Cloud Native News - CNN21/37
Crossplane is now a CNCF incubating project, Single Pod Access to PersistentVolumes is a thing now, custom hardware can be used in Kubernetes, and read Envoys 5-year journey as an OpenSource project.
Community
- Crossplane is now a CNCF Incubating project
A little more than a year ago, Upbound donated the Crossplane project to the CNCF as it was accepted into the CNCF Sandbox. Now the project has been approved to move to the next phase as a CNCF incubating project!
Tutorials
- Introducing Single Pod Access Mode for PersistentVolumes
Last month's release of Kubernetes v1.22 introduced a new ReadWriteOncePod access mode for PersistentVolumes and PersistentVolumeClaims. With this alpha feature, Kubernetes allows you to restrict volume access to a single pod in the cluster. - How-to build your own Kubernetes cluster with a Rasberry Pi 4.
A currently 15 parts long step by step guide to set up your RasPi4 Kubernetes cluster and play around with some useful tools like Nextcloud. - Using custom hardware in Kubernetes
This short blog post teaches you how to use Node Feature Discovery (NFD) for your custom hardware within your home lab. The NFD helm chart lets you define hardware by creating some filters for it. - Docker ARG, ENV and .env - a Complete Guide
"Stop struggling to build Docker images and configuring your dockerized apps. This is the complete guide to build-time arguments, environment variables and docker-compose templating." - IAM roles for Kubernetes service accounts - deep dive
Working with AWS IAM is crucial once you need to connect your cluster workloads to AWS services. A great deep dive!
Editorial
- See CNCF Live Webinar: Kata and Arm, a secure alternative in the 5G space at CNCF CNCF Online Programs
In this talk, Kiel will demonstrate the 5G O-RAN component on Arm infrastructure and its importance within the 5G space, as well as discuss the potential effects of using an opensource component and its reduction in costs and increased customizability. - Isovalent Harnesses eBPF for Cloud-Native Security, Visibility
“What really makes us stand apart is our use of eBPF as just a fundamentally game-changing technology that lets us provide deeper security, deeper visibility, better scalability. Instead of trying to take the old technologies and kind of bolt-on Kubernetes awareness to them, were able to kind of natively implement that inside the Linux kernel,” - 5 years of Envoy OSS
"I think that if one has a goal to create an extremely successful OSS project they need to think of it like starting a business." - Valuable insights and "behind the scenes" of the genesis of the Envoy proxy and becoming a CNCF project.
Tools
- Simplify Kubernetes Cluster Management with Kyverno
Kyverno is designed to use Kubernetes-style definition and leverage the Kubernetes API to apply, validate, mutate and even generate policies. This is used to control resource creation and activities at a Kubernetes cluster to set boundaries and apply a stronger control. - Small Kubernetes for your local experiments: k0s, MicroK8s, kind, k3s, and Minikube
A side-by-side comparison of current micro/local Kubernetes installations. What is your favorite one? - Trendyol/kink
kink is a CLI application that facilitates running KinD cluster in Kubernetes Pod and also manages the whole lifecycle of these clusters such as by listing them, deleting them, etc. - juanfont/headscale
An open-source, self-hosted implementation of the Tailscale coordination server.
How to grasp Containers and Docker (Mega Thread)
— Ivan Velichko (@iximiuz) August 7, 2021
When I started using containers back in 2015, I thought they were tiny virtual machines with a subsecond startup time.
It was easy to follow tutorials from the Internet on how to put your Python or Node.js app into a container...
Photo by Claudio Testa on Unsplash