Cloud Native News - CNN20
CNCF & Community
- K3s has been submitted for inclusion to CNCF Sandbox
Rancher proposed K3s for CNCF sandbox. While nothing is decided yet, this is an exciting discussion as K3s advertises itself as a "Kubernetes distribution". Are Kubernetes distributions valid CNCF projects? What does this mean for other distributions? Is K3s even a "distribution"? I have no answers, but following the discussion with interest. - Call to Participate: 1H 2020 CNCF Cloud Native Survey
"The goal of this survey is to capture the current state of Kubernetes, CNCF projects, and cloud-native technologies including service mesh, serverless, and storage." - we highly encourage everyone to participate! - Jetstack and Venafi join forces to bring Machine Identity Protection to the cloud-native stack
"Jetstack will continue to operate independently, backed by Venafi. We will now accelerate our plans and that means growing our field and product engineering teams and contributing more to the open-source community. More engineering and support to the cert-manager project itself, but also working with projects across the ecosystem on open source and open standards." - GrafanaCon 2020
Like so many conferences this year, GrafanaCon kicked off this week with a live streaming event. As a virtual conference, the next two weeks also offer quite a few interesting talks! - VMware to acquire Kubernetes security startup Octarine and fold it into Carbon Black
VMware announced today that it intends to buy early-stage Kubernetes security startup Octarine. Octarine was founded in 2017 and has raised $9 million - the price of the acquisition has not been revealed.
Processes / Guides / Articles
- Kubernetes 1.18 broke “kubectl run”, here’s what to do about it
kubectl run --generator=deployment/apps.v1 is DEPRECATED and will be removed in a future version. Use kubectl run --generator=run-pod/v1 or kubectl create instead. - sounds familiar to you? - Kubernetes: Deprecated APIs aka Introducing Kube-No-Trouble
Speaking of API deprecations... - Linux containers in a few lines of code
This post shows how containers work by running a busybox Docker image in an "own" custom container runner. - Examining Load Balancing Algorithms with Envoy
Tony Allen about a few of Envoys load balancing algorithms and their latency implications in different scenarios. Good read! - How io_uring and eBPF Will Revolutionize Programming in Linux
eBPF and io_uring are Linux interfaces that may look evolutionary, but are actually revolutionary "... in the sense that they will — we bet — completely change the way applications work with and think about the Linux Kernel." - Kubernetes - Pod Security Policies
"A fully fleshed out example with exception management. [...] This post is focused on how to do a full deployment of Pod Security Policies with everything locked down and how to grant exceptions." - FluxCD, ArgoCD or Jenkins X: Which Is the Right GitOps Tool for You?
If you want to adopt GitOps to deploy workloads to your clusters, you will inevitably stumble upon Flux, Argo and recent Jenkins developments. But how do they differ and which suites my needs? This article gives an excellent overview. - Mistakes made and lessons learned with Kubernetes and GitOps
GitOps is still a relatively novel way to operate workloads. It is a great sign of maturity to see more and more articles covering the pitfalls of adopting GitOps! - The journey to improving our logging pipeline
Hellofresh gives insights on their logging infrastructure. They are covering their legacy solution and its shortcomings and mitigations via a new solution. - An (only slightly technical) introduction to Loki, the Prometheus-inspired open source logging system
Looking for a C-level compatible explanation of what Grafana Loki is and where it shines? This article is a great starting point! - 10 most common mistakes using Kubernetes
Don't know what a pod disruption budget is? Control plane getting slower and slower? Still confuse liveness and readiness probes? This post compiles 10 common Kubernetes mistakes. Admittedly: I also went through a few of them.
Tools
- cdk8s
Define Kubernetes native apps and abstractions using familiar programming languages - Harbor 2.0 takes a giant leap in expanding supported artifacts with OCI support
Harbor hits 2.0! - "This release makes Harbor the first OCI-compliant open-source registry capable of storing a multitude of cloud-native artifacts like container images, Helm charts, OPAs, Singularity, and much more." - Cert-manager v0.15 and beyond
Cert-manager is an extremely popular and successful solution for automatic provisioning and management of TLS certificates. While it hits a significant release, Jetstack also gives an outline of the future development direction. - Introducing multi-architecture container images for Amazon ECR
Before today, container images had to be published and deployed to Amazon ECR using architecture-specific naming conventions, complicating some aspects of the image lifecycle. AWS is announced multi-architecture container images for Amazon ECR. This is a much-anticipated feature that makes it simpler to deploy container images for different architectures and operating systems from the same image repository. - VPC Studio
"Specify a CIDR range, express your desired design, sit back and enjoy a cup of ☕" - with outputs for Terraform and Pulumi! - Kubestack Framework
"This tutorial will help you set up a complete GitOps lab on your local machine. Including Kubernetes nodes running as Docker containers using Kubernetes in Docker (KinD) and optionally even a local pipeline triggered using Git hooks."
Photo by Antoine Petitteville on Unsplash