Cloud Native News - CNN18
Helm graduated, KubeCon/CloudNativeCon will be virtual, why testing is no longer sufficient for cloud-native pipelines and borg the next generation.
CNCF & Community
- Helm reaches the final letter of the CNCF projects and graduated. The package manager for Kubernetes deployments is used by over 70% of all projects and gained additional adoption with its Helm 3 release.
- KubeCon + CloudNativeCon will be a virtual event
One of CNCFs main events this year will take place virtually from August 17-20, 2020. We are happy, that it won't be canceled in spite of the adverse situation and are excited for the new virtual experience!
Processes / Guides / Articles
- Infrastructure monitoring with Prometheus at Zerodha
Zerodha explains their monitoring stack for a hybrid on-prem / AWS infrastructure. They set up a HA Prometheus cluster across the bare metal and Kubernetes clusters. They chose Victoria Metrics for long-term storage of metric data and developed quite a few metric exporters to collect all sorts of systems information. - Tagging Docker Images for Fun and Profit
Major.Minor.Patch is not always sufficient for tagging Containers. Most often we see using the PATCH version as some kind of “build number”, even if a breaking change is introduced. I like to see, that others also like to incorporate the Git hash to the tag, as this gives a direct relation to the actual code that is running. I’m doing this for my private stuff for a couple of years. - Packaging LXD for Arch Linux
Morten Linderud explored what it takes to bring Canonicals Container Manager LXD to Arch Linux (and potentially other Distros). Interesting read! - How does a TCP Reset Attack work?
"A TCP reset attack is executed using a single packet of data, no more than a few bytes in size. A spoofed TCP segment, crafted and sent by an attacker, tricks two victims into abandoning a TCP connection, interrupting possibly vital communications between them." - Simulating Clock Skew in K8s Without Affecting Other Containers on the Node
Clock skew refers to the time difference between clocks on nodes within a network. Containers usually inherit the time of their Host, so how to simulate clock skew between containers on the same host? - Paxos vs Raft: Have we reached consensus on distributed consensus?
Wouldn't we need a third consensus algorithm to reach consensus? 🤪 - WireGuard on K8s (road-warrior-style VPN server)
Having Wireguard in the Linux Kernel offers new possibilities! Stephen Levine shows us how easy it is, to have a WireGuard server within Kubernetes without adjusting the node. All we need is `NET_ADMIN` security capability. - Why Testing is No Longer Sufficient for Cloud-Native Pipelines by Alex Zhitnitsky about why the move of innovating at speed and scale is stressing software quality and exposing the limitations of testing.
- Kubernetes state management with Pulumi and Python
Pulumi recently gets quite some traction. It seems to solve some issues people see in Terraform. Since the latest major release, Pulumi even supports Go. I'm intrigued will give it a try in the upcoming days. - Encrypting and storing Kubernetes secrets in Git
This is a walkthrough of how you can store secret information encrypted in Git and use Kubeseal for decrypting it within Kubernetes. - Why strace doesn't work in Docker
Spoiler: strace does work in newer versions of Docker. However, it is still interesting why it doesn't in versions before Docker 19.03.
Tools
- clientgofix
A tool for adjustingk8s.io/client-go
invocations fork8s.io/client-go
v0.18.0+ versions. It can be run on a codebase before or after updating thek8s.io/client-go
dependency. - Vitess 6 released
Improving SQL support, utilizing the Kubernetes topology manager reducing etcd dependencies and finally moving VReplication Workflow to GA. - Announcing Flatcar Linux Support on vSphere
"With VMware and Kinvolk’s collaboration to bring Flatcar Container Linux to vSphere, Flatcar is a supported path forward for CoreOS users."
Videos, Audios and Specials
- Borg: The next Generation
Here you can find slides as well as the paper.
Read of the Week
In the past few years, going cloud native has been a big advantage and adventure for many companies. But there are complex technologies to get right, especially for enterprises with critical legacy systems. This practical hands-on guide examines effective architecture, design, and cultural patterns to help you transform your organization into a cloud native enterprise—whether you’re moving from older architectures or creating new systems from scratch.
Photo by Honey Yanibel Minaya Cruz on Unsplash