Learn Kubernetes weekly — issue 24

26 Apr 2023

Articles

1. etcd: getting 30% more write/s

   Sam Lockart

   In this article, the team at Zendesk analyzed the performance of their self-managed etcd clusters and found that upgrading to GP3 volumes increased write performance by 30%.

2. Learn why you can't ping a Kubernetes service

   Daniele Polencic

   Have you ever tried to ping a Service IP address in Kubernetes?

   You might have noticed that it doesn't work.

   In this article, you will learn how ClusterIP services and kube-proxy work in Kubernetes.

3. Where is my SIGTERM, Docker?

   Lucas Pinheiro

   In this article, you will learn how to correctly set up your containers to forward the SIGTERM signal to the main process.

   This is crucial for gracefully shutting down apps in Kubernetes.

4. Protecting Kubernetes apps from SQL injection & XSS attacks

   Ali Naqvi

   In this tutorial, you will deploy a vulnerable app to SQL and XSS injections in Kubernetes and learn how to protect it using Pipy and sidecar containers.

5. Most useful kubectl plugins

   Shardul Srivastava

   In this article, you will have a look at the following kubectl plugins:

   1. neat.
   2. view-secret.
   3. access-matrix.
   4. blame.
   5. df-pv.
   6. gke-outdated.

6. Protect your mission-critical pods from eviction with PriorityClass

   Sunny Bhambhani

   Pod priority and preemption help ensure that mission-critical pods are up in the event of a resource crunch by deciding the order of scheduling and eviction.

   Learn more in this article.

Articles worth checking out:

• Devpod: improving developer productivity at Uber with remote development

• kubernetes-sigs/node-feature-discovery

• Automatic reliability testing for cluster management controllers

• SSO authentication for applications in Kubernetes

• Manage multiple Kubernetes clusters with ArgoCD

• Rock-solid k3s on OCI

• Preventing DoS attacks in Kubernetes using Falco and Calico

• Sealed Secrets on Kubernetes with ArgoCD and Terraform

• Horizontal scaling on Kubernetes clusters based on AWS CloudWatch metrics with keda

• Cross-project, cross-VPC communication with GKE multi-cluster services

• How to build your OCI images using Buildpacks

• Kubernetes services: your way to connect with your application

• Native Java with GraalVM and Virtual Threads on Kubernetes

Tutorials

1. Deploying Prometheus and Grafana in a multi-node Kubernetes cluster and auto-scaling with KEDA

   Ritik Agrawal

   In this tutorial, you'll learn how to deploy Prometheus and Grafana on Kubernetes.

   Then you'll deploy an application that can publish custom metrics to Prometheus.

   And finally, you'll use KEDA to auto-scale based on these metrics.

2. Creating a Kubernetes cluster on Hetzner Cloud with Hetzner CCM, Rancher, Traefik and Cloudflare

   Alper Cicek

   This tutorial will walk you through setting up a Kubernetes cluster on Hetzner Cloud using RKE2.

   You'll create the nodes, install and configure Hetzner's Cloud Controller Manager, and enable native load-balancing features.

3. Terraform Kubernetes integration with minikube

   Eranga Herath

   In this (unusual) tutorial, you will use Terraform to create resources (e.g. deployments, namespaces) in a minikube cluster using HCL.

Kubernetes jobs

1. • DevOps Engineer with Abacus Works

   • Salary: £116.54K to £180.84K a year

   • Location: based in the office (and remote from home) in Remote-Hybrid (London)

   • Tech stack: Kubernetes, GCP, AWS, Typescript

2. • Data Engineer with Nansen

   • Salary: SGD 84K to SGD 180K a year

   • Location: fully remote

   • Tech stack: Kubernetes, Python, SQL

3. • Site Reliability Engineer with DexCare

   • Salary: $140K to $175K a year

   • Location: remote from the United States

   • Tech stack: Kubernetes, Azure, AWS, Gitlab, Jenkins

Discover more Kubernetes jobs on Kube Careers →

Code & tools

1. planetlabs/draino

   Draino automatically drains Kubernetes nodes based on labels and node conditions.

   Nodes that match all of the supplied labels and any of the supplied node conditions will be cordoned immediately and drained after a configurable drain-buffer time.

2. praqma/helmsman

   Helmsman is a Helm Charts as Code tool which allows you to automate the deployment/management of your Helm charts from version-controlled code.

3. googlecontainertools/skaffold

   Skaffold is a command line tool that facilitates continuous development for Kubernetes applications.

   You can iterate on your application source code locally and then deploy to local or remote Kubernetes clusters.

4. alecjacobs5401/kubectl-sick-pods

   Kubectl plugins for diagnosing pods that are "Not Ready" (that have failing Pod Conditions or containers).

   This plugin also supports the standard Pod selection arguments and one or multiple pod names to explicitly diagnose.

5. nabsul/k8s-ecr-login-renew

   k8s-ecr-login-renew renews Docker login credentials for an AWS ECR container registry.

   It deploys as a cron job and ensures that your Kubernetes cluster can always pull Docker images from ECR.

Other interesting projects:

• gluster/gluster-kubernetes

• googlecloudplatform/secrets-store-csi-driver-provider-gcp

Upcoming Kubernetes events

1. Apr

   26

   Getting started with Kubernetes on AWS

   Online workshop organized by Pulumi.

   • This is a virtual event

   • This is a free event.

2. Apr

   26

   Kubernetes blue/green deployments in an event based architecture

   Online & in-person meetup organized by Athens SDET Meetup Group.

   • Location: Elliniko, GR and virtual

   • This is a free event.

3. Apr

   26

   Service mesh is a VPN!!!

   In-person meetup organized by Columbus Cloud Native Meetup.

   • Location: Columbus, US

   • This is a free event.

4. Apr

   27

   Auto-renew certs in AKS with cert-manager

   Online meetup organized by Nashua CLOUD .NET User Group.

   • This is a virtual event

   • This is a free event.

5. May

   3

   Bootiful Kubernetes operators

   In-person meetup organized by Athens Kubernetes Meetup.

   • Location: Athina, GR

   • This is a free event.

6. May

   4

   WTF is SRE?

   In-person conference organized by Container Solutions.

   • Location: London, UK

   • This is a free event.

7. May

   4

   Devoxx Greece

   In-person conference organized by Softconf.

   • Location: Athens, GR

   • This event requires an entrance fee

8. May

   10

   Devoxx UK 2023

   In-person conference organized by Devoxx UK.

   • Location: London, UK

   • This event requires an entrance fee

9. May

   18

   Craft conference

   In-person conference organized by Craft.

   • Location: Budapest, HU

   • This event requires an entrance fee

Discover more Kubernetes events on Kube Events →

Kubernetes Call for Papers

1. expired

   DevTalks

   The Call For Paper was open until 26 April 2023 at UTC. More info →

   • Location: Bucharest, RO

   • In-person conference organized by DevTalks.

   • The conference starts on the 21 June 2023.

   • Apply here

2. expired

   Kubernetes Community Days Munich 2023

   The Call For Paper was open until 30 April 2023 at UTC. More info →

   • Location: Munich, DE

   • In-person conference organized by KCD Munich.

   • The conference starts on the 17 July 2023.

   • Apply here

3. expired

   Open source summit Europe

   The Call For Paper was open until 3 May 2023 at UTC. More info →

   • Location: Bilbao, ES and virtual

   • Online & in-person conference organized by Linux Foundation.

   • The conference starts on the 19 September 2023.

   • Apply here

Until next time!

— Dan

Subscribe and, every Wednesday, receive the latest Kubernetes news!