Learn Kubernetes Weekly issue 27
Provisioning clusters on AWS with Terraform, container design patterns, Taking over "Google Cloud shell"
17 May 2023
Articles
Taking over "Google Cloud shell" by utilizing capabilities and kubelet
Chen Shiri
A researcher gained root access to the host and was able to execute commands on other pods in GCP.
Mitigations include blocking network connections, removing unnecessary capabilities, and using a different IP address for the node.
4 container design patterns for Kubernetes
Daniele Polencic
In this article you will discuss four container design patterns for Kubernetes:
- Ambassador
- Adapter
- Sidecar
- Init
Why and how I use Kubernetes for my personal stuff (and love it)
David Mohl
In this write-up, you will learn why David uses Kubernetes for personal use:
- Infra as code.
- Easy to add storage.
- Easy scaling.
David also explains how to use Tailscale to expose private services and nginx + a LoadBalancer for public ones.
Upgrading Kubernetes: a practical guide
Mathew Duggan
This article will help you answer the following question: "I've inherited a cluster; how do I safely upgrade it?"
Contextual logging in Kubernetes
Shivanshu Raj Shrivastava
The Structured Logging Working Group has added new capabilities to the logging infrastructure in Kubernetes.
This post explains how developers can use those to make log output more useful.
Why we developed own Kubernetes controller to copy secrets
Igor Latkin
In this article, you will learn the thought process, design decision and code that led to writing a custom controller to copy secrets from Hashicorp Vault to Kubernetes.
Articles worth checking out:
⎈ Become an expert in Kubernetes: Advanced Kubernetes course
Learnk8s
Join Learnk8s' 4-day Advanced Kubernetes workshop this September (online or in London, UK).
Get your hands dirty with Kubernetes and learn what makes Kubernetes tick in a session packed with hands-on labs!
Tutorials
Automatically investigate Prometheus alerts
Rovusta.dev
In this tutorial, you will learn to define Prometheus alerts for crashing pods, with Pod logs attached to the Slack notification.
sponsored
Provisioning Kubernetes clusters on AWS with Terraform and EKS
Kristijan Mitevski
In this guide, you'll learn how to create clusters on AWS EKS with eksctl and Terraform.
By the end of the tutorial, you will automate creating three clusters (dev, staging, prod) complete with the ALB Ingress Controller in a single click.
How to save a fortune with self hosted GitHub runners (and Kubernetes)
Buster Styren
GitHub Actions can be run using self-hosted runners, which can save costs and provide more flexibility.
In this article, you will learn how to install the Actions Runner Controller into an existing Kubernetes cluster to run customized runners.
Milica Sucevic, Ana Quirosa
In this tutorial, you will learn how to use the Kubernetes Python SDK to create a simple Chaos Monkey script to intentionally cause system failures to test resilience.
Pramod Shehan
Learn how traffic shifting makes it possible to gradually migrate traffic from one version to another in this Istio tutorial.
More tutorials:
Kubernetes jobs
DevOps Engineer with Gemba Advantage
Salary: £40K to £90K a year
Location: based in the office (and remote from home) in Remote-Hybrid (London)
Tech stack: Kubernetes, AWS, Docker, Java, Python, Go, Terraform, Cloudformation, CDK, Prometheus
Site Reliability Engineer with Amwell
Salary: $147.2K to $202.4K a year
Location: remote from the United States
Tech stack: Kubernetes, AWS, Docker, Python, Java, Shell, Terraform, CDK
Discover more Kubernetes jobs on Kube Careers →
Code & tools
eks-node-viewer is a tool for visualizing dynamic node usage within a cluster.
It displays the scheduled pod resource requests vs the allocatable capacity on the node. It does not look at the actual pod resource usage.
kubernetes-sigs/aws-load-balancer-controller
AWS Load Balancer Controller is a controller to help manage Elastic Load Balancers for a Kubernetes cluster.
It satisfies:
- Ingress resources by provisioning Application Load Balancers.
- Service resources by provisioning Network Load Balancers.
Otterize network mapper creates a map of in-cluster traffic by capturing DNS traffic and inspecting active connections.
kubectl-example is a kubectl plugin to dump example helper resource templates.
Sieve is a tool to help developers test their Kubernetes controllers by deterministically injecting faults and detecting dormant bugs at development time.
Other interesting projects:
Kubernetes workshops for your team: from zero to expert
Learnk8s
Learn and master Kubernetes networking, architecture, authentication, scaling, storage (and more) with Learnk8s' private training workshops.
Upcoming Kubernetes events
May
17
In-person conference organized by KubeHuddle.
Location: Toronto, CA
This event requires an entrance fee
May
17
Designing secure cloud-services for academic research with Kubernetes
In-person meetup organized by Women in Privacy & Security Vienna.
Location: Wien, AT
This is a free event.
May
19
Kubernetes Community Days Czech & Slovak 2023
In-person conference organized by KCD Czech & Slovak 2023.
Location: Bratislava, SK
This event requires an entrance fee
May
24
Containers, Kubernetes and security
Online & in-person meetup organized by Kubernetes Helsinki.
Location: Helsinki, FI and virtual
This is a free event.
May
24
In-person meetup organized by Containers on AWS Meetup Group.
Location: Zürich, CH
This is a free event.
Jun
15
Online workshop organized by Learnk8s.
This is a virtual event
This event requires an entrance fee
Jun
17
Kubernetes Community Days Mumbai
Online & in-person conference organized by KCD Mumbai.
Location: Mumbai, IN and virtual
This event requires an entrance fee
Sept
11
Online & in-person conference organized by Loovent.
Location: Hamburg, DE and virtual
This event requires an entrance fee
Discover more Kubernetes events on Kube Events →
Kubernetes Call for Papers
expired
The Call For Paper was open until 31 May 2023 at UTC. More info →
Location: New York, NY, USA
In-person conference organized by QCon.
The conference starts on the 13 June 2023.
- Apply here
expired
The Call For Paper was open until 6 June 2023 at UTC. More info →
This is a virtual event
Online conference organized by WeAreDevelopers.
The conference starts on the 7 June 2023.
- Apply here
expired
The Call For Paper was open until 18 June 2023 at UTC. More info →
Location: Shangai, CN
In-person conference organized by Linux Foundation.
The conference starts on the 25 October 2023.
- Apply here
expired
The Call For Paper was open until 19 June 2023 at UTC. More info →
Location: Chicago, IL, USA and virtual
Online & in-person conference organized by Linux Foundation.
The conference starts on the 6 November 2023.
- Apply here
expired
Kubernetes Community Days Washington DC
The Call For Paper was open until 1 July 2023 at UTC. More info →
Location: Washington, DC, USA
In-person conference organized by KCD Washington DC.
The conference starts on the 12 September 2023.
- Apply here
expired
Edgecase 2023: Kubernetes at the edge
The Call For Paper was open until 1 July 2023 at UTC. More info →
Location: Utrecht, NL
In-person meetup organized by Fullstaq.
The meetup starts on the 20 September 2023.
- Apply here
expired
Kubernetes Community Days UK 2023
The Call For Paper was open until 2 July 2023 at UTC. More info →
Location: London, UK
In-person conference organized by KCD UK.
The conference starts on the 17 October 2023.
- Apply here
expired
Wearedevelopers World Congress
The Call For Paper was open until 19 July 2023 at UTC. More info →
Location:
In-person conference organized by WeAreDevelopers.
The conference starts on the 27 July 2023.
- Apply here
expired
The Call For Paper was open until 1 August 2023 at UTC. More info →
This is a virtual event
Online conference organized by Conf42.
The conference starts on the 7 September 2023.
- Apply here
Until next time!
— Dan
Subscribe and, every Wednesday, receive the latest Kubernetes news!