Cloud Native News

Docker Donates the cnab-to-oci Library to cnab.io
CNAB to OCI is a reference implementation for sharing a CNAB using a Cloud Native Application Bundle using an OCI. Docker helped with the development of the CNAB specification and this reference implementation.
Linux Foundation study throws the open source sustainability debate into question
“Census II identifies the most commonly used free and open source software (FOSS) components in production applications and begins to examine them for potential vulnerabilities, which can inform actions to sustain the long-term security and health of FOSS.” - Direct Link to this report
Why I Contribute to the Open Source Community—and You Should Too
Marky Jackson from Sysdig on how he is contributing back to the OSS community.

Securely Access AWS Services from Google Kubernetes Engine (GKE)
How-to Guide: Debugging a Kubernetes Application
CPU limits and aggressive throttling in Kubernetes
"TL;DR: We would highly recommend removing CPU Limits in Kubernetes (or Disable CFS quota in Kublet) if you are using a kernel version with CFS quota bug unpatched. There is a serious, known CFS bug in the kernel that causes un-necessary throttling and stalls."
First look at the internals of containerd and runc
A great write up and hands-on guide on runc. I learned a lot!
Introduction to SPIFFE and SPIRE Projects (Lightboard)
In this lightboard video Evan Gilman, an engineer at Scytale, provides an overview of CNCF’s SPIFFE and SPIRE Projects.
Getting Started with Istio Using Docker Desktop
Looking for a straight-forward guide to jum start with Istio? Well, then this is for you!

How 1500 bytes became the MTU of the internet
Almost every ethernet link has one number in common, the MTU: ever wondered why?
Security concerns hampering adoption of containers and Kubernetes
"Of the 94% of respondents that acknowledged having security incidents, 69% said they experienced a misconfiguration incident and another 27% said they had a security incident during runtime. Nearly 25% reported having had a major vulnerability to remediate." - this are alarming numbers!
Cluster API is a Big Deal
Joe Beda & Craig McLuckie Tell You Why.
Architecting for Multicluster Kubernetes
LinkerD's take on enabling zero-config automatic mTLS or traffic shaping across multiple Kubernetes Clusters. Best cite this week: "Kubernetes clusters are like Pringles - you can't just have one!"
Why Kubernetes on Virtual Machines?
Chip Zoller (Dell Technologies) compiled a list of the most compelling reasons to argue for Kubernetes on virtual machines.

Cilium 1.7 release
Among others, the new Cilium release brings the much anticipated Cluster-wide Network policies and improvements to the Hubble UI.
kubenav
A mobile navigator for your Kubernetes Cluster - Android and iOS thanks to ionic.
kiosk 🏢 Multi-Tenancy Extension For Kubernetes
Secure Cluster Sharing & Self-Service Namespace Provisioning.
Find an optimal set of nodes for a Kubernetes cluster
Kubecost provides real-time visibility into cost and capacity management decisions on Kubernetes.