Learn Kubernetes Weekly issue 53 · 15 Nov 2023
Choosing a worker node size, Bolstering security & automating EKS clusters, Scaling Rails with HPA, Bypassing admission webhooks, resize CPU limits
Articles
Architecting Kubernetes clusters — choosing a worker node size
learnk8s.io
What type of worker nodes should you use for your Kubernetes cluster?
And how many of them?
This article looks at the pros and cons.
Bolstering security & automating management of Target Australia's EKS clusters
medium.com
This article covers the lesson learned at Target Australia from running EKS at scale:
- The usage of Bottlerocket and its security benefits
- How Karpenter is a more cost-effective and flexible solution than the Cluster Autoscaler.
Automatically scale your rails application with HPA
treatwell.engineering
In this case study, you'll learn how the team at Treatwell customised metrics for the Horizontal Pod Autoscaler, optimising the system's response to varying traffic demands and reducing their monthly costs by 35–40%.
How to bypass admission webhooks and have a giant security hole
medium.com
In this article, you'll discuss the security risks associated with the deprecation of Pod Security Policies and potential issues with webhook validation that could lead to a compromised cluster.
Unleashing the power of Kubernetes: deploying containers with cluster resource access
itnext.io
In this article, you'll learn how to use Cluster Role, Cluster Role Binding, and Service Account to deploy a simple application capable of accessing the cluster's resources using kubectl from within a pod.
Validate if Kubernetes deployments have LivenessProbe and ReadinessProbes
medium.com
In this tutorial, you will learn how to write a validating admission controller to check if Deployments have the proper liveness and readiness probes in place.
Articles worth checking out:
Tutorials
Resize CPU limit to speed up Java startup on Kubernetes
piotrminkowski.com
In this article, you'll learn how to solve the slow startup times of Java apps on Kubernetes related to CPU limit.
You'll use the In-place Pod Vertical Scaling feature to resize resources (CPU or memory) assigned to the containers without restarting.
Pod restart notifier operator CRD
medium.com
In this guide, you'll learn how to create a Kubernetes operator called pod-restart-notifier with kubebuilder.
The operator uses Custom Resource Definitions to define custom resources and manage their lifecycle.
Vault: externals secrets in Kubernetes cluster
medium.com
In this tutorial, you will learn how to store your sensitive secrets in a self-hosted Vault and share them with a Kubernetes cluster.
How to list Kubernetes pods using the Go SDK
www.faizanbashir.me
This article will walk you through listing Pods and Namespaces in a Kubernetes cluster with the help of go-client SDK.
Should every project start with Kubernetes?
And if not, when is the right time to switch without incurring (unbearable) technical debt?
In this episode of KubeFM, you will learn how the team at Loovatech designed an app from scratch and decided to use Docker Compose to host their infrastructure cheaply and effectively in a single virtual machine.
As the project grew, the team had to make the difficult choice to rearchitect their infrastructure and plan for scalability and fault tolerance.
Follow their journey and learn:
- How to migrate from a single Docker Compose file with 24 containers to Kubernetes.
- How to verify that your apps are stateless and what changes are necessary to deploy them into Kubernetes.
- How to manage expectations and explain the value of a complex migration to your boss or (non-tech-savvy) customers.
Vasily and Ronald also shared how they integrated ArgoCD and their existing CI/CD to leverage push and pull-based GitOps and their plans to incorporate multi-tenancy and custom metrics.
Kubernetes jobs
Machine Learning Engineer with FATHOM
Salary: $160K to $220K a year
Location: remote from the United States
Tech stack: Kubernetes, AWS, Airflow
DevSecOps Engineer with Angi
Salary: $175K to $185K a year
Location: remote from the United States
Tech stack: Kubernetes, AWS, On-premise, Helm, Python, SQL, Java, Scala, Ruby, Terraform
Platform Engineer with Altos Labs
Salary: $153K to $273.7K a year
Location: based in the office in San Diego, CA, USA
Tech stack: Kubernetes, AWS, On-premise, Docker, Shell, Python, Terraform, CDK, Ansible, Grafana
Discover more Kubernetes jobs on Kube Careers →
Code & tools
kpack: Kubernetes-native container build service
github.com/buildpacks-community
kpack extends Kubernetes and utilizes unprivileged kubernetes primitives to provide builds of OCI images as a platform implementation of Cloud Native Buildpacks (CNB).
Koordinator: QoS-based scheduling
github.com/koordinator-sh
Koordinator is a QoS-based scheduling system for hybrid orchestration workloads on Kubernetes.
Its goal is to improve the runtime efficiency and reliability of both latency-sensitive workloads and batch jobs.
github.com/kubernetes-sigs
AWS Load Balancer Controller is a controller to help manage Elastic Load Balancers for a Kubernetes cluster.
It satisfies:
- Ingress resources by provisioning Application Load Balancers.
- Service resources by provisioning Network Load Balancers.
KubeBlocks: manage database workloads
github.com/apecloud
KubeBlocks is an open-source Kubernetes operator that manages relational, NoSQL, vector, and streaming databases on the public cloud or on-premise.
It is designed for production, providing reliable, performant, cost-effective data infrastructure.
Claudie: managing multi-cloud and hybrid-cloud
github.com/berops
Claudie is a platform for managing multi-cloud Kubernetes clusters with each node pools in a different cloud provider.
Other interesting projects:
Upcoming Kubernetes events
Nov
17
Getting started with containers and Kubernetes
Online workshop organized by #thenewITgirls.
This is a virtual event
This is a free event.
Nov
15
Online conference organized by DevNetwork.
This is a virtual event
This event requires an entrance fee
Nov
16
Certified Kubernetes administrator hands-on
Online workshop organized by Cloud Native Islamabad.
This is a virtual event
This is a free event.
Nov
18
Helm 101: mastering Kubernetes application management with Helm
Online meetup organized by Women in Cloud Native.
This is a virtual event
This is a free event.
Nov
22
Harnessing the power of operators in Kubernetes
Online & in-person meetup organized by Cloud Native Vienna.
Location: Vienna, AT and virtual
This is a free event.
Kubernetes call for papers
expired
KubeCon + CloudNativeCon Europe
The Call For Paper was open until 26 November 2023 at UTC. More info →
Location: Paris, FR
In-person conference organized by Linux Foundation.
The conference starts on the 19 March 2024.
- Apply here
expired
Kubernetes Community Days Kerala 2024
The Call For Paper was open until 18 November 2023 at UTC. More info →
Location: Kochi, IN
In-person conference organized by KCD Kerala.
The conference starts on the 3 February 2024.
- Apply here
expired
Kubernetes Community Days Costa Rica 2024
The Call For Paper was open until 1 February 2024 at UTC. More info →
Location: Heredia, CR
In-person conference organized by KCD Costa Rica.
The conference starts on the 1 March 2024.
- Apply here
expired
The Call For Paper was open until 4 December 2023 at UTC. More info →
Location: San Jose, CA, USA
In-person conference organized by Linux Foundation.
The conference starts on the 29 April 2024.
- Apply here
expired
The Call For Paper was open until 1 December 2023 at UTC. More info →
Location: Birmingham, AL, USA
In-person conference organized by Devopsdays.
The conference starts on the 18 April 2024.
- Apply here
expired
The Call For Paper was open until 31 January 2024 at UTC. More info →
Location: Vilnius, LT and virtual
Online & in-person conference organized by DATA MINER.
The conference starts on the 20 May 2024.
- Apply here
expired
The Call For Paper was open until 23 January 2024 at UTC. More info →
Location: Istanbul, TR
In-person conference organized by Devopsdays.
The conference starts on the 20 April 2024.
- Apply here
expired
The Call For Paper was open until 27 January 2024 at UTC. More info →
Location: Raleigh, NC, USA
In-person conference organized by Devopsdays.
The conference starts on the 10 April 2024.
- Apply here
expired
The Call For Paper was open until 3 December 2023 at UTC. More info →
Location: Stockholm, SE
In-person conference organized by Cornerstone.
The conference starts on the 15 May 2024.
- Apply here
Until next time!
— Dan