Learn Kubernetes Weekly issue 39

Distributed and auto-scalable web sockets server architecture, Demystifying CPU limits, Pod topology spread constraint pitfalls, timoni

9 Aug 2023

Articles

1. How to implement a distributed and auto-scalable websocket server architecture on Kubernetes

   Erwan de Lépinau

   In this case study, you will learn the challenges, designs and implementation details for a resilient and scalable backend architecture for WebRTC and Websockets on Kubernetes.

2. Demystifying Kubernetes CPU limits (and throttling)

   Will Hegedus

   In this article, you will discuss a clear example of CPU throttling on Kubernetes and how you could monitor and fix it.

3. Avoiding Kubernetes pod topology spread constraint pitfalls

   Matthew Kennedy

   In this article, you'll learn how to configure Pod Topology Spread Constraints correctly and how a naive configuration creates unexpected Pod skew.

   If those are misconfigured, you could lose up to 2/3rds of your Pods.

4. Making sense of Kubernetes cpu requests and limits

   Armen Shakhbazian

   In this article, you'll examine what requests and limits mean, how they translate to OS primitives and how they are enforced.

   You'll also learn some useful metrics to monitor and recommendations on calculating app requests and limits.

5. When is a CPU not a CPU? Benchmark of Kubernetes providers and node efficiency

   Natan Yellin

   In this article (and related), you will learn about node overhead on Kubernetes.

   Then you'll benchmark cloud providers and find the worst offenders.

6. Why I will never use alpine Linux ever again

   Martin Heinz

   This article will discuss some of the trade-offs of using Alpine-based images.

   • Issues with DNS.
   • muslc vs glibc.
   • Compiled packages.
   • Size.

   The article lists a few alternatives: Wolfi, Distroles, and UBI micro.

Articles worth checking out:

• Kubernetes CreateContainerConfigError and CreateContainerError

• Kubernetes 1.27: introducing an API for volume group snapshots

• Exploring Kubernetes service account tokens and secure workload identity federation

• Unlocking the potential: external-secrets and Azure Kubernetes Service integration

• When and how to use Helm and Kustomize together

• Ambassador Edge Stack vs Traefik vs NGINX

• Managing Kubernetes resources with resource quotas

• Centralising traffic management with a single ALB and multiple ingresses using ingress groups

⎈ Become an expert in Kubernetes: Advanced Kubernetes course

Learnk8s

Join Learnk8s' 4-day Advanced Kubernetes workshop this September (online or in London, UK).

Get your hands dirty with Kubernetes and learn what makes Kubernetes tick in a session packed with hands-on labs!

Tutorials

1. Step-by-step: adding shared storage to a Kubernetes cluster

   Gary Morse

   In this tutorial, you'll learn how to expand the capabilities of a Kubernetes cluster by adding shared storage.

   You'll follow the upgrade process of a cluster connected to a Synology NAS as an NFS server.

2. Istio service mesh with ALB in EKS

   Neel Thomas

   In this tutorial, you'll learn how to create an External and Internal Application Load Balancer with Istio Gateway.

   You'll also learn how to expose multiple services using a single ALB ingress attached to wildcard SSL from ACM.

3. Capturing container packets from EKS worker nodes using tcpdump

   Kieran Yio

   There are times when you have to troubleshoot a network issue and need to inspect the traffic at the packet level.

   This tutorial demonstrates capturing container packets from the EKS worker nodes.

4. Kube-green: an operator to reduce CO2 footprint of your Kubernetes clusters

   Purushotham Reddy

   In this tutorial, you will learn how kube-green can lower your cloud bill by suspending Deployments or CronJobs.

5. Vault with secrets store CSI driver on Kubernetes

   Piotr Minkowski

   This tutorial will teach you how to use the Secrets Store CSI Driver to integrate your app with HashiCorp Vault on Kubernetes.

More tutorials:

• Creating an exclusive Helm repository using GitHub pages

Kubernetes jobs

1. • Software Engineer with Runway Financial

   • Salary: $170K to $200K a year

   • Location: fully remote

   • Tech stack: Kubernetes, GCP, Javascript, Typescript

2. • DevSecOps Engineer with Onebrief

   • Salary: €140K to €200K a year

   • Location: based in the office in Stuttgart, DE

   • Tech stack: Kubernetes, AWS, On-premise, Helm, Docker, Terraform, Ansible

3. • DevOps Engineer with Sigma Defense Systems

   • Salary: $100K to $135K a year

   • Location: remote from the United States

   • Tech stack: Kubernetes, AWS, Azure, Kustomize, Helm, Terraform

Discover more Kubernetes jobs on Kube Careers →

Code & tools

1. stefanprodan/timoni

   Timoni is a package manager for Kubernetes, powered by CUE and inspired by Helm.

   Instead of using Go templates with YAML like Helm, or layering YAML like Kustomize, Timoni relies on Cuelang's type safety, code generation and data validation features.

2. Kubernetes observability (with Prometheus)

   Robusta

   With Robusta you can see what's really happening in your cluster:

   • Uncover reliability and cost issues
   • Ready-to-use dashboards and alerts
   • Zoom into Kubernetes resources

   You can leverage your existing Prometheus data.

   sponsored

3. cilium/tetragon

   Tetragon enables powerful real-time, eBPF-based security observability and runtime enforcement.

   It is Kubernetes-aware and understands identities so that security event detection can be configured in relation to individual workloads.

4. gofireflyio/aiac

   aiac is a command line tool to generate IaC (Infrastructure as Code) templates, configurations, utilities, queries and more via OpenAI's API.

5. janheindejong/nautikos

   Nautikos is a lightweight CI/CD tool for updating image tags in Kubernetes manifests.

Other interesting projects:

• kluctl/kluctl

• flux-subsystem-argo/flamingo

• 7wingfly/autok8s

• geerlingguy/ansible-role-kubernetes

• kubevious/workload-operator

• lerentis/bitwarden-CRD-operator

Upcoming Kubernetes events

1. Aug

   9

   An armful of clusters: run Kubernetes workloads more efficiently and sustainably

   Online webinar organized by ARM.

   • This is a virtual event

   • This is a free event.

2. Aug

   9

   Building high throughput event-driven multi-tenant platforms in the cloud

   Online meetup organized by Kansas City Microsoft Azure Meetup.

   • This is a virtual event

   • This is a free event.

3. Aug

   10

   Kubernetes priority and fairness

   Online webinar organized by Containers from the couch.

   • This is a virtual event

   • This is a free event.

4. Aug

   15

   A step towards an IDP with GitOps, EKS, and Karpenter using aws-eks-blueprints

   Online meetup organized by AWS User Group Beirut.

   • This is a virtual event

   • This is a free event.

5. Aug

   15

   DeveloperWeek Cloud

   In-person conference organized by DevNetwork.

   • Location: San Francisco, CA, USA

   • This event requires an entrance fee

6. Sept

   25

   Advanced Kubernetes course (London)

   In-person workshop organized by Learnk8s.

   • Location: London, UK

   • This event requires an entrance fee

7. Oct

   30

   Advanced Kubernetes course (Amsterdam)

   In-person workshop organized by Learnk8s.

   • Location: Amsterdam, NL

   • This event requires an entrance fee

Discover more Kubernetes events on Kube Events →

Kubernetes Call for Papers

1. expired

   All day DevOps

   The Call For Paper was open until 18 August 2023 at UTC. More info →

   • This is a virtual event

   • Online conference organized by Sonatype.

   • The conference starts on the 26 October 2023.

   • Apply here

2. expired

   Devopsdays Cairo

   The Call For Paper was open until 19 August 2023 at UTC. More info →

   • Location: Cairo, EG

   • In-person conference organized by Devopsdays.

   • The conference starts on the 26 September 2023.

   • Apply here

3. expired

   Kube Native 2023

   The Call For Paper was open until 28 August 2023 at UTC. More info →

   • This is a virtual event

   • Online conference organized by Conf42.

   • The conference starts on the 28 September 2023.

   • Apply here

4. expired

   Kubernetes Community Days Sri Lanka 2023

   The Call For Paper was open until 28 August 2023 at UTC. More info →

   • Location: Colombo, LK

   • In-person conference organized by KCD Sri Lanka.

   • The conference starts on the 9 September 2023.

   • Apply here

5. expired

   Kubernetes Community Days Texas

   The Call For Paper was open until 30 August 2023 at UTC. More info →

   • Location: Irving, Texas, USA

   • In-person conference organized by KCD Texas.

   • The conference starts on the 6 October 2023.

   • Apply here

6. expired

   DevOps Vision

   The Call For Paper was open until 4 September 2023 at UTC. More info →

   • Location: Clearwater, FL, USA

   • In-person conference organized by NFJS Events.

   • The conference starts on the 4 December 2023.

   • Apply here

7. expired

   Cloud Native Rejekts NA 23

   The Call For Paper was open until 5 September 2023 at UTC. More info →

   • Location: Chicago, US

   • In-person conference organized by Cloud Native Rejekts.

   • The conference starts on the 4 November 2023.

   • Apply here

8. expired

   Open Source Summit Japan 2023

   The Call For Paper was open until 11 September 2023 at UTC. More info →

   • Location: Tokyo, JP and virtual

   • Online & in-person conference organized by Linux Foundation.

   • The conference starts on the 5 December 2023.

   • Apply here

9. expired

   Kubernetes Community Days Denmark

   The Call For Paper was open until 14 September 2023 at UTC. More info →

   • Location: Brabrand, DK

   • In-person conference organized by KCD Denmark.

   • The conference starts on the 14 November 2023.

   • Apply here

Until next time!

— Dan

Subscribe and, every Wednesday, receive the latest Kubernetes news!