The ITAM Roundup: 9/22/24

roundup Sep 22, 2024

📰 News

IBM buys Kubernetes cost control startup Kubecost to expand its FinOps suite

IBM is expanding its cloud financial operations (FinOps) capabilities with the acquisition of Kubecost, a startup specializing in Kubernetes cost management. Kubecost, founded in 2019, offers tools to optimize Kubernetes clusters and reduce costs, aligning with IBM's strategy of improving cloud cost efficiency, following previous acquisitions like Apptio, Turbonomic, and Instana. The integration of Kubecost into IBM's FinOps suite will enhance its offerings, potentially integrating with IBM's OpenShift platform to provide comprehensive cost management solutions for cloud environments.

Microsoft Deal Would Reopen Three Mile Island Nuclear Plant To Power AI

Microsoft has struck a groundbreaking deal to restart Pennsylvania's dormant Three Mile Island nuclear plant, purchasing 100% of its power for 20 years to meet the growing energy demands of AI and data centers. The $1.6 billion restart plan, expected by 2028, would provide 835 megawatts of clean energy and marks the first time a decommissioned U.S. nuclear plant is being brought back online. This move is part of a broader push by tech companies to secure reliable, zero-emissions electricity, with nuclear power seeing a revival driven by federal tax incentives and AI's energy needs.

AWS sees customers repatriating workloads as cloud wars heat up

AWS informed U.K. regulators that some customers are repatriating workloads from the cloud to on-premises environments, citing financial priorities and a desire for more control over IT resources. In a hearing with the Competition and Markets Authority (CMA), AWS emphasized that on-prem IT still competes with cloud services, with a hybrid approach becoming common among enterprises. The CMA's ongoing investigation into AWS, Microsoft, and Google examines potential barriers to moving workloads between clouds, amid concerns over vendor lock-in and antitrust practices.

Majority of Redis users considering alternatives after less permissive licensing move

Around 70% of Redis users are considering alternatives following the company’s shift to more restrictive licenses, the Redis Source Available License (RSALv2) and Server Side Public License (SSPLv1). A survey by Percona found that the switch from a permissive BSD license has prompted interest in open-source alternatives like Valkey, a Redis fork supported by AWS, Google, and Oracle. While Redis remains the dominant key-value store, with 67% usage, the open-source community is exploring Valkey and other options to avoid vendor lock-in and maintain control over their database systems.

While HashiCorp plays license roulette, Virter rolls out to rescue FOSS VM testing

At the Open Source Summit Europe, Virter, a tool for creating and managing virtual machines (VMs) on Linux, was introduced as a simpler alternative to tools like Vagrant, which recently became source-available under the Business Source License (BSL). Virter uses standard Linux tools like QEMU and KVM, streamlining the process of VM creation and testing, while Vagrant’s shift to the BSL has led to its removal from many Linux distributions. Virter is already being used by LINBIT to automate thousands of daily tests and could become a viable alternative to Vagrant in open-source communities.

Citrix adds remote Mac support, but some customers are grumpy

Citrix has introduced remote macOS support for its desktop-as-a-service (DaaS) suite, allowing users to access Macs hosted by MacStadium and AWS, benefiting multimedia professionals and developers. However, many Citrix customers are unhappy with recent changes in licensing practices and product bundling, citing a lack of flexibility and empathy in contract negotiations, as reported by Gartner. Despite retaining its leadership position in Gartner's Magic Quadrant for DaaS, Citrix faces criticism for focusing primarily on large customers, which may make its offerings less attractive to mid-sized organizations.

Disney ditching Slack after massive July data breach

Disney is moving away from Slack after a massive data breach in July 2024 exposed over 1TB of confidential messages and files, including sensitive project and financial information, stolen by a hacker named 'NullBulge.' The company is migrating to new enterprise-wide collaboration tools, expected to complete by the end of the fiscal quarter. This decision follows other recent breaches, including one in June where Club Penguin and corporate data were leaked, highlighting the risks communication platforms pose to large organizations.

📖 Tips

The Verticalization of Everything

The trend of "verticalization" in SaaS is being driven by AI's ability to enhance customer experiences and unlock previously stagnant industries, allowing startups to outperform legacy systems. As horizontal SaaS companies become vulnerable to unbundling, new AI-powered vertical solutions can address specific industry needs with superior user experiences and efficiencies. This shift presents a significant market opportunity, as specialized platforms are likely to dominate by capturing unique vertical data and streamlining workflows, paving the way for a new wave of innovation in the SaaS landscape.

Oracle Database @ AWS – What it means for AWS customers

Oracle announced at their Cloud World conference that their Exadata and Autonomous Database services will now be available on AWS, providing new flexibility for AWS users who previously needed multi-cloud strategies to access Oracle databases. This move offers advantages in licensing, as Oracle's licensing rules allow more efficient use of vCPUs on Oracle Cloud Infrastructure (OCI) compared to other clouds, making it easier to flexibly scale database operations. The introduction of on-demand and Bring-Your-Own-License (BYOL) models in AWS enables organizations to clone production environments for testing and other agile operations without the usual licensing barriers.

Understanding Systems Integrator Behavior: Tier 1 vs Tier 2

When evaluating Tier 1 versus Tier 2 Systems Integrators (SI) for ERP transformation programs, cost is a key differentiator, with Tier 2 vendors typically offering a 30% discount on bids and 38% lower blended rates due to increased hours of effort and reliance on offshore resources. However, choosing an SI should not be based solely on cost, as factors like industry expertise, estimating accuracy, and resource allocation are also critical. A comprehensive evaluation, including questions about offshore resource comfort, expertise gaps, and protection against change orders, is essential to select the right SI for your organization's needs.

🐛Bugs & Exploits

Broadcom Fixes Critical RCE in VMware vCenter Server

Broadcom has released a critical update for VMware vCenter Server, addressing two vulnerabilities, including a heap-overflow issue (CVE-2024-38812) with a CVSS score of 9.8, which could allow remote code execution via a specially crafted network packet. Another vulnerability (CVE-2024-38813) involves privilege escalation with a CVSS score of 7.5. Users are advised to update affected versions of vCenter Server and VMware Cloud Foundation immediately, as no workarounds are available, and Lansweeper has created a report to help identify at-risk deployments.