Learn Kubernetes Weekly issue 82 · 5 Jun 2024

How we are managing a container platform, Leaky Vessels, Inspect Kubernetes networking, Using requests for allocating other than CPU or memory

This newsletter is brought to you by StormForge — stop setting Kubernetes requests and limits. Leave it to machine learning and automation.

Articles

  1. How we are managing a container platform

    medium.com

    In this 3-part series, you will learn how the team at Adidas uses GitOps to operate their platform, which spans five continents, has 60+ clusters, and serves thousands of developers.

  2. EKS Karpenter: a deep dive and best practices

    www.stormforge.io

    Karpenter represents a significant advancement for Kubernetes autoscaling, offering instance configuration flexibility, cost optimization features, and the ability to manage instances with Kubernetes-native objects.

    sponsored

  3. Leaky Vessels deep dive: escaping from Docker one syscall at a time

    dev.to

    Learn how Snyk security researchers uncovered the Leaky Vessels container breakout Docker vulnerabilities that allow a malicious attacker to break out of a container environment with a controlled Dockerfile under docker build and docker run.

  4. How to inspect Kubernetes networking

    medium.com

    This article provides a guide on how to inspect Kubernetes networking.

    It covers tools and techniques for debugging connectivity issues, investigating network throughput problems, and understanding Kubernetes operations.

  5. Using Kubernetes requests for allocating resources other than CPU or memory

    itnext.io

    This article explores resource requests beyond CPU and memory, focusing on extended resources such as IP addresses per node.

    It introduces Node-level extended resources and details how pods can efficiently utilize them.

  6. How Kubernetes requests are implemented

    itnext.io

    This article explores Kubernetes requests implementation.

    It highlights the significance of system-reserved and kube-reserved flags in CPU and Memory allocation and the role of cgroups in managing resources.

Articles worth checking out:

Autonomous Rightsizing for Kubernetes Workloads

StormForge

Double your Kubernetes resource utilization and unburden developers from sizing complexity with the first HPA-compatible vertical pod rightsizing solution.

Try it for free

Autonomous Rightsizing for Kubernetes Workloads

Tutorials

  1. How to scale a JVM application on Kubernetes

    www.stormforge.io

    One of the challenges when scaling JVM-based applications in Kubernetes using the HPA is the potential for thrashing due to the CPU burst that occurs during the JVM's JIT compilation.

    In this tutorial, you'll see how to rightsize JVM applications running on Kubernetes.

    sponsored

  2. Transform Kubernetes manifests into Helm Chart

    harshhaa.hashnode.dev

    In this tutorial, you'll incrementally migrate a Deployment and Service YAML definition to a Helm chart.

  3. Automation of building, signing and verifying docker images: Kaniko + Cosign + Kyverno

    medium.com

    The article discusses automating the building, signing, and verifying of Docker images using tools like Kaniko, Cosign, and Kyverno.

    It explains how these tools can be integrated into a GitLab CI/CD pipeline to improve efficiency and security.

  4. K3s + kubevip as a cloud controller manager

    mrpbennett.dev

    This tutorial discusses the deployment of K3s with KubeVIP as a load balancer and cloud controller manager.

    The author shares his experience setting up KubeVIP, adding additional servers and agents, and testing the setup with an nginx web server.

Platform engineering: learning from the Kubernetes API

In this KubeFM episode, Hans, a Principal Cloud engineer, shares his experiences empowering teams to use, build and manage platforms built on Kubernetes.

You will learn:

  • How OpenTelemetry and Prometheus shape cluster management and observability.
  • The role of tools like ArgoCD and Flux in enabling GitOps and streamlining deployment processes.
  • The significance of governance tools such as Gatekeeper and OPA for secure and validated resource creation.
  • The benefits of Custom Resource Definitions (CRDs) and operators in automating processes and enhancing the developer experience.
Platform engineering: learning from the Kubernetes API

Kubernetes jobs

    • Software Engineer with Volley Automation

    • Salary: $150K to $200K a year

    • Location: based in the office (and remote from home) in San Francisco, CA, USA

    • Tech stack: Kubernetes, AWS, On-premise, Data center, Docker, Go, Python, Java, Ruby, C++

    • Platform Engineer with Hook Technology

    • Salary: £85K to £105K a year

    • Location: based in the office (and remote from home) in London, GB

    • Tech stack: Kubernetes, AWS, Docker, Terraform

Discover more Kubernetes jobs on Kube Careers →

Code & tools

  1. Whereabouts: IPAM CNI

    github.com/k8snetworkplumbingwg

    Whereabouts is an IP Address Management (IPAM) CNI plugin that assigns IP addresses cluster-wide.

    Whereabouts can be used for both IPv4 & IPv6 addressing.

  2. Carvel: composable tools

    github.com/carvel-dev

    Carvel provides reliable, single-purpose, composable tools for application building, configuration, and deployment to Kubernetes.

  3. Kubernetes Terraform installer for Hetzner Cloud

    github.com/identiops

    This Terraform module creates a Kubernetes Cluster on Hetzner Cloud infrastructure running Ubuntu 22.04.

    The module aims to be simple to use while providing an out-of-the-box, secure, and maintainable setup.

  4. ktunnel: reverse tunnel

    github.com/omrikiei

    ktunnel is a CLI tool that establishes a reverse tunnel between a kubernetes cluster and your local machine.

  5. Cyphernetes

    github.com/AvitalTamir

    Cyphernetes lets you query the Kubernetes API as if it were a graph database and discover relationships between resources.

Other interesting projects:

Subscribe to Learn Kubernetes Weekly

Trusted by 77K engineers. Delivered 150 issues and counting.

or subscribe via

Upcoming Kubernetes events

  1. Jun

    6

    Kubernetes Community Days Czech Slovak 2024

    Online & in-person conference organized by KCD Czech & Slovak.

    • Location: Prague, CZ and virtual

    • This event requires an entrance fee

      • Use Learnk8s to get 20% off

  2. Jun

    6

    KuberTENes Birthday Bash

    Online & in-person meetup organized by Linux Foundation.

    • Location: Silicon Valley, CA, USA and virtual

    • This is a free event.

  3. Jun

    13

    Kubernetes Community Days Zürich 2024

    In-person conference organized by KCD Zürich.

    • Location: Zürich, CH

    • This is a free event.

  4. Jun

    13

    Kubernetes Community Days Barcelona 2024

    In-person conference organized by DevBcn.

    • Location: Madrid, ES

    • This event requires an entrance fee

      • Use MP-L34RN-K8S to get 10% off

  5. Jun

    13

    Advanced Kubernetes course

    Online workshop organized by Learnk8s.

    • This is a virtual event

    • This event requires an entrance fee

  6. Jun

    24

    Advanced Kubernetes course (Munich)

    In-person workshop organized by Learnk8s.

    • Location: Munich, DE

    • This event requires an entrance fee

Discover more Kubernetes events on Kube Events →

Thanks to our sponsors who make Kube Today possible

  • LearnKube
  • Akamai
  • Fairwinds
  • Densify
Find out more about being a sponsor →

Kubernetes call for papers

  1. expired

    KubeCon North America

    The Call For Paper was open until 10 June 2024 at UTC. More info →

    • Location: Salt Lake City, UT, USA and virtual

    • Online & in-person conference organized by Linux Foundation.

    • The conference starts on the 12 November 2024.

    • Apply here

  2. expired

    Kubeday Colombia

    The Call For Paper was open until 29 June 2024 at UTC. More info →

    • Location: Medellín, CO

    • In-person conference organized by Linux Foundation.

    • The conference starts on the 9 October 2024.

    • Apply here

  3. expired

    Kubernetes Community Days Austria 2024

    The Call For Paper was open until 23 June 2024 at UTC. More info →

    • Location: Vienna, AT

    • In-person conference organized by KCD Austria.

    • The conference starts on the 8 October 2024.

    • Apply here

  4. expired

    Kubernetes Community Days Lahore 2024

    The Call For Paper was open until 22 June 2024 at UTC. More info →

    • Location: Lahore, PK

    • In-person conference organized by KCD Lahore.

    • The conference starts on the 7 July 2024.

    • Apply here

  5. expired

    Kubernetes Community Days Porto 2024

    The Call For Paper was open until 15 July 2024 at UTC. More info →

    • Location: Porto, PT

    • In-person conference organized by KCD Porto.

    • The conference starts on the 27 September 2024.

    • Apply here

  6. expired

    Kube Native 2024

    The Call For Paper was open until 26 August 2024 at UTC. More info →

    • This is a virtual event

    • Online conference organized by Conf42.

    • The conference starts on the 26 September 2024.

    • Apply here

  7. expired

    CloudX 2024

    The Call For Paper was open until 14 June 2024 at UTC. More info →

    • Location: Santa Clara, CA, USA

    • In-person conference organized by DevNetwork.

    • The conference starts on the 5 November 2024.

    • Apply here

  8. expired

    Platform Engineering 2024

    The Call For Paper was open until 5 August 2024 at UTC. More info →

    • This is a virtual event

    • Online conference organized by Conf42.

    • The conference starts on the 5 September 2024.

    • Apply here

  9. expired

    SREday London

    The Call For Paper was open until 24 June 2024 at UTC. More info →

    • Location: London, UK

    • In-person conference organized by SREday.

    • The conference starts on the 19 September 2024.

    • Apply here

Until next time!

— Dan

Subscribe to Learn Kubernetes Weekly

Trusted by 77K engineers. Delivered 150 issues and counting.

or subscribe via