Cloud Native News - CNN21/19
About CNI Benchmark and how to understand them correctly, finalizers to control deletions, best practices for supply chain security and ArgoCD ApplicationSets
CNCF & Community
- KubeCon+CloudNativeCon Europe Videos are Up on YouTube
Nothing else to add! 📺
Networking
- CNI Benchmark: Understanding Cilium Network Performance
This is a must-read to understand CNI networking performance, influence on the numbers and why there is never a 100% clear answer, but always an "it depends on" solution. tl;dr eBPF definitely will run the CNI in the future. - A guide to bring together Kubernetes Ingress, Traefik, CertManager, LetsEncrypt
This guide drives you through how to use Traefik only for load balancing, integrate Cert-Manger for Issuing certificates, take from LetsEncrypt the SSL certificate, use Ingress instead of IngressRoute and the Domain as WildCard domain.
Containers & Orchestration
- How to deploy a single Kubernetes cluster across multiple clouds using k3s and WireGuard
In this blog post, you will see how you can setup a distributed Kubernetes cluster working around the latency and security arguments for multi-cloud or hybrid cloud scenarios. - Using Finalizers to Control Deletions on Kubernetes
Deleting objects in Kubernetes can be challenging. You may think you’ve deleted something, only to find it still persists. While issuing a kubectl delete command and hoping for the best might work for day-to-day operations, understanding how Kubernetes delete commands operate will help you understand why some objects linger after deletion. - Kubernetes capacity planning: How to rightsize your cluster
A guide to bring your capacity planning for your clusters on point. A priceless hint is cAdvisor.
Security
- CNCF Paper Defines Best Practices for Supply Chain Security | Cloud Native Computing Foundation
New paper demonstrates an actionable approach to architecting a secure supply chain amidst an increase in cyber attacks.
Other
- predatorray/kubectl-tmux-exec
If you ever need to execute commands in multiple pods simultaneously in production it is likely you are doing something wrong. However, for the hopefully rare cases, this tool can come handy. A kubectl plugin to control multiple pods simultaneously using Tmux.
Development
- kcp-dev/kcp
kcp is a prototype of a Kubernetes API server that is not a Kubernetes cluster - a place to create, update and maintain Kube-like APIs with controllers above or without clusters. Watch the KubeCon Talk.
CI/CD
- Getting started with ApplicationSets in ArgoCD
"Argo CD ApplicationSets is an evolution of the “App of Apps” deployment pattern. It took the idea of “App of Apps” and expanded it to be more flexible and deal with a wide range of use cases."