Kubeletter #17

Kubeletter #17

Welcome to the 17th edition of the Kubeletter. It's been one year since we started publishing the Kubeletter. We hope you've been enjoying it so far. Yesterday, we also had the first-ever WeMakeDevs meetup in Delhi. We hope all the attendees enjoyed it and got a ton of value out of it.

Now let's get on with the newsletter. KubeCon EU 2023, just wrapped up last month and it was the largest KubeCon yet. We've included a lot of talks from KubeCon and it's co-located events. We've also included a number of articles, announcements, a ton of open CFPs, and a number of Kubernetes tools, some of which are quite new, but are gaining quite a bit of traction. Let's get right into it.

What's new with cloud-native

  • KubeCon EU 2023, received over 1,768 CFP submissions from 2,672 proposed speakers from all around the world. The other CNCF events also have had a huge growth in the number of active community members and contributors. As such, the CFP platform is being upgraded from SMapply to Sessionize so the community will have a more streamlined and efficient submission process.

  • Check out all the new features and announcements with Prometheus which were announced at Observability Days EU 2023.

  • During KubeCon Detroit 2022, the maintainers of LitmusChaos announced the start of 3.0 Beta, with several planned enhancements to make the chaos platform more robust, leaner, and developer-friendly. Take a look at some of the important features delivered as of 3.0 Beta5 & take a quick peek at those coming over the next few releases.

  • For the Spring 2023 term, there are 155 new Cloud Native Ambassadors. The new diverse group of Ambassadors represents 124 companies across 37 countries.

  • The Buildpacks Community organization is a vendor-neutral Github organization where the community provides trusted Cloud Native Buildpacks tooling, platforms, and integrations.

  • The 1.0 release of BotKube is here and it comes with a hosted control plane for multi-cluster management and monitoring of all of your Botkube instances. *

  • Check out what's new with the Open Telemetry project in this talk which was presented at Observability Days EU 2023.

  • The Java Operator SDK is officially joining the operators' framework as a subproject. JOSDK consists of a high-level framework for implementing operators in Java, similar to the controller-runtime library for Golang

  • The Gateway API subproject of Kubernetes SIG-Network is making great strides towards the goal of being the description language for inbound traffic that’s portable, extensible, expressive, and role-oriented. With nearly 20 implementations in progress, interest is high. Check out this talk from KubeCon EU 2023, to learn about the new changes and features with the Gateway API.

  • Keycloak has officially joined CNCF as an incubating project. Keycloak is an Identity and Access Management (IAM) solution providing centralized authentication and authorization to applications and APIs.

  • The CNCF Security Technical Advisory Group has announced the release of the audio version of their flagship whitepaper, Cloud Native Security Whitepaper v2.

  • Replit recently announced their latest complete code model replit-code-v1-3b will be completely open-sourced. *

Blogs

  • In the software industry, new technologies are being released faster than developers can keep up with. Internal developer portals (IDPs) aim to help solve this problem by providing a single access and interaction point for all these new tools and services. In this blog, let's take a look at the 7 core components of an IDP.

  • Ambient splits Istio’s functionality into two distinct layers, a secure overlay layer and a Layer 7 processing layer. The waypoint proxy is an optional component that is Envoy-based and handles L7 processing for workloads it manages. Since the initial ambient launch in 2022, it has had significant changes to simplify waypoint configuration, debuggability, and scalability. Let's look at the benefits of using Istio Ambient Waypoint.

  • Argo CD provides deployment flexibility, which enables operators to configure it to varying situations. The new report by ControlPlane provides a comprehensive threat modeling analysis of a typical production setup of Argo CD and accompanying security considerations

  • cdCon + GitOpsCon 2023 starts today. Here are the top 5 sessions you do not want to miss.

  • KubeVela is a tool that uses the Open Application model, which intends to give a theoretical model for what a cloud-native application should look like. Read about how KubeVela is creating the road to cloud-native application and platform engineering.

    Pic 1. OAM is proposed to bridge the gap between app developers and the use of underlying infrastructures

  • Kubernetes storage has always had a number of challenges with persisting data, but a lot of work has been done on this, and today, storage in Kubernetes is getting better. Read about some of the ways in which Kubernetes storage is becoming more reliable and stable.

  • Kubernetes compliance means ensuring that the platform and its components adhere to applicable regulations and standards. This can provide improved security for your applications. Check out this blog post by ArmoSec which highlights some of the challenges and solutions to achieving Kubernetes compliance. *

  • Building applications with modular components has become increasingly popular. This approach, known as composable web, allows developers to create web applications by assembling building blocks that can be easily combined to create complex functionalities. In this article, let's learn all about the composable web, and how you can use it with Drupal web hosting. *

    Composable web: Drupal web hosting and the future of web architectures

  • Swap memory, also known as virtual memory, is a space on a hard disk that is used to supplement the physical memory (RAM) of a computer. In this article, let's explore if swap memory should be used in production systems and cloud-provided VMs or not. *

  • PodSecurityStandards (PSSs) have replaced PodSecurityPolicies (PSPs) as Kubernetes' built-in security control, and the two are quite different from each other. In this article, let's look at the top 6 differences between PSSs and PSPs. *

  • Determining the right size of your Kubernetes cluster can be a challenge. Too low, and your pods die due to insufficient resources, too high, and you are paying a cloud provider more money than required. In this article, let's look at how you can provision the right-sized cluster for your requirements. *

  • Debugging is a means to tackle problems, but what if it is possible to solve debugging itself? In this blog post, let's take a look at the open-source community and how it inspired a new way to review and ultimately debug codebases. *

  • APIs have become the bridge connecting various systems and applications in terms of data and functionality and security has become ever more important. In this blog post, let's take a look at how you can use APISIX to protect your APIs using authorization policies. *

Videos

  • At Civo Navigate, Steve Wozniak had a fireside chat with the Civo team. Check out the entire conversation as Steve shares his experiences with technology and his time at Apple.

  • It is important to keep your infrastructure secure while working with any kind of cloud-based resources. In this video, let's look at how you can securely provision resources from the cloud using Kyverno and Crossplane.

  • If you operate Kubernetes, it's helpful to understand its internals such as what are the components of the control plane. What are their respective roles? How do they communicate? In this talk, let us take a deep dive into the Kubernetes internals.

  • One thing that you want to avoid in a production environment, is blowing up your Kubernetes cluster. The only way to avoid that is by knowing the possible ways to blow up a cluster.

  • In this episode of the Open Source Cafe, we explore the topic of internal developer platforms and their impact on developers. Our guest speaker, Guy from Komodor, will shed light on what internal developer platforms are, how they work, and most importantly, how they empower developers to work smarter and more efficiently.

  • Distributed tracing is an important aspect of monitoring cloud native systems. In this talk, let's learn about distributed tracing with Jaeger.

  • The Istio service mesh is a popular solution to solve the challenges of having multiple microservices in a Kubernetes cluster. In this talk from KubeCon EU, let's look at how a small team started using Istio in production.

  • Kubernetes policies are configuration objects that control other configuration and runtime behaviors and are an essential security measure. in this talk, let's learn about policies, and take a deep dive into it.

  • A UI is an almost unavoidable component in internal developer platforms (IDP). Check out this video as Viktor shares about the importance of having a good IDP, and how you can easily build one.

Events

CFPs open

Cloud-native tools highlight

  • flox is a command line tool that helps you manage your environments. It builds on top of the powerful ideas of Nix as well as making them accessible to everybody. *

  • K8sGPT is a tool for scanning your Kubernetes clusters and diagnosing and triaging issues in simple English. It has SRE experience codified into its analyzers and helps to pull out the most relevant information to enrich it with AI.

  • Kubeshark is an API Traffic Analyzer for Kubernetes providing real-time, protocol-level visibility into Kubernetes’ internal network, capturing and monitoring all traffic and payloads going in, out, and across containers, pods, nodes, and clusters.

  • Numaflow is a Kubernetes-native tool for running massively parallel stream processing. A Numaflow Pipeline is implemented as a Kubernetes custom resource and consists of one or more source, data processing, and sink vertices.

  • Keda is a Kubernetes-based Event Driven Autoscaler. With KEDA, you can drive the scaling of any container in Kubernetes based on the number of events needing to be processed.

  • ktunnel is a CLI tool that establishes a reverse tunnel between a Kubernetes cluster and your local machine. It lets you expose your machine as a service in the cluster or expose it to a specific deployment. You can also use the client and server without the orchestration part.

  • Helm Dashboard by Komodor is an open-source project which offers a UI-driven way to view the installed Helm charts, see their revision history and corresponding k8s resources, and also perform simple actions like roll back or upgrade to new versions. *

  • Kubetail is a bash script that enables you to aggregate (tail/follow) logs from multiple pods into one stream. This is the same as running "kubectl logs -f " but for multiple pods.

  • Kuberhaus is a Kubernetes resource dashboard with node/pod layout and resource requests.

Tweets of the week

That's all for this edition of the Kubeletter. We hope you enjoyed this one. There are a ton of open CFPs in this one. This is your chance to fill out multiple CFPs and speak at various conferences. If you attended the WeMakeDevs meetup yesterday, don't forget to share your pictures on Twitter and tag us.

'*' = Sponsored content

Did you find this article valuable?

Support WeMakeDevs by becoming a sponsor. Any amount is appreciated!