Learn Kubernetes weekly — issue 3

30 Nov 2022

TL;DR: level up your Kubernetes HA game, inspecting Kubernetes networking, pod readiness gates, AWS Secret manager, yq & a free ebook.

You might also want to check out the Cyber Monday offers from the Linux Foundation with discounts of up to 65% on CKA/CKAD/CKS exams.

Articles

1. Improving application availability with pod readiness gates

   Martin Heinz

   Ensuring your app is available and ready to serve traffic is easy with Pod liveness and readiness probes.

   However, not all apps are built to leverage those.

   Readiness gates allow us to create custom status condition types to solve this challenge.

2. Inspecting and understanding the Kubernetes service network

   Harinderjit Singh

   This guide covers how Services are implemented in Kubernetes and how endpoints are propagated to kube-proxy and CoreDNS.

3. High availability considerations

   This document contains a collection of community-provided considerations for setting up High Availability Kubernetes clusters.

4. Performance evaluation of the autoscaling strategies vertical and horizontal using Kubernetes

   Kewyn Akshlley

   Scalable applications may adopt horizontal or vertical autoscaling to dynamically provision resources in the cloud.

   To help to choose the best strategy, this article compares the performance of horizontal and vertical autoscaling in Kubernetes.

5. [PDF] From Containers to Kubernetes with Node.js

   Kathleen Juell

   This (free) book is designed as an introduction to containers and Kubernetes by way of Node.js.

6. Migrating our cron jobs to Kubernetes

   Liam Wharton

   In this case study, you will learn how the Engineering team at Kudos migrated all of their scheduled tasks to Kubernetes CronJobs.

Articles worth checking out:

• Apache Spark on Kubernetes-lessons learned from launching millions of Spark executors

• The how of IAM roles for service accounts on AWS EKS

• Configure RBAC in Kubernetes like a boss

• Kubernetes services explained: Cluster IP, NodePort, LoadBalancer, Ingress, Ingress controllers

• Exploring Cilium layer 7 capabilities compared to Istio

• FaaS on Kubernetes: from AWS Lambda & API Gateway to Knative & Kong API Gateway

• Logging with Logstash and Fluentd in a sidecar container

Tutorials

1. Parsing Kubernetes YAML with yq

   Stefanie Lai

   yq is a convenient tool for creating, updating and mangling Kubernetes YAML files.

   In this tutorial, you will learn how to use it as well as some practical tips and tricks.

2. Fetching AWS Secrets Manager secrets on Pod launch (securely)

   Kyler Middleton

   In this tutorial, you'll learn how to inject secrets in your Pods directly from AWS Secret Manager using the AWS Secrets Manager CSI Driver.

3. AWS EKS: the ultimate guide to deploy an ingress controller on Kubernetes

   Akintola L. F. Adjibao

   In this article, you'll learn how to set up an Ingress Controller on EKS in 5 steps:

   1. Creating a cluster with EKSctl.
   2. Creating the IAM OIDC provider.
   3. Creating an IAM Policy.
   4. Creating the Role.
   5. Installing the ALB Ingress controller.

4. Detecting Kubernetes API deprecations with Pluto

   Friedrich Kurz

   In this article, you will learn how to detect Kubernetes API deprecations with Pluto — a utility to help users find deprecated Kubernetes API versions in their code repositories and their helm releases.

Kubernetes jobs

1. • DevOps Engineer with RXMG

   • Salary: $140K to $170K a year

   • Location: remote from the United States

   • Tech stack: Kubernetes, GCP, AWS, Docker, SQL, PHP, Python, Terraform, Gitlab, Datadog

2. • Platform Engineer with ArborXR

   • Salary: $114K to $145K a year

   • Location: remote from the United States

   • Tech stack: Kubernetes, GCP, Docker, PHP, GraphQL, Pulumi, Gitlab

Discover more Kubernetes jobs on Kube Careers →

Code & tools

1. flyteorg/flyte

   Flyte is a workflow automation platform for complex, mission-critical data, and ML processes at scale built on Kubernetes.

2. jordanwilson230/kubectl-plugins

   This repo contains two kubectl plugins:

   1. kubectl exec-as — Like kubectl exec, but offers a --user flag to exec as root (or any other user).
   2. kubectl prompt — Displays a warning prompt when issuing commands in a flagged cluster or namespace.

3. weaveworks-liquidmetal/flintlock

   Flintlock is a service for creating and managing the lifecycle of microVMs on a host machine.

   The primary use case is to create microVMs on a bare-metal host where the microVMs will be used as nodes in a virtualized Kubernetes cluster.

4. jovianx/helm-release-plugin

   helm-release-plugin is a Helm plugin that pulls (re-creates) Helm Charts from deployed releases and updates values of deployed releases without the chart.

5. zawachte/cluster-api-k3s

   Cluster API bootstrap provider k3s (CABP3) is a component of Cluster API that is responsible for generating a cloud-init script to turn a Machine into a Kubernetes node.

   This implementation brings up k3s clusters instead of full kubernetes clusters.

Other interesting projects:

• grzesuav/kubectl-mtail

• hidetatz/kubecolor

• todaywasawesome/oss-apps

• purelb/purelb

• Breaking changes in MetalLB 0.13.x

• redhat-cop/gitops-catalog

• stakater/forecastle

Upcoming Kubernetes events

1. Dec

   1

   Encrypted and immutable operating systems for Kubernetes

   In-person meetup organized by Kubernetes Nürnberg.

   • Location: Nürnberg, DE

   • This is a free event.

2. Dec

   4

   Helm 101

   Online meetup organized by Cloud Native Chennai.

   • This is a virtual event

   • This is a free event.

3. Dec

   6

   Advanced Kubernetes course

   In-person workshop organized by Learnk8s.

   • Location: Munich, DE

   • This event requires an entrance fee

4. Dec

   6

   WebAssembly and Kubernetes!

   Online meetup organized by Cloud Native Canada.

   • This is a virtual event

   • This is a free event.

Discover more Kubernetes events on Kube Events →

If you are into certifications, you should check out this thread on free Kubernetes certifications.

Until next time!

— Dan

Subscribe and, every Wednesday, receive the latest Kubernetes news!