Cloud Native News - CNN18
3 min read

Cloud Native News - CNN18

Helm graduated, KubeCon/CloudNativeCon will be virtual, why testing is no longer sufficient for cloud-native pipelines and borg the next generation.
Cloud Native News - CNN18

CNCF & Community

Processes / Guides / Articles

  • Infrastructure monitoring with Prometheus at Zerodha
    Zerodha explains their monitoring stack for a hybrid on-prem / AWS infrastructure. They set up a HA Prometheus cluster across the bare metal and Kubernetes clusters. They chose Victoria Metrics for long-term storage of metric data and developed quite a few metric exporters to collect all sorts of systems information.
  • Tagging Docker Images for Fun and Profit
    Major.Minor.Patch is not always sufficient for tagging Containers. Most often we see using the PATCH version as some kind of “build number”, even if a breaking change is introduced. I like to see, that others also like to incorporate the Git hash to the tag, as this gives a direct relation to the actual code that is running. I’m doing this for my private stuff for a couple of years.
  • Packaging LXD for Arch Linux
    Morten Linderud explored what it takes to bring Canonicals Container Manager LXD to Arch Linux (and potentially other Distros). Interesting read!
  • How does a TCP Reset Attack work?
    "A TCP reset attack is executed using a single packet of data, no more than a few bytes in size. A spoofed TCP segment, crafted and sent by an attacker, tricks two victims into abandoning a TCP connection, interrupting possibly vital communications between them."
  • Simulating Clock Skew in K8s Without Affecting Other Containers on the Node
    Clock skew refers to the time difference between clocks on nodes within a network. Containers usually inherit the time of their Host, so how to simulate clock skew between containers on the same host?
  • Paxos vs Raft: Have we reached consensus on distributed consensus?
    Wouldn't we need a third consensus algorithm to reach consensus? 🤪
  • WireGuard on K8s (road-warrior-style VPN server)
    Having Wireguard in the Linux Kernel offers new possibilities! Stephen Levine shows us how easy it is, to have a WireGuard server within Kubernetes without adjusting the node. All we need is `NET_ADMIN` security capability.
  • Why Testing is No Longer Sufficient for Cloud-Native Pipelines by Alex Zhitnitsky about why the move of innovating at speed and scale is stressing software quality and exposing the limitations of testing.
  • Kubernetes state management with Pulumi and Python
    Pulumi recently gets quite some traction. It seems to solve some issues people see in Terraform. Since the latest major release, Pulumi even supports Go. I'm intrigued will give it a try in the upcoming days.
  • Encrypting and storing Kubernetes secrets in Git
    This is a walkthrough of how you can store secret information encrypted in Git and use Kubeseal for decrypting it within Kubernetes.
  • Why strace doesn't work in Docker
    Spoiler: strace does work in newer versions of Docker. However, it is still interesting why it doesn't in versions before Docker 19.03.


  • clientgofix
    A tool for adjusting invocations for v0.18.0+ versions. It can be run on a codebase before or after updating the dependency.
  • Vitess 6 released
    Improving SQL support, utilizing the Kubernetes topology manager reducing  etcd dependencies and finally moving VReplication Workflow to GA.
  • Announcing Flatcar Linux Support on vSphere
    "With VMware and Kinvolk’s collaboration to bring Flatcar Container Linux to vSphere, Flatcar is a supported path forward for CoreOS users."

Videos, Audios and Specials

Read of the Week

In the past few years, going cloud native has been a big advantage and adventure for many companies. But there are complex technologies to get right, especially for enterprises with critical legacy systems. This practical hands-on guide examines effective architecture, design, and cultural patterns to help you transform your organization into a cloud native enterprise—whether you’re moving from older architectures or creating new systems from scratch.

Cloud Native Transformation
In the past few years, going cloud native has been a big advantage for many companies. But it’s a tough technique to get right, especially for enterprises with critical legacy … - Selection from Cloud Native Transformation [Book]

Photo by Honey Yanibel Minaya Cruz on Unsplash