Learn Kubernetes weekly — issue 17

Articles

1. Kubernetes scalability thresholds

   github.com/kubernetes

   In this write up you will find a list of scalability thresholds for Kubernetes.

2. Does Kubernetes really give you multicloud portability?

   medium.com

   In this article, the team at McKinsey deployed the same app in GKE, AKS, and EKS and measured the effort with the intent to test multi-cloud portability.

   Spoiler: it did not go well.

3. Kubernetes traffic discovery

   otterize.com

   In this article, you'll learn how you can use Kubernetes service discovery to figure out "who's calling whom" within a cluster.

4. Kubernetes security best practices: network policies

   medium.com

   In this blog post, you'll cover the following topics:

   1. What a NetworkPolicy is, and why do you need it.
   2. How NetworkPolicies are structured.
   3. Best practices for defining NetworkPolicies.
   4. An example of defining NetworkPolicies.

5. The potential of pod migrations in Kubernetes

   blog.astobbe.me

   In this article (and related links), you will learn the challenges, progress and future of migrating pods (live, without destroying them) in Kubernetes.

6. When Kubernetes pods are stuck mounting large volumes

   medium.com

   In this article, you'll discover how the team at Deutsche Telekom solved an issue with mounting volumes in Kubernetes: volume in the test environment took ~7 minutes to mount. On prod, 24 minutes.

Articles worth checking out:

• Demystifying the "for" vs "owns" vs "watches" controller-builders in controller-runtime

• Local Kubernetes  —  the one above all

• K8s pod anti-affinity

• ArgoCD at scale with ApplicationSet & Go template

• Server-side apply to the rescue

Tutorials

1. Deploying and autoscaling Kubernetes with Knative

   nearform.hashnode.dev

   In this tutorial, you will learn how to:

   • Install and use Knative.
   • Autoscale your pods with the KPA.
   • Shape the traffic in your cluster.
   • Collect metrics (Prometheus/OTEL).

2. A simple end-to-end application (DB, API, UI) in a local Kubernetes cluster

   medium.com

   In this tutorial, you will learn how to use Kubernetes by building and deploying a simple application from scratch.

   The application is a simple TODO list that stores the nodes in MongoDB.

3. GKE with Consul service mesh

   joachim8675309.medium.com

   This article shows how to set up and get started with Consul Service Mesh on Kubernetes.

   Dgraph, a distributed graph database, will be used to demonstrate a real-world application using the service mesh.

4. Supply Chain Security on EKS using AWS KMS, Kyverno, and Cosign

   aws.amazon.com

   In this post, you'll learn how you can implement supply chain security using open-source tools on Amazon EKS with AWS KMS and Cosign with Kyverno.

5. Policies as code in Kubernetes using jsPolicy

   pavan1999-kumar.medium.com

   jsPolicy is a policy engine for Kubernetes that allows you to write policies in JavaScript or TypeScript.

   Learn how to use it in this tutorial.

Kubernetes jobs

1. • DevOps Engineer with Defense Unicorns

   • Salary: $150K to $170K a year

   • Location: remote from the United States

   • Tech stack: Kubernetes, AWS, GCP, Azure, Helm, Terraform, Pulumi

2. • DevOps Engineer with WellSaid Labs

   • Salary: $170K to $190K a year

   • Location: remote from the United States

   • Tech stack: Kubernetes, AWS, GCP, Docker, Go, Typescript, Python

Discover more Kubernetes jobs on Kube Careers →

Code & tools

1. komodorio/helm-dashboard

   github.com/komodorio

   The Helm Dashboard plugin offers a UI-driven way to view the installed Helm charts, and see their revision history and corresponding Kubernetes resources.

   Also, you can perform simple actions like roll back to a revision or upgrade to a newer version.

2. vulhub/vulhub

   github.com/vulhub

   Vulhub is an open-source collection of pre-built vulnerable docker environments.

   No pre-existing knowledge of docker is required, just execute two simple commands, and you have a vulnerable environment.

3. vidispine/hull

   github.com/vidispine

   The HULL Helm library chart is designed to ease building, maintaining and configuring Kubernetes objects in Helm charts.

4. bitnami-labs/sealed-secrets

   github.com/bitnami-labs

   Sealed Secrets provides declarative Kubernetes Secret Management in a secure way.

   Since the Sealed Secrets are encrypted, they can be safely stored in a code repository.

5. waterkube/waterkube

   waterkube.dev

   Waterkube is an underwater archaeology game for Kubernetes.

Other interesting projects:

• kubewharf/kubegateway

• azure/bridge-to-kubernetes

• reactive-tech/kubegres

• Kubernetes icons set

• spotahome/redis-operator

• bashtools/mokctl

• jimmidyson/configmap-reload

• movetokube/postgres-operator

Upcoming Kubernetes events

1. Mar

   9

   Advanced Kubernetes course

   Online workshop organized by Learnk8s.

   • This is a virtual event

   • This event requires an entrance fee

2. Mar

   9

   Kubernetes Community Days Los Angeles

   In-person conference organized by KCD Los Angeles.

   • Location: Los Angeles, CA, USA

   • This is a free event.

3. Mar

   11

   Kubernetes Community Days Turkey 2023

   Online & in-person conference organized by KCD Turkey 2023.

   • Location: Istanbul, TR and virtual

   • This event requires an entrance fee

4. Mar

   16

   Kubernetes Community Days Ukraine

   Online conference organized by KCD Ukraine Fundraiser 2023.

   • This is a virtual event

   • This event requires an entrance fee

Discover more Kubernetes events on Kube Events →

Kubernetes call for papers

1. expired

   DevConf.CZ

   The Call For Paper was open until 10 March 2023 at UTC. More info →

   • Location: Brno, CZ and virtual

   • Online & in-person conference organized by Red Hat.

   • The conference starts on the 16 June 2023.

   • Apply here

2. expired

   DevOps Enterprise Summit

   The Call For Paper was open until 10 March 2023 at UTC. More info →

   • Location: Amsterdam, NL

   • In-person conference organized by IT Revolution.

   • The conference starts on the 16 May 2023.

   • Apply here

3. expired

   GrafanaCON 2023

   The Call For Paper was open until 11 March 2023 at UTC. More info →

   • This is a virtual event

   • Online conference organized by Grafana Labs.

   • The conference starts on the 12 June 2023.

   • Apply here

Until next time!

— Dan