Cloud Native News - CNN21/29
3 min read

Cloud Native News - CNN21/29

About Aqua Security on container isolation techniques, Changing Kubernetes release cadence, automatic node remediation via Sciuro, and the everlasting question: is Kubernetes too complex to be productive?
Cloud Native News - CNN21/29

CNCF Community & Industry

  • Kubernetes Release Cadence Change: Here’s What You Need To Know
    The Kubernetes release cycle changes from four releases a year to three releases a year. This blog post provides a high-level overview of what this means for the Kubernetes community's contributors and maintainers. What's changing and starting with the Kubernetes 1.22 release, a lightweight policy will drive the creation of each release schedule.
  • Krustlet Brings WebAssembly to Kubernetes with a Rust-Based Kubelet
    WebAssembly is going to be a big thing not only in the frontend but also in the backend. I bet in the future, we will see it adopted in many use cases where containers are used today. This article gives a little more context about the relevance of WebAssembly and "Krustlet", a kubelet pendant to operate WebAssembly workloads.
  • Kubernetes is our generation's Multics
    Is Kubernetes unproductive and too complex to operate securely? Will it eventually be replaced by something simpler? If you are eager to discuss, an interesting HN Discussion is going on.

Containers & Orchestration

Security

  • Container Isolation Techniques Part One & Two
    Setting up containers as security boundary is a nontrivial task. Aqua Security describes the challenges in part one and possible solutions in part two of their series about container isolation.
  • Enforcing Image Trust on Docker Containers using Notary
    This blog post discusses implementing container image trust in Docker using Notary. It furthermore explains what options you have to achieve something similar in Kubernetes.
  • Upgrade Helm if You Don’t Want to Share Your Username and Password
    There is a Helm CVE-2021-32690 which describes a situation where username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. This is fixed in v3.6.1 - better do the update to be on the secure side!

Networking

Development

Other

  • Talos OS v0.11 Updates! - Talos Systems
    My new favorite project just got an update!
  • DevOps and Cloud InfoQ Trends Report - July 2021
    "This article summarizes how we [InfoQ] see the "cloud computing and DevOps" space in 2021, which focuses on fundamental infrastructure and operational patterns, the realization of patterns in technology frameworks, and the design processes and skills that a software architect or engineer must cultivate."
  • Podcast: Committing to Cloud Native
    A Cloud-Native Podcast that explores the confluence of open source and cloud-native. The guests include members of CNCF projects, maintainers working on projects at scale at places like Google, Amazon, and NASA, and community members contributing back to awesome projects in the cloud-native ecosystem.

Photo by Mihai Moisa on Unsplash