Cloud Native News - CNN21/10

CNCF & Community

  • A look inside the KubeCon + CloudNativeCon schedule selection process
    After the announcement of the KubeCon + CloudNativeCon schedule, multiple voices raised that their talks were not included. This article describes the decision process and its criteria. Myself (Max) was part of the process and reviewed around 70 talks. I would have loved to see so many proposals live on stage, but there are simply not enough slots. It is hard to decide by a simple proposal which might be a good talk and which not. Consequently, it is often a question of how well the proposal is structured: does it describe clearly what the community will learn? Which further information is given? Does it contain relevant links to the projects, blog posts, or other sources?
  • Flux growth and is now a CNCF Incubation project
    40k+ contributors, 16k+ commit, and over 12k+ stars on GitHub - flux strongly moves on in the community and towards its process to GA.

Security

Containers & Orchestration

Development

  • Rust vs. Go: Why They're Better Together
    Rust and Go are often seen as competitors, while their community actually sees them as a perfect love story; how they motivate and complement each other will be found in this article.

Storage

Other

  • jetstack/preflight
    Automatically perform Kubernetes cluster configuration checks using Open Policy Agent (OPA).
  • Linting Rego with... Rego!
    This post explores how linters could be useful for Rego, Open Policy Agent's policy language, and how to build a policy linter.
  • Toward Confidential Cloud Computing - ACM Queue
    "Cloud providers systematically encrypt data in transit (on the network) and at rest (on disks and backups) using keys associated with tenants: even if attackers gain access to a data center, they cannot see the plaintext of tenant data unless they also manage to compromise their managed keys. This trend of increasing security in the cloud will continue; the next step is confidential computing, extending hardware-enforced cryptographic protection to data while in use (i.e., during computation)."

Photo by NASA on Unsplash