Cloud Native News - CNN21/50
About the Kubernetes Release Team Shadow Application, detecting & blocking log4shell with Cilium, secure K8s deployments with eBPF, and why Kubernetes is not only about containers...
Community
- Kubernetes Release Team is looking for you!
The shadow application for the Kubernetes 1.24 Release Team is now open! To be considered as a shadow on the team, please fill out the application: https://bit.ly/3ywyTlT
The application will remain open until Thursday, December 30, 2021, 18:00 pm PST. We will notify all applicants of their status no later than January 6th, 2022.
While the release calendar has not been finalized, the release is planned to start on Monday, January 10th, 2022. The tentative release date for Kubernetes 1.24 is Tuesday, April 19th, 2022. Please keep these dates in mind when you consider your availability and the time commitments. Please refer to the following links for information on the Release Team and selection process:
- Homepage: https://git.k8s.io/sig-release/release-team/README.md
- Shadows: https://git.k8s.io/sig-release/release-team/shadows.md
- Selection: https://git.k8s.io/sig-release/release-team/release-team-selection.md
- Further details on the 1.24 release team can be found in the following issue: https://github.com/kubernetes/sig-release/issues/1768
Please reach out via the #sig-release channel on Kubernetes Slack should you have any further questions.
Tutorials
- Detecting and Blocking log4shell with Isovalent Cilium Enterprise
How to use Isovalent Cilium Enterprise observability to protect against the log4shell vulnerability - powered by eBPF - How To Create A Management Kubernetes Cluster For Crossplane
Watch Viktor how to build a management cluster for Crossplane - Secure your Kubernetes deployments with eBPF
The Security Profiles Operator in Kubernetes offers several ways to record seccomp profiles by running a test suite against the application. This article shows how to use the Operator to secure your applications and how the recorder that uses extended Berkeley Packet, eBPF (or just BPF) does the job.
Editorial
- eBPF and WebAssembly: whose VM reigns supreme?
The two hottest lightweight code execution sandboxes / VMs in the cloud-native world today are eBPF and WebAssembly. They both run high-performance bytecode programs compiled from C, C++, and Rust. - Kubernetes isn't about containers
"Rather, the attribute of Kubernetes that’s made it so successful and valuable is that it provides a set of standard programming interfaces for writing and using software-defined infrastructure services."
Other
- Containers 101: attach vs. exec - what's the difference?
Understanding the difference between attach, logs, run, and exec commands through learning the container management internals.