Cloud Native News - CNN24
CNCF Technology Radar, Open Source community support the Black Lives Matters Movement, Linkerd 2.8 muli-cluster service mesh, Consul 1.8 new gateway implementation and the story behind the discovery of CVE-2020-8555
CNCF & Community
- Open Source Community support on the Black Lives Matters Movement
"In my view, open source often reflects what is best in our society. It brings together people from across the world, working on problems relevant to anyone touched by technology, for the better of our collective human race." - Priyanka Sharma, MD CNCF - CNCF Introducing the Technology Radar
Like the famous ThoughtWorks Technology Radar, the CNCF Tech Radar will place solutions into one of four rings: Adopt, Trial, Assess and Hold. However, the radar, which will be published quarterly, focus per release on one specific topic like Continous Delivery.
Processes / Guides / Articles
- Get Kubernetes Auditing Right
An audit trail would be a sufficient input to help debug issues, fine-tune permissions and understand the way the system is being used. Therefore it is essential to understand and utilize the K8s audit logs. - The Story Behind K8s CVE-2020-8555
Brice Augras and Christophe Hauquiert about their journey to discover the latest K8s CVE and that they initially were looking for something else. - Lessons Learned From Two Years Of Kubernetes
Kubernetes is not the turnkey solution many pitches it to be, but with some careful engineering and a unique community ecosystem, it can be a platform second to none. - Configuring MySQL SSL/TLS authentication with cert-manager
In this post, JetStack will show you how to secure the connection between a Java Spring Boot application and MySQL in a Kubernetes environment with cert-manager. - How to Contribute to Open Source: The Ultimate Guide
Builtin talked to open-source experts at the Cloud Native Computing Foundation (CNCF), the Drupal Association, Red Hat, Superhuman and Capital One and collected their tips on how to start contributing and build your presence in open-source communities. - Misconfigured Kubeflow workloads are a security risk
During April, Azure Security Center observed deployments of a suspect image from a public repository on many different clusters. By inspecting the image’s layers, ASC identified a XMRIG miner. The attacker used an exposed dashboard (Kubeflow dashboard in this case) to gain initial access to the cluster. - Kubernetes Resources Management – QoS, Quota, and LimitRangeb
In Kubernetes, pods/containers can run on any machine, which requires sharing resources with others. That is where the QoS (Quality of Service Classes) and Resource Quota comes in, and where you have to actively manage your resources.
Tools
- Linkerd 2.8 simple, secure multi-cluster Kubernetes
Linkerd can now connect Kubernetes services across cluster boundaries in a way that's safe, fully transparent to the application, and independent of network topology. - Announcing the Terraform Visual Studio Code Extension v2.0.0
After taking over this popular Visual Studio Code Extension from the Community, HashiCorps first release supports the usage of the HashiCorp Terraform Language Server and Terraform 0.12 syntax highlighting. - Containerize Your Go Developer Environment
This is the first of a series of blog posts that will show you how to use Docker for Go development. It will cover building, testing, CI, and optimization to make your builds quicker. - New in Prometheus v2.19.0
The just-released Prometheus v2.19.0 introduces the new feature of memory-mapping full chunks of the head (in-memory) block from disk, which reduces memory usage and also makes restarts faster. - Kube2Hadoop: Secure access to HDFS from Kubernetes
To allow for Kubernetes workloads to securely access HDFS, LinkedIn AI built Kube2Hadoop, a scalable and secure integration with HDFS Kerberos. - HashiCopr Consul 1.8
The latest version of Consul comes with new features as Ingress Gateway, Termination Gateway and WAN Federation over Mesh Gateway.
Books
This time we want to highlight not a book but more a report on why adopting cloud native technologies is no longer optional for enterprises that want to remain competitive. Claudio Caldato shows you how to adopt cloud native services incrementally, using the CNCF Trail Map. Learn how a cloud native approach can help increase productivity and portability of your services or applications across different cloud providers and considerably reduce time to market.
Photo by Clay Banks on Unsplash