Learn Kubernetes Weekly issue 84 · 19 Jun 2024
Choosing for multi-tenant code execution, KEDA + Kafka = 62.15%, Helm shortcomings, EKS extended support, Flagger A/B testing, off-hours sleep
This newsletter is brought to you by Otterize — automate workload IAM policies: zero-friction development, zero-trust security.
Articles
Choosing an orchestrator for multi-tenant code execution system
dev.to
In this case study, the Triplete team compares Docker, Docker swarm, AWS lambda, AWS ECS, and Kubernetes and benchmarks them for CCT (container creation time).
EKS+EC2 has faster container creation times.
KEDA + Kafka: improve performance by 62.15% at peak loads
kedify.io
The article explores how combining KEDA with Kafka can significantly improve consumer performance and resource efficiency, as demonstrated by a 62.15% reduction in consumer lag.
glasskube.eu
This article discusses various pitfalls of using Helm, highlighting issues such as unhygienic string templating and lack of template boundaries.
AWS extended EKS support: a costly band-aid for Kubernetes clusters
medium.com
AWS Extended EKS Support allows the use of older Kubernetes versions for an additional 12 months but comes with a hefty price tag and drawbacks.
This article explores the implications of this change.
A/B testing with Linkerd and Flagger using dynamic routing
www.infracloud.io
This article discusses using Linkerd and Flagger for A/B testing in microservices-based applications.
It highlights the role of dynamic request routing in managing traffic flow and enabling gradual rollouts.
Maximize cost savings by putting your Kubernetes resources to sleep during off-hours
perfectscale.io
This article explores different ways to shut down apps during off-hours using KEDA.
It discusses using Cron Scaler for simple scheduling, Custom Metrics API for external system control, and Network Scaler for down-scaling based on network traffic.
Articles worth checking out:
Human readable Network Policies and Kafka ACLs
Otterize
Instead of managing pod identities and manually authoring individual network policies, Otterize implements intent-based access control (IBAC).
Declare what the pods can do, and everything is automatically wired together.
Tutorials
OpenShift multicluster with advanced cluster management for Kubernetes and Submariner
piotrminkowski.com
This tutorial teaches you how to connect multiple OpenShift clusters with Submariner and Advanced Cluster Management for Kubernetes.
dev.to
This tutorial provides a guide on packaging a Docker container and Helm Chart and uploading them to GitLab using GitLab CI.
It discusses generating semantic version tags using various tools like Operator Framework, Kustomize, and Helmify.
Detecting specific incidents within your Kubernetes cluster using eBPF
faun.pub
In this tutorial, you will learn how to use eBPF and bcc to detect incidents in Kubernetes.
Simple OpenTelemetry setup in a Kubernetes environment
medium.com
This tutorial covers auto-instrumenting a Python application, creating an OpenTelemetry collector config, and visualizing telemetry data.
In this KubeFM episode, Yakir and Assaf from Aqua Security explore how a robust Kubernetes secrets strategy is necessary to prevent leaks and maintain a strong security posture.
You will learn:
- How Kubernetes secrets are leaked, and what tools can you use to prevent that (Hint: Yakir and Assaf suggested using more than one.)
- How shadow IT is a more significant threat you might think and why companies should monitor personal Github repositories.
- What happens when a secret is leaked and how attackers exploit your resources (or further gain access to more).
Kubernetes jobs
Platform Engineer with Hook Technology
Salary: £85K to £105K a year
Location: based in the office (and remote from home) in London, GB
Tech stack: Kubernetes, AWS, Docker, Terraform
DevOps Engineer with Madwire
Salary: $100K to $160K a year
Location: remote from the United States
Tech stack: Kubernetes, AWS, GCP, Go, Python, Javascript, Terraform, Pulumi, CircleCI, GitHub Actions
Site Reliability Engineer with Commify
Salary: €78K to €82K a year
Location: based in the office (and remote from home) in Bucharest, RO
Tech stack: Kubernetes, Azure, Shell, Python, Ruby, C#, Powershell, Terraform, Azure DevOps, Jenkins
Software Engineer with Mercari
Salary: ¥4.8M to ¥6.34M a year
Location: remote from Japan
Tech stack: Kubernetes, AWS, GCP, Go, SQL, Javascript, Java, PHP, Swift, Kotlin
Discover more Kubernetes jobs on Kube Careers →
Code & tools
github.com/deggja
Serpent lets you play snake while wreaking havoc in your Kubernetes cluster.
Have fun while you can.
github.com/pavelzag
Pred8tor is a tool to clean up Kubernetes objects tagged for expiration.
github.com/theelderbeever
kubectl-guardrails lets you put guardrails on the contexts and subcommands you care about and let everything else pass through unabated.
It helps avoid issuing commands in the wrong context.
github.com/ssup2
kpexec runs a highly privileged container on the same node as the target container and joins into the target container's namespaces (IPC, UTS, PID, net, mount).
This is useful for debugging where you often need to execute commands with high privileges.
github.com/intel
Platform-aware Scheduling (PAS) is a set of projects designed to expose platform-specific attributes to the Kubernetes scheduler.
It uses a modular, policy-driven approach and includes a core library for building custom scheduler extensions.
Other interesting projects:
Upcoming Kubernetes events
Jun
26
CloudNativeSecurityCon North America
In-person conference organized by Linux Foundation.
Location: Seattle, WA, USA
This event requires an entrance fee
Jun
20
Kubernetes Community Days Italy 2024
In-person conference organized by KCD Italy.
Location: Milan, IT
This is a free event.
Jun
24
Advanced Kubernetes course (Munich)
In-person workshop organized by Learnk8s.
Location: Munich, DE
This event requires an entrance fee
Jun
22
Kubernetes Community Days Hyderabad 2024
Online & in-person conference organized by KCD Hyderabad.
Location: Hyderabad, IN and virtual
This event requires an entrance fee
Jun
25
Online conference organized by KubeVirt.
This is a virtual event
This event requires an entrance fee
Kubernetes call for papers
expired
The Call For Paper was open until 29 June 2024 at UTC. More info →
Location: Medellín, CO
In-person conference organized by Linux Foundation.
The conference starts on the 9 October 2024.
- Apply here
expired
Kubernetes Community Days Austria 2024
The Call For Paper was open until 23 June 2024 at UTC. More info →
Location: Vienna, AT
In-person conference organized by KCD Austria.
The conference starts on the 8 October 2024.
- Apply here
expired
Kubernetes Community Days Lahore 2024
The Call For Paper was open until 22 June 2024 at UTC. More info →
Location: Lahore, PK
In-person conference organized by KCD Lahore.
The conference starts on the 7 July 2024.
- Apply here
expired
Kubernetes Community Days Porto 2024
The Call For Paper was open until 15 July 2024 at UTC. More info →
Location: Porto, PT
In-person conference organized by KCD Porto.
The conference starts on the 27 September 2024.
- Apply here
expired
The Call For Paper was open until 26 August 2024 at UTC. More info →
This is a virtual event
Online conference organized by Conf42.
The conference starts on the 26 September 2024.
- Apply here
expired
The Call For Paper was open until 5 August 2024 at UTC. More info →
This is a virtual event
Online conference organized by Conf42.
The conference starts on the 5 September 2024.
- Apply here
expired
The Call For Paper was open until 24 June 2024 at UTC. More info →
Location: London, UK
In-person conference organized by SREday.
The conference starts on the 19 September 2024.
- Apply here
expired
The Call For Paper was open until 18 September 2024 at UTC. More info →
Location: San Francisco, CA, USA
In-person conference organized by InfoQ.
The conference starts on the 18 November 2024.
- Apply here
expired
The Call For Paper was open until 20 June 2024 at UTC. More info →
Location: Vilnius, LT
In-person conference organized by FIX EVENTS.
The conference starts on the 15 November 2024.
- Apply here
Until next time!
— Dan