Cloud Native News - CNN21/32

CNCF & Community

Committing to Cloud Native Episode 20: Taking Open Source Supply Chain Security Seriously with Dan Lorenc
The guest for this week is Dan Lorenc, Staff Software Engineer and the lead for Google’s Open Source Security Team. Also, he founded projects like Minikube, Skaffold, TektonCD, and Sigstore. Dan will take you back to how he got into open source, Google, Cloud, and how he ended up being a lead for Google’s Open Source Security Team.

Facebook, Google, Isovalent, Microsoft, and Netflix announce eBPF Foundation
The number of eBPF-based projects has exploded in recent years and many more have been announcing intent to start adopting the technology. eBPF is quickly becoming one of the most influential technologies in the infrastructure software world.

Other

Collie CLI
With Collie CLI you can easily find out what your cloud landscape across AWS, Azure or GCP. See your costs, IAM, tags, and more across all cloud accounts, using your existing cloud CLIs - and take control of your cloud landscape.

Networking

Automating & evaluating load testing with Locust and Keptn
Learn how to use Locust and Keptn to automate load testing and to evaluate the applications under test with SLOs!

Development

Trace-based testing with OpenTelemetry: Meet open source Malabi
Testing distributed applications based on their traces? That's hot!

Some of my views on using YAML for human-written configuration files
In 2021 YAML is still a commonly used tool for application configuration. While not everyone likes it, there is barely a way to avoid it. Here are some observations on the usage of YAML by Chris Siebenmann.

kubernetes-csi/csi-lib-utils
Common code for Kubernetes CSI sidecar containers (e.g. external-attacher, external-provisioner, etc.)

Observability

Avoiding Kubernetes cluster outages with synthetic monitoring
Synthetic monitoring consists of pre-defined checks to proactively monitor the critical elements in your infrastructure. These checks simulate the functionality of the elements. Continuous monitoring of these checks also helps to measure overall performance in terms of availability and response times.

Application consistency in Kubernetes
"Application Consistency is the practice of capturing the entire application’s state as a whole, coordinating backup across its constituents across virtual machines, containers and cloud services."

Security

A Kubernetes User's Guide to HashiCorp Nomad Secret Management
"Learn how secrets management in Kubernetes compares to HashiCorp Nomad, and see why HashiCorp Vault is a powerful solution for both."

vchinnipilli/kubestriker
"A Blazing fast Security Auditing tool for Kubernetes"

cyberark/kubesploit
"Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments."

Containers & Orchestration

Automatic Multi-cluster Deployments and Services in Kubernetes
"Learn how Multi-Cluster Kubernetes (mck8s) uses custom Controllers to vastly improve the multi-cluster experience and how you can deploy it. The benefits? Latency-aware scheduling, cross-cluster networking, and improved resilience – greatly simplifying app deployment across multiple clouds. More? It scales Pods and Clusters horizontally, using a custom Horizontal Pod Autoscaler and the Cluster API." - Make sure to also check out the paper about mck8s!

Kubernetes v1.22 Feature Blogs
With every new major release, the release team works together with the SIGs to publish some more detailed feature blog posts, worth to read!

Photo by Are R on Unsplash