Learn Kubernetes Weekly issue 28

Scale from 100 to 10, 000 pods, attacking container images, back from disaster in 15 mins

24 May 2023

We recently published the state of the Kubernetes job market for the first quarter of 2023.

If you are looking for your next adventure (or you are hiring engineers), you may find it insightful!

If you don't have the time, here are the big news:

• 64% fewer remote-only jobs.
• GitLab CI passes Jenkins!

You can read the full report here.

Articles

1. Scale from 100 to 10,000 pods on Amazon EKS

   Akshaya Rawat, Nikhil Sharma & Ravishen Jain

   In this case study, you'll learn how to scale an EKS cluster from 100 to more than 10,000 pods.

   Key learnings:

   • Reducing application latency with DNS caching.
   • Preventing IP starvation with the VPC-CNI.
   • PriorityClass to customize pod scheduling.

2. Analysis on Docker Hub malicious images: attacks through public container images

   Stefano Chierici

   Sysdig analysed over 250,000 Linux images on Docker Hub to detect malicious payloads hidden in the container's images.

   Learn what was discovered in this article.

3. Back from disaster in (under) 15 minutes

   Aymeric Baudens

   Now how do you do disaster recovery with 200+ products that are running daily?

   This 3 part article presents the challenges, plans and lessons learned from recovering from a resource failure disaster in (under) 15 minutes on GKE.

4. Kubernetes vulnerabilities 2022: main takeaways

   Ben Hirschberg

   Here is a list of all the main Kubernetes vulnerabilities from 2022.

5. Production ready EKS CoreDNS configuration

   Serkan Capkan

   In this article, you will find a list of configurations that you should consider adopting for a production-grade CoreDNS setup on EKS (but most of it is valid for any cluster).

6. Throttling, QoS, and PriorityClass: finding out what is happening to your pods in Kubernetes

   Vinícius Loureiro

   In this article, you will learn how throttling, Quality of Service (QoS) classes and PriorityClasses could affect the scheduler when deploying a pod.

Articles worth checking out:

• Kubernetes in Azure (6-part series)

• MTU in Cilium ClusterMesh with EKS

• Lightweight Kubernetes operators with WebAssembly

• How to monitor and alert on NGINX ingress in Kubernetes

• Understand how graceful shutdown can achieve zero downtime during Kubernetes rolling update

• Notes from my Swarm to Kubernetes migration

• gRPC + minikube and balancing traffic

• End-to-end testing of Kubernetes resources with the e2e-framework

• IaC & GitOps with EKS blueprints

Predictive troubleshooting for Kubernetes

Sosivio

Sosivio empowers developers to independently optimize resources and resolve critical issues with their applications on Kubernetes.

• Non-restricted view for Developers
• Boost DevOps-Developer collaboration
• Disconnected/air-gapped

Tutorials

1. Rapid Kubernetes Controller Development with Tilt

   Gergely Brautigam

   In this tutorial, you will learn how to use Tilt to speed up the feedback loop of developing a Kubernetes controller.

2. Traffic-based autoscaling for GKE clusters based on Request per Second (RPS) by using Internal Gateway Controller

   Ronny Ardi

   In this tutorial, you will learn how you scale your applications on GKE based on the number of requests.

   You will use the Internal Gateway Controller to produce request-per-second custom metrics for the Horizontal Pod Autoscaler.

3. Kubernetes & Rails: the definitive guide

   Marco Colli

   This guide covers all the common aspects required for running a Rails application on Kubernetes, including:

   • Deployment and CI/CD.
   • Load balancers and domains.
   • Database migrations.
   • Logging and monitoring.
   • Background workers and cron jobs.

4. Kubernetes deployment strategies

   avinashkris9

   This 2-part series focuses on deployment strategies using Kubernetes.

   • Part 1: Rolling-Update and Recreate.
   • Part 2: Canary and Blue/Green.

5. Setup a Kubernetes K3s homelab with Armbian Ubuntu

   Jonathan Regeimbal

   This guide will help you set up a Kubernetes K3s home lab with Armbian UbuntuPine64 as the primary node.

Kubernetes jobs

1. • Platform Engineer with Isometric

   • Salary: £78K to £130K a year

   • Location: based in the office (and remote from home) in Remote-Hybrid (London)

   • Tech stack: Kubernetes, GCP, Python, Typescript

2. • Operations Engineer with Staysure

   • Salary: £65K to £75K a year

   • Location: based in the office (and remote from home) in Remote-Hybrid (Northampton)

   • Tech stack: Kubernetes, AWS

Discover more Kubernetes jobs on Kube Careers →

Code & tools

1. siderolabs/talos

   Talos is a modern Linux distribution for running Kubernetes: secure, immutable, and minimal.

   Talos is fully open-source & production-ready.

   All system management is done via an API - there is no shell or interactive console.

2. Kubernetes Resource Recommender (KRR)

   Robusta.dev

   Kubernetes Resource Recommender is a CLI tool for optimizing resource allocation in Kubernetes clusters.

   It gathers pod usage data from Prometheus and recommends requests and limits for CPU and memory.

   sponsored

3. clastix/kamaji

   Kamaji is a tool aimed to build and operate a Managed Kubernetes Service with a fraction of the operational burden.

   With Kamaji, you can deploy and operate hundreds of Kubernetes clusters as a hyper-scale cloud provider.

4. flant/shell-operator

   Shell-operator provides an integration layer between Kubernetes cluster events and shell scripts by treating scripts as hooks triggered by events.

5. ibcnservices/wasm-operator

   This repository contains the code of a prototype runtime for running Kubernetes operators in WebAssembly.

   The goal is to improve the memory usage of a Kubernetes cluster by reducing the memory footprint of operators.

Other interesting projects:

• flomesh-io/eriecanal

• turbot/steampipe-mod-kubernetes-insights

• groundcover-com/caretta

• eladleev/kubeseal-convert

• datreeio/datree

Kubernetes workshops for your team: from zero to expert

Learnk8s

Learn and master Kubernetes networking, architecture, authentication, scaling, storage (and more) with Learnk8s' private training workshops.

Upcoming Kubernetes events

1. May

   24

   Containers, Kubernetes and security

   Online & in-person meetup organized by Kubernetes Helsinki.

   • Location: Helsinki, FI and virtual

   • This is a free event.

2. May

   24

   Kubernetes on AWS

   In-person meetup organized by Containers on AWS Meetup Group.

   • Location: Zürich, CH

   • This is a free event.

3. May

   25

   Bypassing security controls & the first always encrypted Kubernetes

   In-person meetup organized by Cloud Native Computing Switzerland.

   • Location: Zürich, CH

   • This is a free event.

4. May

   25

   Migrating from Amazon VPC CNI to Cilium in Kubernetes & NetworkPolicies in highly secure environments

   In-person meetup organized by Stockholm Cloud Native Community Group.

   • Location: Stockholm, SE

   • This is a free event.

5. May

   30

   How Kubernetes sig-release manages release cycles & building a green supercomputer

   In-person meetup organized by Cloud Native Copenhagen.

   • Location: København, DK

   • This is a free event.

6. Jun

   7

   Cloud Day

   Online conference organized by WeAreDevelopers.

   • This is a virtual event

   • This is a free event.

7. Jun

   15

   Advanced Kubernetes course

   Online workshop organized by Learnk8s.

   • This is a virtual event

   • This event requires an entrance fee

Discover more Kubernetes events on Kube Events →

Kubernetes Call for Papers

1. expired

   QCon New York

   The Call For Paper was open until 31 May 2023 at UTC. More info →

   • Location: New York, NY, USA

   • In-person conference organized by QCon.

   • The conference starts on the 13 June 2023.

   • Apply here

2. expired

   Cloud Day

   The Call For Paper was open until 6 June 2023 at UTC. More info →

   • This is a virtual event

   • Online conference organized by WeAreDevelopers.

   • The conference starts on the 7 June 2023.

   • Apply here

3. expired

   KubeCon China 2023

   The Call For Paper was open until 18 June 2023 at UTC. More info →

   • Location: Shangai, CN

   • In-person conference organized by Linux Foundation.

   • The conference starts on the 25 October 2023.

   • Apply here

4. expired

   KubeCon North America 2023

   The Call For Paper was open until 19 June 2023 at UTC. More info →

   • Location: Chicago, IL, USA and virtual

   • Online & in-person conference organized by Linux Foundation.

   • The conference starts on the 6 November 2023.

   • Apply here

5. expired

   Kubernetes Community Days Washington DC

   The Call For Paper was open until 1 July 2023 at UTC. More info →

   • Location: Washington, DC, USA

   • In-person conference organized by KCD Washington DC.

   • The conference starts on the 12 September 2023.

   • Apply here

6. expired

   Kubernetes Community Days UK 2023

   The Call For Paper was open until 2 July 2023 at UTC. More info →

   • Location: London, UK

   • In-person conference organized by KCD UK.

   • The conference starts on the 17 October 2023.

   • Apply here

7. expired

   Wearedevelopers World Congress

   The Call For Paper was open until 19 July 2023 at UTC. More info →

   • Location:

   • In-person conference organized by WeAreDevelopers.

   • The conference starts on the 27 July 2023.

   • Apply here

8. expired

   Platform engineering 2023

   The Call For Paper was open until 1 August 2023 at UTC. More info →

   • This is a virtual event

   • Online conference organized by Conf42.

   • The conference starts on the 7 September 2023.

   • Apply here

9. expired

   Devopsdays Cairo

   The Call For Paper was open until 19 August 2023 at UTC. More info →

   • Location: Cairo, EG

   • In-person conference organized by Devopsdays.

   • The conference starts on the 26 September 2023.

   • Apply here

Until next time!

— Dan

Subscribe and, every Wednesday, receive the latest Kubernetes news!