Cloud Native News - CNN21/40



  • A Closer Look at NSA/CISA Kubernetes Hardening Guidance
    The USA's National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released "Kubernetes Hardening Guidance" on August 3rd, 2021. The guidance details threats to Kubernetes environments and provides secure configuration guidance to minimize risk. This blog correlates to the NSA/CISA guidance sections and takes a deeper look into the recommendations.
  • Global Load Balancer Approaches
    When working with Kubernetes or OpenShift in a multicluster (possibly hybrid cloud) deployment, one of the considerations is how to direct traffic to the applications deployed across these clusters. To solve this problem, we need a global load balancer.


  • Tools to explore BGP
    This Newsletter wouldn't be complete without mentioning Facebook's outage this week, which kept the Internet busy for a couple of hours. There was a detailed explanation by the folks of Cloudflare on how a BGP configuration was the reason for the disappearance of Facebook's services. But how does one even work with BGP? A little more hands-on description by Julia Evans.
  • PostgreSQL 14 on Kubernetes (with examples!)
    Who says running stateful on K8s isn't a good idea? This tutorial will run the freshly released PostgreSQL 14 on Kubernetes.
  • Simplify Troubleshooting your Kubernetes cluster with Komodor
    "Troubleshooting your Kubernetes Cluster and the resources within has never been this easy. This blog post provides an overview of Komodor; a new kind of platform."
  • Pod Auto Scaling and the curse of Sticky Sessions
    "Autoscaling and load balancing are two completely different aspects. However, the coordination is crucial in forming efficient scalable sub systems. This is the story of sticky sessions and how they ruthlessly affect the relationship between load balancing and scaling."


  • Kubernetes Cluster API reaches production readiness with version 1.0
    Cluster API is a Kubernetes project that enables declarative management for Kubernetes, using APIs to create, configure, and update clusters easily. This week the community announced Cluster API v1.0 is production-ready and officially moving to v1beta1 APIs.
  • Introducing VMware Tanzu Community Edition
    The Tanzu team at VMware released a VMware Tanzu Community Edition, a freely available, community-supported, open-source distribution of VMware Tanzu that you can install and configure in minutes on your local workstation or your favorite cloud.
  • Announcing Cartographer
    Cartographer is a Kubernetes native Choreographer. It allows users to configure K8s resources into re-usable Supply Chains that can define all of the stages that an Application Workload must go through to get to an environment.
  • Getting started with Otomi
    Otomi is an open-source, cloud-agnostic, and Kubernetes-based platform to securely deploy, run and manage applications with a desktop-like user interface.
  • A New YAML Specification
    Not much changes for YAML since its last revision 12 years ago. Most of the changes in v1.2.2 are about the readability and clarity of its spec, which is now hosted publicly on GitHub.

Photo by Tom Morbey on Unsplash