Learn Kubernetes weekly — issue 17

8 Mar 2023

Articles

Kubernetes scalability thresholds
Kubernetes contributors
In this write up you will find a list of scalability thresholds for Kubernetes.
Does Kubernetes really give you multicloud portability?
Seth Dobson, John Roach
In this article, the team at McKinsey deployed the same app in GKE, AKS, and EKS and measured the effort with the intent to test multi-cloud portability.
Spoiler: it did not go well.
Kubernetes traffic discovery
Evyatar Meged
In this article, you'll learn how you can use Kubernetes service discovery to figure out "who's calling whom" within a cluster.
Kubernetes security best practices: network policies
Renate Schosser
In this blog post, you'll cover the following topics:
1. What a NetworkPolicy is, and why do you need it.
2. How NetworkPolicies are structured.
3. Best practices for defining NetworkPolicies.
4. An example of defining NetworkPolicies.
The potential of pod migrations in Kubernetes
Adrian Stobbe
In this article (and related links), you will learn the challenges, progress and future of migrating pods (live, without destroying them) in Kubernetes.
When Kubernetes pods are stuck mounting large volumes
Stefan Franziskus
In this article, you'll discover how the team at Deutsche Telekom solved an issue with mounting volumes in Kubernetes: volume in the test environment took ~7 minutes to mount. On prod, 24 minutes.

Deploying and autoscaling Kubernetes with Knative
NearForm
In this tutorial, you will learn how to:
- Install and use Knative.
- Autoscale your pods with the KPA.
- Shape the traffic in your cluster.
- Collect metrics (Prometheus/OTEL).
A simple end-to-end application (DB, API, UI) in a local Kubernetes cluster
Pasupathy Devaraj
In this tutorial, you will learn how to use Kubernetes by building and deploying a simple application from scratch.
The application is a simple TODO list that stores the nodes in MongoDB.
GKE with Consul service mesh
Joaquín Menchaca (智裕)
This article shows how to set up and get started with Consul Service Mesh on Kubernetes.
Dgraph, a distributed graph database, will be used to demonstrate a real-world application using the service mesh.
Supply Chain Security on EKS using AWS KMS, Kyverno, and Cosign
Imtranur Rahman
In this post, you'll learn how you can implement supply chain security using open-source tools on Amazon EKS with AWS KMS and Cosign with Kyverno.
Policies as code in Kubernetes using jsPolicy
Pavan Kumar
jsPolicy is a policy engine for Kubernetes that allows you to write policies in JavaScript or TypeScript.
Learn how to use it in this tutorial.

- DevOps Engineer with Defense Unicorns
- Salary: $150K to $170K a year
- Location: remote from the United States
- Tech stack: Kubernetes, AWS, GCP, Azure, Helm, Terraform, Pulumi
- DevOps Engineer with WellSaid Labs
- Salary: $170K to $190K a year
- Location: remote from the United States
- Tech stack: Kubernetes, AWS, GCP, Docker, Go, Typescript, Python

komodorio/helm-dashboard
The Helm Dashboard plugin offers a UI-driven way to view the installed Helm charts, and see their revision history and corresponding Kubernetes resources.
Also, you can perform simple actions like roll back to a revision or upgrade to a newer version.
vulhub/vulhub
Vulhub is an open-source collection of pre-built vulnerable docker environments.
No pre-existing knowledge of docker is required, just execute two simple commands, and you have a vulnerable environment.
vidispine/hull
The HULL Helm library chart is designed to ease building, maintaining and configuring Kubernetes objects in Helm charts.
bitnami-labs/sealed-secrets
Sealed Secrets provides declarative Kubernetes Secret Management in a secure way.
Since the Sealed Secrets are encrypted, they can be safely stored in a code repository.
waterkube/waterkube
Waterkube is an underwater archaeology game for Kubernetes.

Until next time!

— Dan

Subscribe and, every Wednesday, receive the latest Kubernetes news!

Or follow us on: