Cloud Native News - CW12

CNCF & Community

• Join SIG Scalability and Learn Kubernetes the Hard Way
  "Contributing to SIG Scalability is a great way to learn Kubernetes in  all its depth and breadth, and the team would love to have you join as a contributor."

Editorial

• Interoperability of open-source tools: the emergence of interfaces
  The emergence of shared standards and a set of best practices are probably the reason behind the current cloud-native movement. This article has a close look on a few of them.
• Managing Harbor at cloud scale : The story behind Harbor Kubernetes Operator
  This post explains why OVHcloud chose to base its "Private Managed Registry" on the Harbor project,  built a Kubernetes operator for it, and open sourced it under the CNCF  goharbor project.
• On the state of Envoy Proxy control planes
  The rapid growth since adoption of Envoy Proxy lead to a forrest of custom control planes by different vendors. Matt Klein gives the status quo as well as an outlook.

Processes / Guides / Articles

• How Container Networking Affects Database Performance‌‌Tyler Duzan and Vadim Tkachenko had a talk about this topic on KubeCon NA 2019. This blog post is based on the same efforts.
• Recommended Steps to Secure a DigitalOcean Kubernetes Cluster
  Using DigitalOceans Kubernetes offering? This is a guide of recommended steps to make it secure.
• Creating Workspaces with the HashiCorp Terraform Operator for Kubernetes
  The new Terraform Operator lets you define and create infrastructure as code natively in Kubernetes by utilizing Terraform Cloud.
• Your own Kubernetes controller - Laying out the work
  The first part of Nicolas Fränkels 3 part series about writing Kubernetes controllers in Java.
• 4 ways  to manage Kubernetes resources
  Plain yaml files vs. Kustomize vs. Helm Charts vs. Operators.
• Kong Ingress Controller and Service Mesh: Setting up Ingress to Istio on Kubernetes
  A full walktrhough of deploying Kong Ingress Controller including the Istio service mesh.
• How to create Kubernetes security policies
  A quick introduction to Pod Security Policies in Kubernetes.

Tools

• Migrating from Helm v2 to v3‌‌
  Helm v3, the major rewrite (without Tiller!) has been released in November 2019. This is a post about migrating your Helm Charts and Releases from V2 to V3.
• Directing Kubernetes traffic with Traefik‌‌
  A step-by-step walkthrough on ingressing traffic into a K3S-Raspberry Pi cluster.
• Introducing istiod: simplifying the control plane‌‌‌‌‌‌
  Istiod consolidates Istios components into one tool in order to simplify mesh operability.
• Calico 3.13 release with the tech preview of eBPF data plane‌‌
  In CNN#9 we already linked to "Introducing the Calico eBPF dataplane" which explains the concepts of Calicos newest feature.
• cruster-api‌‌
  Order Domino's 🍕 with Kubernetes 🚢

Videos, Audios and Specials

• Fixing the Kubernetes clusterfuck - Understanding security from the kernel up‌‌
  Awesome Kris Nova talks about auditing Kubernetes Security at runtime at FOSDEM'20.
• Nicole Hubbard - Securing Kubernetes Networking
  Nicole Hubbard shows how Consul Connect with Envoy can help to securely maintain data communication between different Kubernetes and microservices environments.
• Jeff Geerling - You can get my DevOps books free the rest of this month
  "I can't do much to help during this crises, but I figure that I can make my two books, Ansible for DevOps and Ansible for Kubernetes, free for anyone who wants to learn a new skillset as a buffer against possible coming layoffs." - Nice move, Jeff!

‌                                                                        

Source: NASA to launch 247 petabytes of data into AWS – but forgot about eye-watering cloudy egress costs before lift-off

Photo by Bank Phrom on Unsplash