Learn Kubernetes weekly — issue 13

We just published the report for the Kubernetes job market in 2022!

You can find it here if you want to know the average salary for a Kubernetes engineer, popular certifications, and more.

Now, let's get to this week's articles.

Articles

Auditing RBAC — redux
raesene.github.io
Auditing Kubernetes authorization can be a bit of a tricky task.
In this article, you will learn what techniques and tools you can use to identify, reassign and manage RBAC rules in your cluster.
Manage Redis on AWS from Kubernetes
itnext.io
In this blog post, you will learn how to use ACK with Amazon EKS for creating a Redis cluster on AWS (with Amazon MemoryDB).
Securing AKS in peered virtual networks using only network security groups
blog.coffeeapplied.com
When you use peering in AKS, with the "default" AKS deployment, your complete cluster, including all pods, is completely open and addressable from your complete peered network.
Learn how to fix in this article.
Kubernetes workflow management for software developers using Argo workflows
medium.com
In this case study, you will learn how the team at Riskified used Argo Workflows to backfill billions of records of data.
Scaling Amazon EKS and Cassandra Beyond 1,000 Nodes
aws.amazon.com
This post described a concrete experiment to prove k8ssandra scalability on Amazon EKS.
You will also find general performance and scaling configurations of Amazon EKS that enable customers to scale workloads while maintaining linear performance.
Helm release Time-To-Live for temporary environments
dev.to
In this article, you will learn how you can use the Helm release plugin to create temporary environments with TTL expiration that automatically expire.

Articles worth checking out:

Tutorials

Restricting cluster-admin permissions
marcusnoble.co.uk
What if we need to block an action performed by cluster admins?
You can't do it with RBAC: it only allows for adding permissions, not taking them away.
Learn how you can use Kyverno to do so in this tutorial.
Kubernetes ephemeral volumes & storage
containiq.com
This tutorial will discuss how Kubernetes handles ephemeral storage and how these volumes are provisioned in operating clusters.
Istio service mesh: a start to finish tutorial
natarajsundar.medium.com
In this blog post, you will find an end-to-end tutorial on how to get Istio up and running in your Kubernetes cluster.
You will also discuss the Istio Ambient Mesh.

Kubernetes jobs

- Software Engineer with Gcore
- Salary: €50K to €80K a year
- Location: remote from Europe
- Tech stack: Kubernetes, Docker, Go, Shell, Terraform
- DevOps Engineer with Scandio
- Salary: €45K to €70K a year
- Location: based in the office in München
- Tech stack: Kubernetes, ArgoCD, Terraform

Discover more Kubernetes jobs on Kube Careers →

Code & tools

genuinetools/contained.af
github.com/genuinetools
contained.af is a stupid game for learning about containers, capabilities, and syscalls.
krateoplatformops/krateo
github.com/krateoplatformops
Krateo Platformops is an open-source tool that allows users to create any desired resource on various infrastructures.
It acts as a centralized control plane, allowing users to monitor and control resources.
arttor/helmify
github.com/arttor
Helmify is a command line tool that converts Kubernetes YAML files to Helm charts. It is designed for operator charts but can also be used for other purposes.

Subscribe to Learn Kubernetes Weekly

Trusted by 77K engineers. Delivered 150 issues and counting.

or subscribe via

Upcoming Kubernetes events

Feb
8
Detecting crypto-jacking in Kubernetes workloads
Online webinar organized by Cloud Native Computing Foundation (CNCF).
- This is a virtual event
- This is a free event.
Feb
9
7 Kubernetes tools to boost your productivity
Online meetup organized by Platform Engineers Dublin.
- This is a virtual event
- This is a free event.
Feb
14
Advanced Kubernetes course
In-person workshop organized by Learnk8s.
- Location: Amsterdam, NL
- This event requires an entrance fee
Feb
15
Efficient analytics applications with Kubernetes and Volcano
In-person meetup organized by Cloud Native + Kubernetes Edinburgh.
- Location: Edinburgh, GB
- This is a free event.

Discover more Kubernetes events on Kube Events →

Thanks to our sponsors who make Kube Today possible

Find out more about being a sponsor →

Kubernetes call for papers

expired
DevOps fwdays’23
The Call For Paper was open until 10 February 2023 at UTC. More info →
This is a virtual event
Online conference organized by Fwdays.
The conference starts on the 18 March 2023.
Apply here
expired
TEQnation
The Call For Paper was open until 10 February 2023 at UTC. More info →
Location: Utrecht, NL
In-person conference organized by Reshift Digital.
The conference starts on the 17 May 2023.
Apply here
expired
GeeCON
The Call For Paper was open until 10 February 2023 at UTC. More info →
Location: Kraków, PL
In-person conference organized by GEECON.
The conference starts on the 19 April 2023.
Apply here
expired
CdCon + GitOpsCon
The Call For Paper was open until 11 February 2023 at UTC. More info →
Location: Vancouver, CA
In-person conference organized by Linux Foundation.
The conference starts on the 8 May 2023.
Apply here
expired
ArgoCon
The Call For Paper was open until 13 February 2023 at UTC. More info →
Location: Amsterdam, NL
In-person conference organized by CNCF.
The conference starts on the 18 April 2023.
Apply here
expired
Cloud Native Telco Day
The Call For Paper was open until 13 February 2023 at UTC. More info →
Location: Amsterdam, NL
In-person conference organized by CNCF.
The conference starts on the 18 April 2023.
Apply here
expired
Istio Day
The Call For Paper was open until 13 February 2023 at UTC. More info →
Location: Amsterdam, NL
In-person conference organized by CNCF.
The conference starts on the 18 April 2023.
Apply here
expired
Kubernetes Batch + HPC Day
The Call For Paper was open until 13 February 2023 at UTC. More info →
Location: Amsterdam, ML
In-person conference organized by CNCF.
The conference starts on the 18 April 2023.
Apply here