Learn Kubernetes Weekly issue 117

A cert-manager webhook for DuckDNS, SaaS with Kubernetes operators, Next-generation cloud control plane, Cilium cheat sheet

5 Feb 2025

This newsletter is brought to you by Loft Labs to announce the launch of Multitenancy March

We are partnering up with Loft Labs (the creator of vCluster) for Multitenancy March — an event dedicated to celebrating multi-tenancy in Kubernetes!

We have been working on it for a while, and this is what you can expect:

• Deep dives into Kubernetes and multi-tenancy.
• Hands-on workshops with real experts (Saiyam!)
• My thoughts on multi-tenancy :)

The event is completely free, and you can sign up here.

Articles

1. Building my first Go project: a cert-manager webhook for DuckDNS

   csp33

   In this article, you'll learn how to build a custom cert-manager webhook for DuckDNS to automate certificate issuance for Kubernetes clusters without public HTTP access, using the DNS-01 challenge to validate domain ownership.

2. From dumpster fire to sparkling clean: SaaS with Kubernetes operators and garbage collection

   Alexander Held

   In this article, you will learn how Mercedes-Benz used an operator-native architecture to reduce the complexity in its code base, help it write clean code, and make it easier to support its platform 24/7.

3. The journey to creating our next-generation cloud control plane

   Engineers at Macquarie

   In this article, you'll learn about Macquarie's next-generation cloud control plane, built using Kubernetes, ArgoCD, and Crossplane, and how it improves business agility by expediting cloud service enablement and deployments.

4. [PDF] Cilium cheat sheet

   This cheat sheet for Cilium condenses many of the most useful and used commands for setup and troubleshooting.

5. Understand scheduling in Kubernetes

   Josip Matijašević

   In this article, you'll learn about the Kubernetes scheduling process: the scheduling queue, filtering, scoring, and binding, as well as ways to manipulate the scheduling process for efficient pod assignment to worker nodes.

6. Overview of kubernetes CNI network models: VETH & bridge / overlay / BGP

   Rifewang

   In this article, you'll learn about Kubernetes networking models, including CNI with VETH, Bridge, Overlay, and BGP, and how they enable communication between pods and nodes in a Kubernetes cluster.

Articles worth checking out:

• Streamlining helm values files with yaml anchors

• Troubleshooting Kubernetes persistent volume binding issues

• Envoy sidecar proxy: efficient metrics without modifying the application

• Declarative API and kubernetes programming paradigm

• Advanced Helm tips and tricks: uncommon commands and flags for better Kubernetes management

• Commands Kubernetes should adopt from Red Hat OpenShift

• I never understood SecurityContext setting in Kubernetes, but now I got it

• Communications between pods and ClusterIP services in Kubernetes

Welcome to Kubernetes Multitenancy March

Learnk8s + Loft Labs

In this 6-part educational program, you will learn:

1. Different approaches to multi-tenancy
2. Standardization across numerous dev env
3. Optimize security, performance, and manageability

Register here

Tutorials

1. How to simulate a multi-nodes Kubernetes cluster using Kubemark

   Hung-Wei Chiu

   In this article, you'll learn how to simulate a multi-node Kubernetes cluster using Kubemark and understand its applications and limitations in testing scalability and performance.

2. Bootstrap solution to cache heavy container images using DaemonSets & Karpenter in EKS cluster

   Shubham Jain

   In this article, you'll learn how to implement a bootstrap solution to cache heavy container images in an EKS cluster using Daemonsets and Karpenter, reducing pod startup time and improving overall cluster efficiency.

3. Multi-cluster Kubernetes lab setup with Cilium cluster mesh

   David Elizondo

   In this tutorial, you'll learn how to set up a multi-cluster Kubernetes lab with Cilium Cluster Mesh, utilizing K3s, Ansible, and FluxCD for a fully connected and automated environment, perfect for testing and deploying cloud-native applications.

4. Zero downtime deployments in Kubernetes with Linkerd

   Ivan (이반) Porta

   In this article, you'll learn about zero downtime deployments such as canary deployments, blue-green deployments, and A/B testing using the Kubernetes Gateway API and Linkerd.

5. DIY: discover KEDA

   Marc Guerrini

   Discover how to implement Keda in a Kubernetes environment, using triggers such as cron and PostgreSQL, to reduce operational costs and improve resource utilization.

More tutorials:

• Securing local kubernetes apps: a practical guide with cert-manager, ExternalDNS, and Cloudflare

Kubernetes jobs

1. • Software Engineer with Capital One

   • Salary: $204.9K to $257.2K a year

   • Location: based in the office in Richmond / McLean, VA, USA

   • Tech stack: Kubernetes, AWS, Azure, GCP, Docker, Go, Python, SQL, Javascript, Java

2. • Software Engineer with Broadcom

   • Salary: $115.8K to $117K a year

   • Location: based in the office in Alton, IR, USA

   • Tech stack: Kubernetes, Azure, Data center, Docker, Shell, Python, Javascript, Java, C++, C

3. • Platform Engineer with REWE International Dienstleistungsgesellschaft

   • Salary: €60K a year

   • Location: based in the office in Wien, AT

   • Tech stack: Kubernetes, GCP, Go, Java, Openstack, Terraform, Ansible, Grafana, Prometheus, Fluentd

4. • Software Engineer with F5, Inc.

   • Salary: $140.91K to $211.36K a year

   • Location: based in the office (and remote from home) in San Jose, CA, USA

   • Tech stack: Kubernetes, Go, Python, Javascript, Typescript

5. • Software Engineer with Capital One

   • Salary: $144.2K to $197.4K a year

   • Location: based in the office in McLean / Richmond, VA / New York, NY, USA

   • Tech stack: Kubernetes, AWS, Azure, GCP, Docker, Go, Python, SQL, Javascript, Java

Discover more Kubernetes jobs on Kube Careers →

Code & tools

1. egressd: network monitor

   castai

   egressd is a tool that provides Kubernetes-aware network traffic monitoring.

2. Goldilocks: requests and limits

   Goldilocks is a utility that can help you identify a starting point for resource requests and limits in Kubernetes.

3. Skaffold: easy and repeatable Kubernetes development

   Skaffold is a command line tool that facilitates continuous development for Kubernetes applications.

   You can iterate on your application source code locally and then deploy it to local or remote Kubernetes clusters.

4. Kubetools: curated Kubernetes tools

   collabnix

   Kubetools is a curated list of popular Kubernetes tools.

5. Kubeapps

   vmware-tanzu

   Kubeapps is an in-cluster web-based application that enables users with a one-time installation to deploy, manage, and upgrade applications on a Kubernetes cluster.

Other interesting projects:

• etcd await election

• KubeVirt

• Docker-apparmor-profiles

• Kubernetes apparmor profiles

Upcoming Kubernetes events

1. Feb

   5

   Scaling smarter, not harder with KEDA and Karpenter

   Online meetup organized by The Platformers Community San Francisco.

   • This is a virtual event

   • This is a free event.

2. Feb

   10

   Navigate North America 2025

   In-person conference organized by Civo.

   • Location: San Francisco, CA, USA

   • This event requires an entrance fee

   • • Use CIVONAVK8S25 to get 25% off

3. Feb

   11

   Kubernetes problem detection workshop

   In-person workshop organized by Prequel.

   • Location: San Francisco, CA, USA

   • This event requires an entrance fee

4. Feb

   11

   Mastering Kubernetes cluster API: from setup to scaling

   Online webinar organized by Mirantis.

   • This is a virtual event

   • This is a free event.

5. Feb

   12

   Using kubebuilder to build a validating and mutating admission webhook for Kubernetes

   Online & in-person meetup organized by GDG Berlin Golang.

   • Location: Berlin, DE and virtual

   • This is a free event.

6. Feb

   24

   Advanced Kubernetes course (Singapore)

   In-person workshop organized by Learnk8s.

   • Location: Singapore, SG

   • This event requires an entrance fee

Discover more Kubernetes events on Kube Events →

Kubernetes Call for Papers

1. expired

   Kubernetes Community Days Costa Rica 2025

   The Call For Paper was open until 10 February 2025 at UTC. More info →

   • Location: Heredia, CR

   • In-person conference organized by KCD Costa Rica.

   • The conference starts on the 3 May 2025.

   • Apply here

2. expired

   Kubernetes Community Days Texas Austin 2025

   The Call For Paper was open until 13 February 2025 at UTC. More info →

   • Location: Austin, TX, USA

   • In-person conference organized by KCD Texas.

   • The conference starts on the 15 May 2025.

   • Apply here

3. 37

   days

   ContainerDays

   The Call For Paper is open until 31 March 2025 at UTC. More info →

   • Location: Hamburg, DE

   • In-person conference organized by Looevent.

   • The conference starts on the 9 September 2025.

   • Apply here

4. expired

   Kubernetes Community Days Helsinki 2025

   The Call For Paper was open until 8 February 2025 at UTC. More info →

   • Location: Helsinki, FI

   • In-person conference organized by KCD Helsinki.

   • The conference starts on the 6 May 2025.

   • Apply here

5. expired

   Kubernetes Community Days Beijing 2025

   The Call For Paper was open until 5 February 2025 at UTC. More info →

   • Location: Beijing, CN

   • In-person conference organized by KCD Beijing.

   • The conference starts on the 15 March 2025.

   • Apply here

6. 21

   days

   Kubernetes Community Days Czech & Slovak 2025

   The Call For Paper is open until 15 March 2025 at UTC. More info →

   • Location: Prague, CZ

   • In-person conference organized by KCD Czech & Slovak.

   • The conference starts on the 5 June 2025.

   • Apply here

7. expired

   Kubernetes Community Days Budapest 2025

   The Call For Paper was open until 9 February 2025 at UTC. More info →

   • Location: Budapest, HU

   • In-person conference organized by KCD Budapest.

   • The conference starts on the 24 April 2025.

   • Apply here

8. expired

   Kubernetes Community Days Istanbul 2025

   The Call For Paper was open until 15 February 2025 at UTC. More info →

   • Location: İstanbul, TR

   • In-person conference organized by KCD Istanbul.

   • The conference starts on the 23 May 2025.

   • Apply here

9. 7

   days

   Kubernetes Community Days New York 2025

   The Call For Paper is open until 1 March 2025 at UTC. More info →

   • Location: New York, NY, USA

   • In-person conference organized by KCD New York.

   • The conference starts on the 4 June 2025.

   • Apply here

Until next time!

— Dan

Subscribe and, every Wednesday, receive the latest Kubernetes news!