined Bitnami and what excites you about working here?

Serverless, Containers and Kubernetes - these are three technologies that are changing the landscape of cloud computing. Bitnami is doing amazing work to bring our highly successful one-click-deployment developer offering from our installers and cloud instances to them. That was what got me talking to Bitnami.

It was meeting the fantastic engineering team in Seville that convinced me to jump on a plane and move to the South of Spain with my family. I am extremely lucky to cycle to the office every day through a city packed with Unesco World Heritage sites, and come to work in a start up packed with world-class professionals, both in our offices in Seville, San Francisco, and our remotely located colleagues. It also doesn't hurt having two very talented founders at the helm of the company! They provide a very crisp and exciting vision for our business and technology.

What are you working on?

As Director of Engineering, my role is to support the team in shipping products and becoming more efficient in the process.

For example, we have just added 4 new database multi-VM cluster solutions to our catalog. We are able to keep growing our catalog by investing in automation and improvements every iteration. Often, the most valuable feedback comes from our community forums and we make sure we help everyone who has a question.

The most important asset in Bitnami are our people; right now I am working with our Director of Operations to roll out improved practices in order to support engineers continuous learning and growth. With these programs, we focus on product, project and people skills and depending on their career choice, we help them achieve the right balance between the three.

I spend a large part of my time on our selection process. We are growing! Hiring the right people to enrich the team’s culture and skills is very important to me. We are looking for engineers for our assets (packaging and CI automation), tools development (golang), and Kubernetes teams.

What do you like to do for fun?

I just moved to Seville, so a lot of my spare time is spent wandering about Seville, visiting places and trying out new restaurants with friends. When it gets too hot, I have fun with my kids in the local pool!

Interested in working with Bitnami and Victor? Apply for one of our open positions!

Tuesday, September 12, 2017

Bitnami Application Catalog Now Available in Open Telekom Marketplace

Open Telekom Cloud users are now able to launch any of our 140+ optimized, trusted, and ready-to-run applications within their new marketplace! Bitnami is proud to be the first publisher of applications for the Open Telekom Cloud marketplace. Now, European customers are able to bring their workloads to Open Telekom Cloud through their marketplace and the Bitnami Launchpad.

With our new partnership, we plan to provide current and interested customers with a series of resources that will highlight the value of Bitnami and Open Telekom Cloud joining forces. Starting this past week we launched a joint webinar series that is designed to highlight a set of popular applications from our catalog and the onboarding and user experience of the Open Telekom Cloud. If you missed our first webinar focused on common Devops tools, Thinking One Step Further with time-saving DevOps tools with Bitnami applications on Open Telekom Cloud? Watch the on-demand recording below: 

For customers that may not be familiar with using open source software, Bitnami’s packaged application stacks provide added features and components to deliver everything you need out of the box. Bitnami ensures each application is: 

  • Ready-to-Run – Pre-configured applications and development stacks 
  • Up-to-date – Bitnami’s Application Catalog is continuously updated and secure 
  • Optimized – Consistently configured for best performance on any platform 
  • Trusted – Over 1 million Bitnami packaged applications are deployed per month 

Along with providing secure, up-to-date, optimized applications, Open Telekom Cloud keeps their customer’s needs in mind by providing a platform that meets German data privacy & compliance regulations and even the upcoming European General Data Protection Regulation, all while enjoying the benefits and flexibility of using the cloud.

New to Open Telekom Cloud? Sign up and receive 250 Euro!

Wednesday, September 6, 2017

Meet the Bitnami Team: Miranda Carter

The Bitnami team is a diverse group of talented people distributed all over the world. Get to know them better through this series of blog posts

Miranda is the Operations Manager on the Operations team, and works remotely from Vancouver, Washington. 

A brief bio

While I was in college, I took advantage of all of the internships that I could to enhance my skill set and narrow down all of the possible roles that I wanted to do in the workforce. As I went through each of my internships, I realized that I loved being a part of a company that was fast paced and was still in the stage of process creation instead of process enforcement.

As soon as I graduated, I started to look for my first full time job within start-ups, which is how I ended up at Bitnami as their Office Manager.

When I started 4 years ago, we had about 20 employees worldwide with only 5 of us in the San Francisco office that I managed. It was such an exciting time because I was able to learn first-hand about how the company ran while also helping to mold the company culture into a place that would now grow to over 70 people!

As our team has grown, so has my role. I am now the Operations Manager for the San Francisco office. My team covers the needs of our US-based team and all of our remote workers as well.

Why you joined Bitnami and what excites you about working here?

When looking for my new adventure, I was speaking with a few companies and Bitnami was the only one that really grabbed my attention. I knew that I wanted to work for a start-up, but Bitnami was the only company that seemed to have an actually long term plan for success and they were the only founders that I truly wanted to learn from. As time went on, that gut feeling rang true since I have learned more than I could have ever imagined during my time here.

Although it has been almost 4 years, I am still here because the ability to always learn something new has not gone away. Even as the team grows, each employee is encouraged to ask questions and join projects that they are interested in. With this type of company culture, boredom and complacency isn’t an option because things move too fast for you to ever settle down.

Remote-based working culture is one of the biggest aspects of why I am still here as well. Due to family circumstances, I needed to move away from San Francisco and to Vancouver, WA. At first, I thought that I would need to leave the company because of the move, but it turned out that the remote-based culture that Bitnami had built was strong enough to even allow an Operations person to get the job done from anywhere in the world.

The transition from working in the office to working remotely was seamless since all of the employees now understand how to work with remote team members.

Of course, as someone who used to work in the office everyday, I miss seeing everyone in-person, but I know that I will see them at least a few times a year. Also, the founders know the importance of this type of connection, which is why we have in-person engineering sprints a few times a year and the infamous yearly company all-hands trip!

What are you working on?

My team covers many different aspects of the company in order to make sure that daily operations run smoothly such as human resources, office management, recruiting, events and much more.

One of my current projects is focused on building an internal resource center for all company documentation, which will help increase knowledge sharing between all employees. I am using a tool called WorkRamp (seriously, the best tool) to create a company portal that includes all internal information, from our company handbooks to our marketing guidelines, to ensure that every single employee is able to gather the information that they need in one spot.

Enjoying some time at the beach with her little "family" 
What do you like to do for fun?

I am a dog and wine lover, so you can usually see me at an activity that includes either or both of those things during the weekend. One of my favorite places is the beach, so I am now spending the rest of the summer exploring the new Washington coast beaches that I haven’t been to before.

Interested in working with Bitnami and Miranda? Apply for one of our open positions!

Wednesday, August 30, 2017

Meet the Bitnami Team: JuanJo Ciarlante

The Bitnami team is a diverse group of talented people distributed all over the world. Get to know them better through this series of blog posts

JuanJo is a Senior Site Reliability Engineer on the SRE team, which is part of the Kubernetes Squad, and works remotely from Argentina.

A brief bio

¿ Cómo funciona (How does it work) ?

I’ve been passionate about «how things work» since I was a child. I still recall how anxious I was when waiting for my father to bring home the latest issue of «Cómo funciona» magazine. Not surprisingly, many years later FOSS became the major driver in my career.

That token[ring card] that changed my life.

My 1st taste of Internet came thru a Metro-Area-Network at the govt department I was working at, c.a. 1995, in Mendoza/Argentina, where we got a “lease” for one of those shiny public IP addresses. Alas, it was linked via a single token-ring NIC installed in our Slackware Linux gateway box (an old IBM PS/2 we had recycled for that purpose). With no budget for a second TR NIC, several hundred dollars at that time and baby Linux 1.2 only supporting a single address per interface, it quickly became unsustainable to switch between our formal govt’s private address and the precious public one.

Hm … what about that ~2MB linux-1.3.xx.tar.gz source that’s written in that C language I had been tinkering with? After some weeks, many tries+rebuilds+crashes along the way, I had hacked up something beyond WFM, post-able to the linux-kernel mailing list -- with the help and feedback mainly from Alan Cox¹, we got ip_aliasing finally merged in linux-1.3.47 \o/
Since then I contributed to many other FOSS projects: Linux IP masquerading improvements, user/kernel space OpenSWAN crypto algo modularization, IPv6 transport support for OpenVPN, among other sparse bits.
Cloud-y times ahead.

In 2007 I joined Google at their Switzerland HQ as an SRE. By 2012 I had to return to my home country (was techlead of the GMail/Abuse-backends SRE team by that time) ... those times you’d want fork() to be a real-world thing.

Alas, an opportunity to work from home for Canonical had opened, which I was lucky enough to grab: joined as Webops/SRE, later CRE (Cloud-RE) to wheel OpenStack-s for fun and profit.

Being back home also allowed me to resume my courses at the Universidad de Mendoza - re-joining that synergy that comes from teaching↔learning.

During my career I had been so lucky to have great challenges, learn so much from my awesome colleagues, work+contribute to FOSS projects, what else could I ask for? →

Why you joined Bitnami and what excites you about working here?

→ Kubernetes 

I’d been missing a rock-solid cloud orchestration platform (yeah, every Xoogler misses Google’s Borg I guess), but then Kubernetes came to life! Then Bitnami -- with its focus on the application orchestration realm together with its strong involvement in k8s projects in like kubeless, helm and ksonnet/kubecfg -- made a perfect fit for me :))

I also love the company-wide team culture, how horizontally you can approach managers and founders, it’s a great place to work !

What are you working on?

As member of the SRE team, we are involved in a pretty diverse set of devops tasks and projects, while also actively contributing to our Kubernetes efforts - for example, I recently added integration tests to kubeless, which ended being quite a trip (riding Travis to spawn a kubernetes cluster for your tests to land-on is an interesting challenge).

What do you like to do for fun?

Hmm guess that bash 1-liners don’t count here, so let’s try something else :#)

I love cooking (yeah you may say that’s meal-Engineering, but I’d like to convince myself that’s not only that ;). I also enjoy travelling to learn from other people’s culture, art and nature.

I’ve recently joined a local runners’ group, which gives another way to enjoy the beautiful hills surrounding Mendoza.

¹FWIW Interesting thoughts and discussion with Alan Cox: he pushing me to come up with something that would not require extra tools than ifconfig, then telling me why my original choice of ‘/’ as a shell-friendly aliased interface separator (i.e. no ‘|’, ‘$’, etc) was actually a bad idea - hmm not many choices left:
@ ←nah, so email-ish
% ←ditto (uucp routing, anyone?)
. ←meh looks like a file extension
: ←yeah, available! - plus there’s no such thing as drive-names on *nix OSes, after all ;)

Interested in working with Bitnami and JuanJo? Apply for one of our open positions!

Security Issue: RubyGems

Ruby project has published a security advisory due to multiple moderate-severity vulnerabilities in RubyGems bundled by Ruby. The reported issues are:
  • A DNS request hijacking vulnerability
  • An ANSI escape sequence vulnerability
  • A DoS vulnerability in the query command
  • A vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files

The following versions are affected:
  • Ruby 2.2.7 and earlier
  • Ruby 2.3.4 and earlier
  • Ruby 2.4.1 and earlier

At this time, there are no Ruby releases with the fix for RubyGems. It is strongly recommended to apply one of the following workarounds:
  • Upgrade RubyGems to the latest version (2.6.13) by executing:
     $ gem update --system 
  • Apply the patch for your version:

You can find more info about this issue in the links below:

RubyGems project
Hacker News

If you have further questions about Ruby or this security issue, please post to our community forums and we will be happy to help you.

Monday, August 21, 2017

Container Trends – Bitnami User Survey 2017 (Part 2)

Survey Says: Kubernetes

Name the top 5 container orchestration solutions.

Top answer on the board: Kubernetes

The rise of Kubernetes as the leading container orchestration tool should come as no surprise. It’s the topic of the day with Amazon and Microsoft recently joining the CNCF. In a few short years, we’ve seen hundreds of companies join the ecosystem building or modifying solutions to support kubernetes (check out the recently updated CNCF Landscape) and we’ve even seen the early days of acquisitions beginning to happen. With all that is being said and written, it’s still good to back up a trend with some good old-fashioned data.

As promised (see Container Trend Part 1), in our second post covering our recent user survey we’re taking a look at container orchestration trends. In our last blog post, we showed the increase in interest, highlighting a more than 2x increase in production container usage from 2016 to 2017. As that increase in container usage was happening, what impact did that have on how containers were being managed? Of course, we’d expect some increase in usage of container orchestration to match that growth.

We asked our users “What Container Orchestration System(s) does your company use?” and the results were surprising in a few ways. First and foremost was the enormous growth of Kubernetes. And while Mesos usage doubled, it still pales in comparison to new entrant offerings like AWS Elastic Container Service and Azure Container Service. Docker Swarm showed significant growth over that period as well, perhaps due to Swarm being included in the Docker 1.12 release. The least surprising bit of data was the sharp decline in users with no container orchestration, which is supportive of the shift from dev/test to production.

Figure 1. Container Orchestration Adoption - 2016 vs 2017

Key Stats:
  • 115% growth in businesses using Kubernetes
  • 100% growth in Mesos
  • AWS Container Service overtaking Docker Swarm in less than 1 year
Digging deeper into container orchestration, we wanted to understand the scenarios in which the various platforms are being used. Knowing there was such a huge shift to production environments in the past year and seeing the impact that had on orchestration adoption above, we wanted to understand if there was preference for one platform over another as users make that move. For the most part, platform selection for dev/test is aligned with production. Focusing specifically on 2017 in this data set, we can see that Kubernetes, AWS and Azure usage all increased a few percentage points over their general adoption numbers when users were focused on production usage, with the largest number of users selecting Kubernetes.

Figure 2 – Container Orchestration Adoption 2017 – Dev/Test vs. Production

Key stats:
  • Kubernetes is platform choice for over 50% of existing production container deployments
If you are making a decision on where to invest as you build out a container strategy or you’re looking for tools that can help you manage your Kubernetes environment, you’ve come to the right place. Bitnami can get you started on your journey with pre-packaged container images from our vast catalog of ready-to-run applications and we’re actively developing a contributing to a number of leading edge kubernetes projects.

Stay tuned for more from our 2017 Bitnami user survey. Next time we’ll break down container orchestration a little further and look at mixed usage …we’re just getting started.

Thursday, August 17, 2017

Meet the Bitnami Team: Marko Mikulicic

The Bitnami team is a diverse group of talented people distributed all over the world. Get to know them better through this series of blog posts.

Marko Mikulicic is a Senior Engineer on Bitnami’s Toolchain team, and works remotely from Italy.

A brief bio

As a kid I liked to take everything apart to see how it works. But computers were different. When I was 8, putting my hands on one wasn't easy, given my track record. But once opened, the mystery just deepened.

Marko enjoying some time with his son

That machine, which allowed my father to stop keeping the neighbours awake with the clickety-clack of his old typewriter, was able to surprise me with its seemingly never ending amount of things it could do. Yet, all I could see was a bunch of quiet plastic bricks, not humming, not glowing, but nevertheless launching my 8-bit cannonballs over rasterized mountains hitting simulated walls of imaginary castles. Every game or application I saw triggered that instinct: take it apart and see how it works!

Like physicists discover how nature works, I was discovering the laws of this marvellous machine. I say discover, because while the knowledge was definitely out there, I first had to make sense of it: as a Croatian immigrant in the Italian-speaking part of Switzerland, I could only put my hands on the tech books from the country majority language. Thus, I co-learned German and C from the same book.

But C did no good. Non only it did not quench the thirst (too high level; what does the machine actually do!?), but the toolchain didn't fit in a single floppy drive. While forever flipping floppies on my shiny Amiga 500, I found a book about assembler and was happily programming in mc6800 assembly hereafter until hard drives finally came into town.

From there, I worked my way through a bit of everything: from academia to the industry, from applications to development tools, from writing compilers and interpreters to operating systems, from micro-optimizations to large scale design, from embedded development and hardware to working on the largest machine learning system on earth at Google.

Other than that, I lived in Switzerland, Croatia, Ireland and Italy. I have forgotten a lot of languages.

I have a 1 y/o son who makes me dream of sleeping.

Why you joined Bitnami and what excites you about working here?

I really like working on tools that make software engineers more productive, which is part of Bitnami’s overall mission. Software engineers love their tools and often have to build their own, either for fun or out of frustration. But there is not enough time to struggle with the same things over and over.

Nowadays most people don't assemble their own PCs and often they don't even install their OSs anymore; we can see how the same pattern can be applied further down on whole development and production environments, leaving you more time to actually focus on your own software and the many more interesting challenges you can face.

I believe Bitnami can make the difference here and give a lot of people that kickstart in productivity they need to build amazing things.

Plus, it's a fun place to work! I have worked in both small and large companies, so I know the pros and cons of both. Bitnami caught my attention because it is an interesting size, in an interesting moment, and has plenty of potential for solid foundations.

Bitnami is also full of people that come from very different experiences. Something that's new for you was well explored by someone else, and vice versa; this offers a lot of opportunities to stay curious and learn a lot of things.

Also, I had to relocate back to Italy for family reasons and I found that Bitnami had built a solid remote working culture that was compatible with my time zone.

What are you working on?

While Bitnami is sharing and contributing to lot of open source projects, like Helm, Kubeless and Cabin, the main thing is still the application catalog, packaged in many ways: VMs you can run on premises, cloud images readily available at your cloud provider of choice and containers you can run just everywhere.

These applications and infrastructure components which you can use to build your systems on are curated by skilled humans who try hard to make things just work so you can worry only about things that matter.

But then, we have hordes of little (software-based) Elves that do the grunt work of building, packaging, updating, testing, publishing, notifying, monitoring so that you can enjoy your click-to-deploy Mongodb cluster.

My job is to program those little subordinate clauses, telling them what to do and how to interact with each other, so that we can free up some valuable for humans to do what they (I mean, we) do better: be creative and apply judgement calls.

Building complex and dependable automation is fun and challenging. It's hard to draw the line between what should be automated and what not, and it's easy to fall in the trap of turning humans to log and graph watchers and mindless button pushers just because you cannot really trust the amazingly complex automation you just built. So much fun, much reward.

What do you like to do for fun?

I work for fun and live for a living.

Not work work, I mean, somehow I got dragged into this whole thing about farming and growing food, making my own olive oil etc; it's serious work! I even had to ferry donkeys across europe, twice.

Not wasting money on gyms; doing useful work as Joule intended instead!

I don't dismantle things anymore. Entropy does it for me.

When I had time, I used to be a musician. I also liked words.

When I grow up I want to be taller.

Interested in working with Bitnami and Marko? Apply for one of our open positions!

Security Release: Drupal 8.3.7

Drupal has released a new version that fixes three security vulnerabilities. These vulnerabilities affect Drupal versions prior to 8.3.7.

The vulnerabilities fixed in the latest version of Drupal (8.3.7) are the following:
  • Entity access bypass for entities that do not have UUIDs or have protected revisions - Access Bypass - Critical - CVE-2017-6925
  • Views - Access Bypass - Moderately Critical - CVE-2017-6923
  • REST API can bypass comment approval - Access Bypass - Moderately Critical - CVE-2017-6924

It is recommended that you update your Drupal application to the Drupal 8.3.7. You can follow our documentation to learn how to upgrade your application and ensure its security.

For new application deployments, including the Bitnami Launchpad, we have released Drupal 8.3.7 containers, installers, virtual machines and cloud images that includes the security fixes to address these vulnerabilities. If you deploy Bitnami Drupal via one of our cloud partner marketplaces and it is not yet updated to version 8.3.7, you will need to upgrade your application using our documentation.

If you have further questions about Bitnami Drupal or this security issue, please post to our community forum, and we will be happy to help you.

Friday, August 11, 2017

Security Issue (CVE-2017-1000117): Git, Subversion and Mercurial

A new version of Git has been released to address the following security vulnerability: CVE-2017-1000117.

This is an important issue-- A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim could be tricked into running "git clone --recurse-submodules" to trigger the vulnerability.

This has been a coordinated release with Subversion and Mercurial that share a similar issue. CVE-2017-9800 and CVE-2017-1000116.

We have released all the affected containers and Helm charts for Kubernetes.
We continue working on releasing all stacks that ship Git, Subversion or Mercurial.

If you can not update or migrate to a new version, the workaround would be to disable the “ssh://” protocol of your web application. GitLab shows you how to do this via their workaround.

Have questions about this security vulnerability for Bitnami solutions that ship Git, Subversion or Mercurial? Post to our Community Forum, and we will be happy to help you.

Cloudy times ahead for SIs and MSPs?

As enterprise IT spending on cloud goes mainstream, how do more traditional SIs, consultancies and MSPs “go cloud”?

dreamstime_xxl_3042198.jpgFor Systems Integrators, IT consultancies, and Managed Service Providers, there has never been a better time for a client conversation about cloud migration. The drive for enterprises of all sizes to migrate to a modern cloud IT infrastructure is overwhelming. But if you don’t yet have the extensive experience or established reputation in building cloud solutions, how can you begin to deliver with greater repeatability, lower risk, and faster implementation.

Just how big is the opportunity?

In April, Forbes published a really useful “Roundup Of Cloud Computing Forecasts, 2017”. It compared and contrasted predictions from a range of analysts about the future growth of cloud computing, concluding that enterprise spending on cloud IT infrastructure will increase by 15% to 20% per year in the next five years – with most of that growth coming from public cloud infrastructure. Forbes’ claims are bolstered by staggering financials from the leading public cloud vendors: most recently (Q2 2017) Amazon Web Services’ (AWS) revenue surged 42 percent year-on-year (on an annual run rate of around $16 billion!) while Microsoft Azure's revenue jumped 97% year-on-year in the same period.

The shift in enterprise IT spending to cloud - now universally global, and across organizations of all sizes and sectors - represents a massive opportunity for SIs, consultancies and MSPs. Cloud specialists such as Cloudreach, Cloud Technology Partners (CTP), Logicworks and Nordcloud are already taking full advantage. They were either born in the cloud, or have fully transformed for the cloud era. They are part of a new generation of Public Cloud Infrastructure Managed Service Providers described in a new Gartner Magic Quadrant report published in March 2017. They each have a suite of well-honed capabilities, tools and processes to help customers transition to a more cloud-native, DevOps-oriented approach.

The challenges for traditional Integrators and MSPs

As the IT services market matures, enterprises of all sizes are expecting a wider range of consultancies and MSPs to meet their demands in helping transform their infrastructure. The cloud-hungry customers of tomorrow will be looking for in-depth knowledge of cloud platforms and the right processes to manage costs, sprawl, and security - but they may be looking for more than a pure cloud consultancy. These new opportunities may be long standing clients, new word-of-mouth recommendations, or companies looking for your industry-specific expertise. Whatever the reason, they will value your proven expertise in delivering solutions - but will need it delivered on the cloud. These increasing demands to deliver cloud-native solutions can present you with many challenges including:
  • Repeatability and consistency - can you deliver a repeatable practice, delivering predictable ROI, regulatory compliance, and enterprise-grade operations assurance? Or do you need to architect a complete solution from scratch for each new customer?
  • Efficiencies - do you have the necessary tools for rapid deployment of business workloads with overheads low enough for you to be competitive?
  • Credibility and confidence – without a wealth of customer references, how can you demonstrate your ability to deliver on the cloud? Can you recommend and articulate a clear path to success?
Maximizing efficiencies, minimizing risks

How can systems integrators and consultancies best operationalize to address this new opportunity with multiple moving parts & trends? How can you best develop the capability to deliver cloud projects faster, with less risk and make more money? Two clear ways of doing this are by leveraging open source technologies, and by taking advantage of greater levels of automation.
  1. Open source technologies
    Open source is now almost universally embraced, and to some degree mandated (for example in US Federal Government projects). Leveraging open source technologies allows you to efficiently build a solution from server applications (e.g. Drupal, edX) running on Linux, or to develop on top of infrastructure components (e.g. MongoDB, Node.js, PHP). This might be for a direct “lift-and-shift” of an open source-based application running in a datacenter, an extension of an existing system (e.g. a backend to support a new mobile app), or a new-and-improved alternative for an existing proprietary platform. Best-in-class open source components (created and maintained by passionate, innovative, expert communities) will provide the necessary functionality and infrastructure building blocks allowing you to focus on delighting clients with customer-specific features. They will also enable you to spin-up POCs more rapidly to demonstrate your capabilities to customers early in the sales cycle.

  2. In-house automation
    The use of in-house automation is essential. It will allow you to successfully deliver repeatable services with more efficiency and less risk. In the short term this, will help you reduce implementation time, but as the market develops it will be increasingly important to offer competitively priced services. Automating manually-intensive, repetitive tasks will help you to focus more on the client’s unique needs and help them fully realize the business benefits of migrating to cloud-native infrastructure.

    The best automation tools will also help you deliver solutions for your customers on multiple cloud platforms. In an evolving landscape, many enterprises want flexibility in their choice of cloud service. Being able to offer multiple options will help you stand out from your competitors.
Bitnami has vast experience in open source technologies - we deliver over 150 secure, trusted, and optimized applications and developer stacks for each of the leading cloud platforms (including AWS, Azure, Google Cloud and Oracle Cloud), and in multiple formats including Docker containers and Helm charts for Kubernetes. We operate at scale with more than one million deployments every month, driving tremendous value for our end users and cloud partners.

Updating and maintaining our images to the required high standard means we perform literally thousands of updates every month - CVE’s are patched and images are rebuilt/ tested/ published in the fastest possible time. The only way we can realistically achieve this is via our own efficient, reliable automated build and delivery platform. It’s so reliable and efficient we have based a successful business on it for many years.

We’ll soon be making this automation platform available for you to build and maintain custom images and templates for your customers. Find out how Bitnami can help with the heavy lifting for you to “go cloud."

Thursday, August 10, 2017

Bitnami Now Provides Secure Open Source Applications for AWS GovCloud

Today, we are excited to announce that Bitnami is a Launch Partner for AWS’ new GovCloud (US) Marketplace, bringing the Bitnami Application Catalog to qualified public sector customers in the US! GovCloud users can now deploy any of Bitnami’s 110+ packaged applications to “an isolated AWS region designed to host sensitive data and regulated workloads in the cloud.”

AWS GovCloud users can now easily deploy and maintain applications in the cloud with Bitnami. For public sector customers that may not be familiar with using open source software, Bitnami’s packaged application stacks provide added features and components to deliver everything you need out of the box. Bitnami ensures each application is:
  • Ready-to-Run – Pre-configured applications and development stacks 
  • Up-to-date – Bitnami’s Application Catalog is continuously updated and secure
  • Optimized – Consistently configured for best performance on any platform
  • Trusted – Over 1 million Bitnami packaged applications are deployed per month 
The AWS GovCloud helps customers comply with government security and regulatory requirements such as ITAR and FedRAMP, while enjoying the benefits and flexibility of using the cloud. GovCloud is only operated by Amazon employees who are U.S. citizens that reside within the United States, and is only accessible to US persons working at government agencies or in related industries.

Want to learn more about the AWS GovCloud or how to get started? Feel free to read more here.

Ghost 1.5.1 Released!

We are happy to announce that Ghost 1.5.1 is now available on Bitnami! Ghost is quickly becoming one of the most popular publishing platform with it's 100% open source tool that allows you to create your dream online publication with ease.
The new version of Ghost includes:
  • New editor
  • Refreshed UI
  • New default theme design
  • Night shift mode
  • Publication icons
  • And more!
If you already have a running version of Bitnami Ghost, you can update your application by following these simple steps:
1- First of all, make a backup of you Ghost content:
In your existing (pre v1.0.0) Ghost blog, navigate to YOURSITE/ghost/settings/labs/ (the settings->labs page in Ghost-Admin) and click on the Export button. It should look something like this:

lts labs page

This will download in your system your JSON export file that you need later. 2 - Launch a new Bitnami Ghost instance
3 - Import your content into your new Ghost instance:
On your new blog navigate to YOURSITE/ghost/#/settings/labs (the settings->labs page in Ghost-Admin), click Choose file and select the JSON export file created before from your system, then click on the Import button.

v1.0.0 labs page

Please note that Ghost importer will not import themes. You could see a warning that your themes have not been imported, that is the normal behaviour, you can continue to the next step. 4 - Move your images You need to copy/move your images from your existing directory <ghost-dir>/htdocs/content/images to the new instance directory <ghost-dir>/htdocs/current/content/images. 5 - Move/upload your themes
Navigate to YOURSITE/ghost/#/settings/design (the Settings->Design page in Ghost Admin) then click Upload a Theme button and follow the instructions. Now you have you system fully migrated to the newest Ghost version!

Upload a theme

Haven't tried Ghost yet? Not to fear!

You can easily get started with Ghost by launching it in the cloud, as a Virtual Machine, or native installer.

Wednesday, August 9, 2017

Meet the Bitnami Team: Jose Vazquez

The Bitnami team is a diverse group of talented people distributed all over the world. Get to know them better through this series of blog posts.

Jose Vazquez is Senior Backend Developer on Bitnami’s WebDev team, and works remotely from Madrid.

A brief bio

Technology is my passion, specially software, systems and all things digital. I started with C, but then I got into that “new shiny thing” (back then) called Java. I got my degree as a research student at HP Labs Bristol, working on Java distributed systems ideas that later became the “cloud”. Back in Spain I did quite some J2EE-style projects for various companies, some C/C++ and acquired experience with Linux, SQL & Relational Databases, Source Control systems, Javascript and yep, that was the time of all-things XML!

Jose enjoying a bike ride with his son
I've been following Go since its early days, I even made a contribution to the http package, early on. What can I say, I do prefer strongly typed languages generating static compiled binaries after all... Better get annoyed by the compiler at office hours than by page from a production system at 3AM!

In 2013 I moved to Dublin, to work for AWS DynamoDB, maybe the world's biggest NOSQL DB deployment? Keeping the service up & running, we enhanced service internals (Java), and the automation around it (Python & Java). There I made the switch to git, unit testing & code reviews and never looked back! After AWS, I worked for Canonical, delivering the Ubuntu images for “the big 3” and most other clouds. The team was distributed across countries and time zones! Work was mainly in Python & Jenkins.

Why you joined Bitnami and what excites you about working here?

Distributed Systems, cloud and lately containers define my favourite domains of the technology to work within and contribute to.

Bitnami’s focus on keeping hundreds of applications up to date for all consumer channels, especially the cloud and containers, will expose us to interesting problems to which we’ll have to provide state of the art solutions for. We are the first ones doing this, the leaders, at least at the scale Bitnami does it.

On the personal side, apart from the technologies, I was looking for a remote job, preferably more EU than US-centric. Bitnami provided just that, and also the opportunity for me to work with a highly professional and technological skilled group of people all over the world, from home. What else can you ask for?

What are you working on?

I work with the webdev team. Our focus within Bitnami is to deliver awesome applications prepared by the assets team to our cloud partners. Since I just recently started, I am personally focusing more on the backend of things, including amongst others, the on-boarding of new Cloud Service Providers: building and publishing cloud-images/multi-tier solutions to Marketplaces.

The goal of my team is to reach to all clouds and deliver our apps everywhere as flawlessly as possible, aiming for the greatest level of automation.

What do you like to do for fun?

I used to play basketball quite a lot, and ride bikes (a bit less often, I have to admit). Cinema (as an spectator ;-) has always been one of my passions. However, with family duties lately I consider myself lucky if the kids will go to sleep early enough, to let us watch a nice movie, from time to time.

But hey, I do also enjoy having the whole family going out, and maybe shortly watch movies, and even do some bike & basketball again with the kids!

Interested in working with Bitnami and Jose? Apply for one of our open positions!

Tuesday, August 8, 2017

Container Trends – Bitnami User Survey 2017 (Part 1)

Each year Bitnami conducts a survey of our user base. This year, we’ve gathered quite a bit of data about orchestration, automation, application development, development environments, containers and of course some very specific data about the wants and needs of full-time developers. Over the course of the next few weeks, we plan to share some of the industry trend information that we’ve captured in a series of blog posts and infographics.

One of the key technologies that we’ve been tracking for the past few years has been containers. In this year’s survey, we were impressed by the growth in container interest and the rapid growth in production usage. The first evidence of the increased interest was that the number of developers who told us they were using containers grew more than 2x from 2016 to 2017. The second significant piece of information from our survey was the large shift to production usage, seeing only 27% of users with containers in production in 2016 grow to over 65% in 2017. This trend was also supported by a decline in users reporting that they are using containers only for dev/test use-cases with no intent to run in production.

This indicates not just a maturation among the early adopters of containers from 2016 but a growing user base that is rapidly adopting and moving from dev/test to production.

Figure 1. Container Usage Dev/Test-Only vs. Production - 2016 vs 2017 

  • More than 2x increase in production container usage
  • 50% decrease in dev/test-only usage YoY

Looking deeper into what “production” meant to our users and at what scale, our survey data showed that large scale production usage (defined as 50+ container host machines) grew more than 100% year over year while respondents with fewer than 50 container images grew more than 250% year over year.

Figure 2. Container Usage – Production Scale – 2016 vs 2017

We can clearly see that container usage is shifting from dev/test to production environments, and we’ve established that usage is starting to reach some critical mass at scale. Let’s look at where the usage is coming from. Breaking down our data and reviewing production container usage by company size shows us that it is well distributed regardless of the number of employees. Small companies of less than 50 employees make up the largest percentage of production usage, however mid-sized business (50-1,000 employees) and large businesses (1,000+ employees) are not that far behind in their usage of containers in production environments.

Figure 3. Container Usage by Company Size

The Bitnami User Survey clearly shows that container orchestration has moved rapidly from dev/test to real production in the last year and that rate of adoption is likely to accelerate further as the small-scale deployments scale up. Look for our next post in this series where we’ll review what tools are the most popular for container management and what platforms are being selected for container hosting.

To accelerate container usage in your company, be sure to check out Bitnami containers for the latest stable versions of your application stacks and development environments. If you are a Kubernetes user, be sure to visit to discover and launch Kubernetes-ready apps.

Security Release: Jenkins Plugins Vulnerabilities

The Jenkins project has published a security advisory due to some plugins vulnerabilities. These are the affected plugins:
  • Blue Ocean:
    • GitHub Pipeline for Blue Ocean up to and including 1.1.5, 1.2.0 beta releases up to and including 1.2.0-beta-3
    • REST Implementation for Blue Ocean up to and including 1.1.5, 1.2.0 beta releases and up to and including 1.2.0-beta-3
    • Bitbucket Pipeline for Blue Ocean 1.2.0-beta-3
  • Config File Provider Plugin up to and including 2.16.1
  • Datadog Plugin up to and including 0.5.6
  • Deploy to container Plugin up to and including 1.12
  • DRY Plugin up to and including 2.48
  • OWASP Dependency-Check Plugin up to and including
  • Pipeline: Groovy Plugin up to and including 2.38
  • Pipeline: Input Step Plugin up to and including 2.7
  • Script Security Plugin up to and including 1.30
  • Static Analysis Utilities Plugin up to and including 1.91
Bitnami deployments include some of these plugins by default. It is strongly recommended that you update your Jenkins plugins to the latest version, Jenkins 2.60.2-1. You can upgrade the plugins of your Bitnami Jenkins application following our documentation.

For new application deployments, Bitnami has released Jenkins 2.60.2-1 LTS installersvirtual machines and cloud images with the latest versions of the plugins that include the security fixes. If you deploy Bitnami Jenkins via one of our cloud partner marketplaces and it is not yet updated to 2.60.2-1, we strongly suggest that you update your Jenkins plugins to this latest version. If you are using the Bitnami Jenkins Docker container image, please follow the documentation in our GitHub repository to upgrade your deployment to the 2.73 Jenkins version with the latest plugins.

If you have further questions about Bitnami Jenkins or this security issue, please post to our community forums and we will be happy to help you.