Hacker News new | past | comments | ask | show | jobs | submit login

I know the Kubernetes Assessment was the one to make all the news, but the teams actually audited a bunch of CNCF projects. Here is the one for the Vitess project

https://vitess.io/blog/2019-03-12-vitess-security-audit/




Vitess is

> A database clustering system for horizontal scaling of MySQL

> Vitess combines many important MySQL features with the scalability of a NoSQL database. Its built-in sharding features let you grow your database without adding sharding logic to your application.

What a quirky project. Is this for folks who started out with MySQL then find themselves needing to scale out in "NoSQL" style?

> Vitess automatically rewrites queries that hurt database performance.

That sounds scary.


Vitess was created by Youtube.

But they're hardly the only places scaling out MySQL. Facebook and Slack are two other prominent examples.


Slack actually uses Vitess to scale out its databases.


Facebook has taken MySQL scaling to extremes well beyond what Vitess offers.

Not sure if that's a good thing.


And to understand scaling and extremes: FB basically uses RocksDB and/or MySQL as a low level storage layer for whatever thing they want to. (And on top they build the clustering stuff, with the particular CAP choices they think is best for that particular service/purpose.)


It's part of the CNCF graduation criteria now, that any project which is going to "graduated" status has to have a 3rd party security review, so you should be able to get one for any of the projects in that category.


Cure53 did the Vitess audit. I think they've done others for the CNCF, too. The Kubernetes audit was done by Trail of Bits. It was a different team that did the assessment.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: