NewsBits for the week ending March 31st: Pedis changes licence, Elastic ships Elasticsearch 5.3, the future of PostgreSQL and JSON outlined, Apollo 1.0's their client for GraphQL, Kubernetes is 1.6 and ready to scale, rkt and containerd are incubating, Swift 3.1 improves on Linux, LastPass has a hole and neural nets and write Linux.
It's all the news that Compose's Content Curator has found in the last week, served up in delicious bits. These are the NewsBits.
A relatively new player on the NoSQL block, Pedis is a parallel Redis implementation which is built on the Seastar C++ framework. Seastar is the framework that ScyllaDB built and builds on. In development since last August, Pedis isn't a full Redis clone but has implemented a large number of key, string, list, hash, set, sorted set and geo commands. Why is it on the radar this week? A licence change just happened as the project has gone from Apache License 2.0 to AGPL 3. The reason? It appears the project is adopting the Log-Structured memory allocator from Scylla.
Elastic are getting pretty regular with their updates to the Elastic stack. The latest update sees Elasticsearch gain the ability to run a search over multiple clusters, group and collapse fields and unifies the highlighters. It's all part of a quite long set of release notes.
PostgreSQL and JSON
PGConf US 2017 is wrapping up as we write this NewsBits, but one interesting presentation already on our radar is JSON in Postgres - The present and Future (pdf). The presenter, Oleg Bartunov, is one of the authors of JsQuery, a Postgres extension to simplify JSON queries, so he knows his way around this subject. The slides cover JSON in SQL-2016, and how it has been standardized, the state of implementing it in PostgreSQL (spoiler: it's missed making it for Postgres 10), and a look at jsonb compression and benchmarking.
Also, if PostgreSQL isn't your job, check out Christopher Pettus's slides from PostgreSQL when it's not your job (pdf) for a splendid quick starter on everything you probably need to know about PostgreSQL.
Tooling for GraphQL applications is steadily emerging and with Apollo Client 1.0 supporting React, Angular, Swift, and Java, it may well have taken a big step forward. Apollo Client is a library for handling all the data fetching and management involved in performing GraphQL queries. It has support for the new GraphQL subscriptions spec which originated with Apollo and brings real-time streaming of results and changes to the GraphQL world.
The Kubernetes team have released version 1.6 of the container orchestration platform. The new version supports 5000 nodes, backed up by the latest etcdv3, a beta authorization scheme, enhanced scheduling, and dynamic storage provisioning. This is the first Kubernetes release not managed by a Google employee, marking a big step for the project as, at least, a de facto standard.
rkt and containerd at the CNCF
Both rkt and containerd are now incubating projects at the Cloud Native Computing Foundation. They were proposed a few weeks ago to the foundation. Rkt is used to run container images and containerd is used to manage the images for containers. As such they should plug into the infrastructure tools, like Kubernetes, Prometheus and gRPC, which are already full projects at CNCF.
Swift is Apple's language and they are iterating on it. With the release of Swift 3.1 there are a few minor language tweaks. IBM and other community members have been enhancing the Linux implementation of Swift for 3.1, implementing and filling out APIs for NSDecimal, Progress, NSArray and URLSession. There's also a neat feature in the Swift package manager which lets a developer safely edit a downloaded package dependency and make changes to it
Unfortunately, there's no detail to the current security problem for LastPass, apart from some tweets from Tavis Ormandy of Google's Project Zero. That's because Project Zero run a 90-day non-disclosure policy but LastPass have acknowledged the problem and advised users use LastPass Vault as a launch pad for sites, two-factor authentication where available and vigilance to phishing attacks.
Neural nets vs Linux
Back in 2015, Andrej Karpathy wrote on The Unreasonable Effectiveness of Recurrent Neural Networks. In one part, the Linux source is taken and fed into an RNN. The RNN then produces something that looks spookily like it is Linux source. Until you read it and realize it's nonsense. A technique ideal for any television company who wants to fake code on the screen and drive any programmer up the wall.
If you have any feedback about this or any other Compose article, drop the Compose Articles team a line at firstname.lastname@example.org. We're happy to hear from you.