Cloud Native News - CNN32
Chaos Mesh® joins CNCF Sandbox, Kubermatic bring KubeCarrier, how Dropbox migrated from nginx to envoy, meet the Open Service Mesh, an alternative approach for Helm 3 umbrella charts
CNCF & Community
- Introducing KubeCarrier: Operating Services the Cloud Native Way
KubeCarrier is meant to be the operator of operators. It aims to centrally manage all services and applications across clusters, clouds and regions by utilizing a Kubernetes native API. It offers facilities to provide services to external users in a self service manner. - Chaos Mesh® Joins CNCF as a Sandbox Project
The Open Source Chaos Engineering Platform for Kubernetes now officially joins CNCF as a Sandbox project. - Serverless Workflow Specification
"Workflows have become key components of Serverless applications, yet implementations tend to describe workflows differently. Serverless Workflow is a specification for describing workflows in a common way. It provides a vendor-neutral and platform-independent markup for orchestrating services on multiple runtimes and cloud/container platforms." - 4 Tips for Maximizing Your Virtual KubeCon Experience
We are super excited for the first virtual KubeCon + CloudNativeCon. Already build your agenda?
Security
- Open Sourcing the etcd Security Audit
The etcd team successfully completed a 3rd party security audit for etcd v3.4.3. The audit has been performed by Trail of Bits and is now Open Source.
Networking
- How we migrated Dropbox from Nginx to Envoy
Dropbox changed migrated their traffic Infrastructure to Envoy. In this article they cover pain points of the legacy solution and compare Nginx to Envoy on different levels. - Deconstructing Kubernetes Networking
Emanuel Evans digs into Kubernetes Networking. A nice read if you want to understand the foundation of how Kubernetes Networking is setup. - Open Service Mesh
Open Service Mesh (OSM) is a lightweight, extensible, cloud native service mesh that allows users to uniformly manage, secure, and get out-of-the-box observability features for highly dynamic microservice environments. - Kong Mesh 1.0 Released
Kong Mesh is a enterprise service mesh built on top of Kuma and Envoy. With the service mesh Kong now provides an end to end network control.
Container Orchestration
- externalTrafficPolicy=local on Kubernetes
The Kubernetes service annotation externalTrafficPolicy can be used to propagate a clients IP address instead of the nodes IP address. Richard Li writes about how and why this might be necessary. - Helm 3 Umbrella Charts & Standalone Chart Image Tags — An Alternative Approach
Usage of Umbrella Helm Charts is a common pattern to encapsulate a collection of loosely coupled components. The article discusses this approach. - Nestybox (YC S20) – Containers beyond microservices
Sysbox has been Open Sourced! It is a new type of "runc" and sits below OCI-based container managers (e.g., Docker/containerd). You typically don't interact with Sysbox directly, but rather use Docker (or similar) to launch the containers. Sysbox is the foundation of Nestybox' service.
Observability
- Kubernetes: Challenges for Observability Platforms
This article by Thomas Schuetz discusses the different levels of monitoring Kubernetes and the services it operates. A must read if you just started thinking about your monitoring stack! - OpenTelemetry: Future-Proofing Your Instrumentation
Already heard of OpenTelemetry and want to get an overview on its concepts? Then this article is for you! - How to monitor etcd
etcd is the backbone of every Kubernetes cluster which is why you should monitor it very closely. But what to look for?
Photo by Ricardo Gomez Angel on Unsplash