Cloud Native News - CNN21/06
About Ciliums new Network Policy Editor, Container Security and the upcoming KubeCon and #Cloud-NativeCon
CNCF Community & Industry
- KubeCon Early Bird Tickets!
Kind reminder: today is the last day for early birds to purchase the ticket for 10$. That's double value: buying a ticket, you'll get a 50% discount on the next Kubernetes exam.
Containers & Orchestration
- KiND - How I Wasted a Day Loading Local Docker Images
TIL: KIND uses containerd under the hood; consequently, there is crictl which you can use in KINDs node-containers to access pods. - Buildpacks vs Dockerfiles
Doximity decided to build container images via a buildpack-based image building workflow over a Dockerfile one. Read this post to understand why and some considerations that they made!
Security
- Getting started with Kubernetes audit logs and Falco
"In this article, you will learn what the Kubernetes audit logs are, what information they provide, and how to integrate them with Falco (open-source runtime security tool) to detect suspicious activity in your cluster." - Threat Actors Now Target Docker via Container Escape Features
Trend Micro provides a technical analysis of a container abuse attack that features a payload that's specifically crafted to escape privileged Docker containers. Click here to read the HackerNews discussion. - The State of Cloud-Native Application Security survey
"As part of our research we turn to the community to share their perspectives through our State of Cloud Native Application Security survey. We've recently launched the 2021 survey and we want to hear from you! Coupled with data we gather and analyze from our platforms and those of our partners, we will once again release this free report to the community so we call all benefit from the learnings that we find in the data." - Take the survey until 5th of March 2021!
Observability
- Getting Started with Monitoring Mixins
If you are new to jsonnet to package, generate, and template Grafana Dashboards, this article by Povilas Versockas might be a nice intro!
Networking
- NetworkPolicy Editor: Create, Visualize, and Share Kubernetes NetworkPolicies
Cilium published a Network Policy Editor which helps you build, visualize, and understand Kubernetes network policies. A handsome tool to craft and understand NWPs!
Photo by Samuel PASTEUR-FOSSE on Unsplash