Friday, December 7, 2018

WordPress 5.0 is Now Available on Bitnami

WordPress, the most popular open source CMS, has just announced the biggest release of the year with WordPress 5.0. And now, it is available in the Bitnami catalog.

You can deploy Bitnami WordPress 5.0 in just a few clicks:

So, what's new in WordPress 5.0?

WordPress offers now a new content creator/editor called Gutenberg. This new core block builder will change how WordPress works, and replace the existing classic editor. Gutenberg will make the content writing and editing process more modern and faster. Create blocks, drag and drop elements, and adding media files is now easier than ever.


New Gutenberg WordPress Editor

WordPress 5.0 also includes the new minimal Twenty Nineteen theme, with full front and back-end Gutenberg support.

This release also includes other features like security updates, front-end editor improvements, mobile optimization and much more.

Twenty Nineteen WordPress theme

Get started with the new version of WordPress today! If you have any questions about how to update your Bitnami WordPress, check out our step-by-step guide or reach out to us on the community support forum. We'd be happy to help you! 

Wednesday, December 5, 2018

Security Alert: Jenkins Code Execution through Crafted URLs

The Jenkins project released a new version that fixes multiple security vulnerabilities. The most important one is the “Code execution through crafted URLs”. This vulnerability allows invoking methods that were never intended to be invoked in this way.

We recommend that you update your Jenkins installations to the latest version. Please follow our documentation to learn how to upgrade your application. If you are using the Bitnami Jenkins Docker container image, please follow the documentation in our GitHub repository.

You can find more information about this Jenkins security issue in the Jenkins Security Advisory.

Bitnami has released Jenkins version v2.150.1, in containers, Helm Charts, Multi-Tier solutions, installers, virtual machines, and cloud images to fix these vulnerabilities.

The Bitnami Jenkins stack offered in bitnami.com and in our cloud-specific launchpads has been updated to that new version. New launches of Bitnami Jenkins via our launchpads are secure and do not need to be updated further.

Users who launch Bitnami Jenkins via cloud marketplaces are advised to select the version v2.150.1 of Bitnami Jenkins, once it is published. Installations based on previous versions must be upgraded using the process described above.

If you have further questions or concerns about Bitnami Jenkins or about this security issue, please post to our community forum and we will be happy to help you.

Tuesday, December 4, 2018

Using Stacksmith and Kubeapps To Create a Catalog Of Trusted Applications In Your Kubernetes Cluster

Companies with large IT infrastructures need a way to manage what is running in their environment end to end. At Bitnami, we understand this problem very well. In this article, I will show how implement a solution for creating, maintaining, and distributing trusted applications across your organization. It will also give you improved control over compliance to corporate and IT policy and improve your IT security.

The solution I will discuss has two parts: ensuring that the applications and assets that get created follow your policies and best practices and remain up-to-date; and providing an easily accessible, easy-to-use service catalog for sharing the approved assets across your organization.


Creating a Set of Trusted Applications


The first step is to ensure that everything your teams create get packaged according to your company’s best practices. This means the applications and assets are built with tested and approved components, are free from known security issues, and that any hardening and other required policies have been applied. Getting to this state can be done by defining a set of trusted deployable assets that you and others can safely use in your environment.

There is an ongoing component here as well - the need to ensure that assets remain up-to-date and do not get stale over time. This means that whenever any component of an application needs updating, or an application includes components with known security issues, the application should be re-packaged to incorporate the latest versions and security-issue fixes.

This step can be accomplished - and even automated - with Bitnami Stacksmith. Stacksmith lets you automate and optimize the packaging of your applications for deployment to cloud and container platforms. It also lets you ensure that Sec and Ops best practices are included at packaging time, producing the trusted asset. And, it continuously monitors your applications and assets for updates, patches, and vulnerabilities, allowing you to automate maintenance and ensure that what gets packaged is always up to date and secure.


Distributing Trusted Applications via a Service Catalog


The next step is distribute these trusted applications across your organization. By providing a service catalog, you give your users a consistent, central repository from which they can locate and launch applications. Use of a service catalog also lets Ops ensure that only trusted applications and assets are available for users to launch, and that what is posted in the service catalog is the latest build of that asset, that contains any security or other updates.

This step can be accomplished for your Kubernetes cluster with Kubeapps along with a Helm chart repository. Kubeapps is an open source project that simplifies the discovery, launching, and managing of applications. It can be run inside your Kubernetes cluster to provide your users with a web-based UI, to make accessing applications in the chart repository easier.

Kubeapps provides a single place where people in your organization can start new applications, see what has been provisioned and manage their deployments inside the cluster. It allows you to manage available IT services and helps you achieve governance and meet your compliance requirements, while enabling users to deploy only IT approved services.


Better Together


Closing the loop between the two steps discussed above, there is an easy way to integrate the packaging and updating process of Stacksmith with the distribution of Kubeapps. The result delivers an automated and manageable way to ensure that trusted assets are created, are posted to your service catalog, and are always current.

Here is what that workflow from trusted input and policy, to packaging, to posting looks like:






Summary


As you can see, using Kubeapps along with Stacksmith allows your organization to create and maintain a catalog of trusted applications and services that can be launched in your clusters. This reduces the risk of users launching applications that are not compliant with your corporate standards and/or requirements.

Want to go deeper? For a step-by-step guide on how to set up Kubeapps and Stacksmith to provide a service catalog inside your Kubernetes cluster, go here.

To learn more about Stacksmith, visit bitnami.com/stacksmith. To learn more about Kubeapps, visit the GitHub project.

Or contact Bitnami at enterprise@bitnami.com for a personalized discussion and demonstration of how Stacksmith and Kubeapps can provide compliance and governance for your IT.