Learn Kubernetes Weekly issue 116

Journey through unexpected heap issues, optimize for large Docker images, autoscaling using metrics based on app workflows, seccomp

29 Jan 2025

This newsletter is brought to you by StormForge — the only JVM workload rightsizing solution. Sign up for the beta.

Articles

  1. Node.js 20 upgrade: a journey through unexpected heap issues with Kubernetes

    Ztec

    In this article, you'll learn about the unexpected HEAP issues that arose during a Node.js 18 to Node.js 20 upgrade in a Kubernetes environment, and how to troubleshoot and resolve performance problems related to memory and CPU reservations.

  2. Why flexibility matters when setting Kubernetes resource limits

    Shane Sorbello

    Setting CPU and memory limits is a contentious topic, and the internet is full of opinions.

    So what should you do? The short answer is: It depends.

    Here are a few scenarios to help you decide if and how you should set limits.

    sponsored

  3. How to optimize Kubernetes for large Docker images

    Kazakov Kirill

    In this article, you'll learn how to optimize Kubernetes for large Docker images, reducing cold start times and disk pressure issues, and improving overall deployment efficiency with a warm-up process for Kubernetes nodes.

  4. How to optimize autoscaling in Kubernetes using metrics based on application workflows

    César Sepúlveda

    Discover how to move beyond traditional Horizontal Pod Autoscaler (HPA) and Vertical Pod Autoscaler (VPA) methods and leverage tools like KEDA to scale your applications more efficiently and reduce costs.

  5. Container internals series: seccomp

    Teodor Janez Podobnik

    In this article, you'll learn how to create and manage Seccomp profiles using Golang to control system calls and enhance security in containerized environments, reducing potential vulnerabilities and attack surfaces.

  6. Preemptible pods

    more from this author

    In this article, you will learn how to optimize Kubernetes node utilization using pod priority and preemption, ensuring critical applications receive necessary resources.

Articles worth checking out:

Tired of your JVM being a memory hog?

StormForge

Optimize heap size, reduce OOMs, and increase Kubernetes cluster utilization with StormForge's Java Workload Optimization.

Now in limited availability

Tired of your JVM being a memory hog?

Tutorials

  1. Advanced autoscaling in Kubernetes with KEDA

    StormForge

    KEDA builds on the HPA to provide significantly more flexibility, easy-to-use options for various metrics out of the box, and the important ability to scale applications to zero.

    For this tutorial, you will use a combination of ScaledObjects, standard Kubernetes workloads, and ScalingJobs.

    sponsored

  2. Exploring the gateway API with Istio ASM extension on AKS

    Arnaud Tincelin

    In this article, you'll learn how to deploy and configure the Gateway API on Azure Kubernetes Service with the Istio ASM extension, enabling advanced traffic management capabilities for your cloud-native applications.

  3. Migrating CI/CD from Jenkins to Argo

    Bertrand

    In this 2-part article, you'll learn how to migrate your CI/CD pipelines from Jenkins to Argo Workflows, overcome scalability challenges, and leverage the benefits of dynamic resource provisioning and parallelism.

  4. Karmada: deep dive into managing multiple AKS clusters

    Hamdi KHELIL

    In this article, you'll learn how to master multi-cluster management with Karmada, a tool for deploying and managing applications across multiple Kubernetes clusters and discover the best centralized logging, monitoring, and automation strategies.

  5. Planning a k3s multi-cluster network with L2 and BGP on Unifi UDM

    David Elizondo

    In this article, you'll learn how to build a K3s multi-cluster network using Cilium and BGP on a Unifi UDM.

More tutorials:

Kubernetes jobs

    • Site Reliability Engineer with Movable Ink

    • Salary: $190K to $210K a year

    • Location: remote from the United States

    • Tech stack: Kubernetes, AWS, Go, Shell, Python, Javascript, Ruby, Terraform, Chef, Prometheus

    • DevOps Engineer with hive.co

    • Salary: CA$123.6K to CA$187.9K a year

    • Location: remote from Canada

    • Tech stack: Kubernetes, AWS, Docker, Python, SQL, Javascript, Typescript, Mongo, Redis, MySQL

    • Engineering Manager with Lambda

    • Salary: $167.2K to $246K a year

    • Location: based in the office (and remote from home) in San Francisco, CA, USA

    • Tech stack: Kubernetes, AWS, Bare-metal, Go, Python

    • Technical writer with Second Front Systems

    • Salary: $166K to $177K a year

    • Location: remote from the United States

    • Tech stack: Kubernetes, Gitlab

    • Software Engineer with PointClickCare

    • Salary: $139.5K to $150K a year

    • Location: based in the office (and remote from home) in Mississauga, ON, CA

    • Tech stack: Kubernetes, AWS, Azure, Docker, Java, Jenkins

Discover more Kubernetes jobs on Kube Careers →

Code & tools

  1. Katalyst

    Katalyst is a QoS-based resource management system for workload colocation on kubernetes.

    It defines and implements QoS classes that reflect the QoS requirements of various types of workloads, including microservices, batch jobs, etc.

  2. Trivy-operator: Kubernetes-native security toolkit

    The Trivy Operator leverages Trivy to continuously scan your Kubernetes cluster for security issues.

    The scans are summarised in security reports as Kubernetes Custom Resource Definitions, which become accessible through the Kubernetes API.

  3. AWRBACS: RBAC auditor

    LoBuHi

    AWRBACS is a tool that audits CRUD permissions in Kubernetes' RBAC, allowing users to enumerate and verify the permissions of users and service accounts.

  4. Virtual Kubelet

    Virtual Kubelet is an open-source Kubernetes kubelet implementation that masquerades as a kubelet to connect Kubernetes to other APIs.

  5. kubecsv

    alrokayan

    kubecsv is a tool that deploys a set of apps, including their storage and network, from a single comma-separated values (csv) file using TrueCharts helm repo.

Other interesting projects:

Upcoming Kubernetes events

  1. Jan

    31

    Cloud Technology Townhall Tallinn 2025

    In-person conference organized by Cloud Technology Townhall Tallinn.

    • Location: Tallinn, EE

    • This event requires an entrance fee

      • Use Kube to get 20% discount off

  2. Feb

    5

    CfgMgmtCamp 2025

    In-person conference organized by CfgMgmtCamp.

    • Location: Ghent, BE

    • This event requires an entrance fee

  3. Feb

    2

    FOSDEM

    In-person conference organized by FOSDEM.

    • Location: Brussels, BE

    • This event requires an entrance fee

  4. Jan

    30

    Enforcing workload isolation in multi-tenant EKS cluster

    Online workshop organized by Tigera.

    • This is a virtual event

    • This is a free event.

  5. Jan

    29

    Defeat complexity with use-case-optimized Kubernetes platforms

    Online webinar organized by Mirantis.

    • This is a virtual event

    • This is a free event.

Discover more Kubernetes events on Kube Events →

Kubernetes Call for Papers

  1. expired

    Cloud Native Days Romania

    The Call For Paper was open until 31 January 2025 at UTC. More info →

    • Location: Bucharest, RO

    • In-person conference organized by Cloud Native Romania.

    • The conference starts on the 6 May 2025.

    • Apply here

  2. expired

    KubeCon + CloudNativeCon Japan 2025

    The Call For Paper was open until 2 February 2025 at UTC. More info →

    • Location: Tokyo, JP

    • In-person conference organized by Linux Foundation.

    • The conference starts on the 17 June 2025.

    • Apply here

  3. expired

    KubeCon + CloudNativeCon China 2025

    The Call For Paper was open until 2 February 2025 at UTC. More info →

    • Location: Hong Kong, HK

    • In-person conference organized by Linux Foundation.

    • The conference starts on the 11 June 2025.

    • Apply here

  4. expired

    Kubernetes Community Days Costa Rica 2025

    The Call For Paper was open until 10 February 2025 at UTC. More info →

    • Location: Heredia, CR

    • In-person conference organized by KCD Costa Rica.

    • The conference starts on the 3 May 2025.

    • Apply here

  5. expired

    Kubernetes Community Days Texas Austin 2025

    The Call For Paper was open until 13 February 2025 at UTC. More info →

    • Location: Austin, TX, USA

    • In-person conference organized by KCD Texas.

    • The conference starts on the 15 May 2025.

    • Apply here

  6. 37

    days

    ContainerDays

    The Call For Paper is open until 31 March 2025 at UTC. More info →

    • Location: Hamburg, DE

    • In-person conference organized by Looevent.

    • The conference starts on the 9 September 2025.

    • Apply here

  7. expired

    Kubernetes Community Days Helsinki 2025

    The Call For Paper was open until 8 February 2025 at UTC. More info →

    • Location: Helsinki, FI

    • In-person conference organized by KCD Helsinki.

    • The conference starts on the 6 May 2025.

    • Apply here

  8. expired

    Kubernetes Community Days Beijing 2025

    The Call For Paper was open until 5 February 2025 at UTC. More info →

    • Location: Beijing, CN

    • In-person conference organized by KCD Beijing.

    • The conference starts on the 15 March 2025.

    • Apply here

  9. 21

    days

    Kubernetes Community Days Czech & Slovak 2025

    The Call For Paper is open until 15 March 2025 at UTC. More info →

    • Location: Prague, CZ

    • In-person conference organized by KCD Czech & Slovak.

    • The conference starts on the 5 June 2025.

    • Apply here

Until next time!

— Dan

Subscribe and, every Wednesday, receive the latest Kubernetes news!

Or follow us on: