Learn Kubernetes Weekly issue 108

Zero trust ebook, OpenAI's replicating sandboxing infrastructure, Node services to Kubernetes, Load balancing Airbyte, Git clone to node root

4 Dec 2024

This newsletter is brought to you by simplyblock, your intelligent Kubernetes data platform.

  1. [PDF] Zero trust ebook

    In this ebook you will learn how to establish secure communication between clusters and pods, and discover the best practices for implementing zero-trust security in your Kubernetes environment.

  2. NVMe & Kubernetes: future-Proofing your infrastructure

    Chris Engelbert

    Marrying NVMe devices, NVMe over TCP, and Persistent Volumes enables a modern and high-performing storage backend for your disk-loving Kubernetes workloads, such as databases, file servers, and similar use cases.

    sponsored

  3. OpenAI's code execution runtime & replicating sandboxing infrastructure

    Dogukan Uraz Tuna

    This article replicates OpenAI's code execution runtime using gVisor for sandboxing in Google Kubernetes Engine, creating a sandboxed environment for executing code using gVisor and GKE.

  4. How we seamlessly transitioned our node services to Kubernetes

    Games24x7 Blogs

    Learn how Games24x7 migrated their Node.js services to Kubernetes, including packaging Node.js and Nginx containers, leveraging TargetGroupBinding for request routing, and optimizing API latency with NodeLocal DNSCache.

  5. Load balancing Airbyte workloads across multiple Kubernetes clusters

    Jimmy Ma

    Discover how the Airbyte team deploys workloads across multiple Kubernetes clusters using a control-plane/data-plane architecture.

    This approach allows Airbyte Cloud to effectively manage workloads and scale to accommodate increasing demands.

  6. Sneaky write hook: Git clone to root on Kubernetes node

    Imre Rad

    This article discusses a security vulnerability in Kubernetes' deprecated gitRepo volume driver, which allows an attacker to execute arbitrary commands on a worker node as root, and provides information on how to prevent it.

Articles worth checking out:

Intelligent Kubernetes storage orchestration

Simplyblock

Simplyblock's Intelligent Data Platform provides unparalleled performance, cost efficiency, simplicity, and reliability with dynamic provisioning, immediate snapshotting, and clones for your Kubernetes storage needs.

See for yourself

Intelligent Kubernetes storage orchestration
  1. From theory to practice: Implementing a 5G core network using open source tools

    Danilo Granados

    This article walks through the steps to implement and test an open-source 5G core network using Kubernetes and Helm, covering architecture, network configuration, and end-to-end connectivity testing.

  2. Why would you run PostgreSQL in Kubernetes, and how?

    Chris Engelbert

    Deploying and operating a PostgreSQL cluster in Kubernetes has its challenges.

    Learn all about how to achieve scalability, reliability, and resiliency. Not to forget how to select your operator of choice to make it all a breeze.

    sponsored

  3. Opa Gatekeeper: how to write policies for Kubernetes clusters

    Ege Aytin

    Learn how to use Open Policy Agent (OPA) to write policies for Kubernetes clusters, including defining namespace policies, allocating resource quotas, and creating a custom validation webhook.

  4. GitOps at scale: clusters bootstrapping

    Jean-Philippe Gouin

    This article explains how to structure a Git repository to manage multiple environments and applications and deploy and promote applications across environments using GitOps and ArgoCD.

  5. Two-host-long story of setting up your Kubernetes lab

    Maciej Rak

    This article sets up a lab environment and a two-host cluster, covering hardware setup, network separation, hypervisor and virtual machines, and the installation of Docker and Kubernetes.

    • Platform Engineer with Auria

    • Salary: $139K to $195K a year

    • Location: based in the office (and remote from home) in El Segundo, CA, USA

    • Tech stack: Kubernetes, Azure, VMware Tanzu, Kustomize, Helm, ArgoCD, Mongo, PostgreSQL, Grafana, Prometheus

    • Software Engineer with SentinelOne

    • Salary: €42K a year

    • Location: remote from Slovakia

    • Tech stack: Kubernetes, AWS, GCP, Helm, Docker, Python, GraphQL, Java, Redis, PostgreSQL

    • Solution Architect with Helpshift

    • Salary: $90K a year

    • Location: remote from the United States

    • Tech stack: Kubernetes, AWS, Azure, Go, Shell, Python, Javascript, C#, Powershell, Terraform

    • Solution Architect with Devoteam

    • Salary: €54K a year

    • Location: based in the office in Vilnius, LT

    • Tech stack: Kubernetes, AWS, Azure, GCP, Shell, Python, SQL, Powershell, Terraform

Discover more Kubernetes jobs on Kube Careers →

  1. Cuber: deploy app easily

    Cuber is an automation tool that makes it easy to publish your applications on Kubernetes.

    Cuber is a gem written in Ruby, but you can deploy apps in any language and framework.

  2. Telepresence: code against remote clusters

    Telepresence is an open-source tool that allows code and test microservices locally against a remote Kubernetes cluster.

  3. Knative: serveless and event-driven apps

    Knative is an open-source enterprise-level solution to build Serverless and event-driven applications.

    Knative Serving automatically turns off services running in containers when there is no demand.

  4. Kube-green: automatic scaler

    Kube-green is a simple k8s addon that automatically shuts down (some of) your resources when you don't need them.

  5. ko: easy Go containers

    ko is a simple, fast container image builder for Go applications.

    It's ideal for use cases where your image contains a single Go application without any/many dependencies on the OS base image (e.g., no cgo, no OS package dependencies).

Other interesting projects:

Upcoming Kubernetes events

  1. Dec

    11

    KubeCon India

    In-person conference organized by Linux Foundation.

    • Location: Delhi, IN

    • This event requires an entrance fee

  2. Dec

    10

    Dutch Cloud Native Day 2024

    In-person conference organized by Cloud Native Amsterdam.

    • Location: Amsterdam, NL

    • This is a free event.

  3. Dec

    6

    Kubernetes Community Days Floripa Brasil 2024

    In-person conference organized by KCD Brasil.

    • Location: São Paulo, BR

    • This event requires an entrance fee

  4. Dec

    10

    Kubernetes fleet management at Adobe

    Online meetup organized by The Platformers Community San Francisco.

    • This is a virtual event

    • This is a free event.

  5. Dec

    5

    Kubetools Day 2.0 Toronto

    Online & in-person meetup organized by KubeTools.

    • Location: Toronto, CA and virtual

    • This is a free event.

Discover more Kubernetes events on Kube Events →

Kubernetes Call for Papers

  1. expired

    ArgoCon Europe

    The Call For Paper was open until 4 December 2024 at UTC. More info →
    • Location: London, UK

    • In-person conference organized by Linux Foundation.

    • The conference starts on the 1 April 2025.

    • Apply here
  2. expired

    Kubernetes on Edge Day Europe

    The Call For Paper was open until 4 December 2024 at UTC. More info →
    • Location: London, UK

    • In-person conference organized by Linux Foundation.

    • The conference starts on the 1 April 2025.

    • Apply here
  3. expired

    CiliumCon Europe

    The Call For Paper was open until 4 December 2024 at UTC. More info →
    • Location: London, UK

    • In-person conference organized by Linux Foundation.

    • The conference starts on the 1 April 2025.

    • Apply here
  4. 40

    days

    Cloud Native Days Romania

    The Call For Paper is open until 31 January 2025 at UTC. More info →
    • Location: Bucharest, RO

    • In-person conference organized by Cloud Native Romania.

    • The conference starts on the 6 May 2025.

    • Apply here
  5. expired

    Data on Kubernetes Day

    The Call For Paper was open until 4 December 2024 at UTC. More info →
    • Location: London, UK

    • In-person conference organized by Linux Foundation.

    • The conference starts on the 1 April 2025.

    • Apply here
  6. expired

    Cloud Native Telco Day Europe

    The Call For Paper was open until 4 December 2024 at UTC. More info →
    • Location: London, UK

    • In-person conference organized by Linux Foundation.

    • The conference starts on the 1 April 2025.

    • Apply here
  7. expired

    Istio Day Europe

    The Call For Paper was open until 4 December 2024 at UTC. More info →
    • Location: London, UK

    • In-person conference organized by Linux Foundation.

    • The conference starts on the 1 April 2025.

    • Apply here
  8. expired

    Kubeflow Summit Europe

    The Call For Paper was open until 4 December 2024 at UTC. More info →
    • Location: London, UK

    • In-person conference organized by Linux Foundation.

    • The conference starts on the 1 April 2025.

    • Apply here
  9. expired

    Platform Engineering Day

    The Call For Paper was open until 4 December 2024 at UTC. More info →
    • Location: London, UK

    • In-person conference organized by Linux Foundation.

    • The conference starts on the 1 April 2025.

    • Apply here

Until next time!

— Dan

Subscribe and, every Wednesday, receive the latest Kubernetes news!

Or follow us on: