The Internet was built with de-centralized infrastructures in mind. To scale globally, network providers like CloudFlare have emerged, to run decentralized infrastructures and offer them as a service. In general, keeping service independent of each others and maintaining heterogeneous networks have a proven track record of resilience, that is not necessarily inherent to the architecture of these providers. Just like Akamai had a bad day in 2004, CloudFlare today suffered from a global outage, that left many obvious collateral problems visible all over the Internet. Bloomberg, among others, reports:
CloudFlare Inc., an internet service meant to protect websites from going down, faced its own network issues on Tuesday, leading to several prominent sites — like blogging platform Medium and video game chat provider Discord — being unavailable for some time.
They found that despite the 40% “ad-tech” premium charged by behavioral ad companies, the ads only added about 4% the media companies that published them, meaning that behavioral advertising is a losing proposition.
Google’s Kubernetes Engine (GKE) now supports node pools that are wrapped in gVisor to allow running untrusted workloads. The idea behind gVisors is to emulate all system calls in user space and provide a sandbox to processes that cannot be trusted. GKE allows to enable this with a configuration option now.
New GKE Sandbox brings added security to your containers running in Google Kubernetes Engine clusters.