Learn Kubernetes Weekly issue 49
Providing ARM nodes to 4, 000 engineers, dev on AWS and prod on OVHcloud, gRPC and custom push-based DNS resolution, Istio upstream connect error
18 Oct 2023
Articles
Transparently providing ARM nodes to 4,000 engineers
Thibault Jamet, Miguel Bernabeu
In this article, you will learn how the team at Adevinta distributes workloads across different CPU architectures in Kubernetes clusters without human intervention.
Managed Kubernetes: our dev is on AWS, our prod is on OVHcloud
Benoît Couetil
In this case study, you will learn how the team at Zenika found a way to abstract their cluster configuration and run two identical setups on AWS (for dev environments) and OVHcloud (for production).
Efficient load balancing in Kubernetes: gRPC and the role of custom push-based DNS resolution
Arkadev Banerjee
In this case study, you'll learn how to debug a gRPC load balancing where newly created pods following Pod Eviction or automatic scaling weren't serving traffic.
The solution involved implementing a custom resolver class for push-based DNS resolution.
Troubleshooting Kubernetes applications: Istio service mesh upstream Connect error
Emre Savcı
This article discusses how the team at Trendyol troubleshoot a network error between microservices in Kubernetes.
The error was traced back to the gateway application, which was found to be corrupting the response header expected by istio-proxy.
Mattias Fjellström
The article provides an in-depth guide on the Ingress resource.
It explains that Ingress offers more functionalities than a Service, enabling multiple routing rules for different Services.
It also touches upon HTTPS traffic with TLS certificates.
Kubernetes access control with authentication, authorization & admission control
Bishal Das
In this blog, you'll learn what access control is and how Kubernetes manages access permissions behind the scenes.
Articles worth checking out:
Free Manning Early Access: Road to Kubernetes eBook
Akamai
Fifteen years of deployment experience into one accessible, practical guide.
You'll learn sustainable deployment practices you can use with any language and see how Kubernetes can be used for projects of any size.
Tutorials
VictoriaMetrics: deploying a Kubernetes monitoring stack
Arseny Zinchenko
In this (long) tutorial, you'll learn how to deploy a full-fledged monitoring stack with the VictoriaMetrics Kubernetes Monitoring Stack (e.g. VMAgent, Grafana, Loki, and alerts with VMAlert).
Kuma Mesh multi-zone deployment on Kubernetes with Pulumi
Amrutha Chennepalli
In this article, you will explore how to deploy and configure Kuma Mesh on an Azure Kubernetes Service (AKS) cluster using Pulumi with Typescript, enabling seamless communication between micro-services across multiple availability zones.
Guide to Istio's authentication and authorization policies
Atulpriya Sharma
This blog post examines Istio and how to leverage it to implement authentication and authorization policies to secure apps:
- Native support for mTLS and JWT authentication.
- Control and visibility over network traffic.
- RBAC policies.
Kubernetes jobs
🔥 DevOps Engineer with Exodus
Salary: $120K a year
Location: fully remote
Tech stack: Kubernetes, AWS, PostgreSQL, Terraform
Software Engineer with Yuvo Health
Salary: ₹20L to ₹30L a year
Location: based in the office in Chennai, IN
Tech stack: Kubernetes, Docker, Python, Javascript, Java, C#, Snowflake
DevOps Engineer with Rackspace US Inc
Salary: $88.4K to $165.55K a year
Location: remote from the United States
Tech stack: Kubernetes, AWS, Azure, SQL, SQL Server, MySQL, Terraform, CDK
Discover more Kubernetes jobs on Kube Careers →
Code & tools
Kairos: Kubernetes image for edge devices
With Kairos, you can build immutable, bootable Kubernetes and OS images for your edge devices as quickly as writing a Dockerfile.
Optional P2P mesh with distributed ledger automates node bootstrapping and coordination.
Kubernetes Orphaned Resources Finder
Kor is a tool to discover unused Kubernetes resources.
Currently, Kor can identify and list unused:
- ConfigMaps
- Secrets
- Services
- ServiceAccounts
- Deployments
- Statefulsets
- Roles
Marvin: environment security and reliability
Marvin is a CLI tool designed to help Kubernetes cluster administrators ensure the security and reliability of their environments.
It performs extensive checks on cluster resources, identifying potential issues, misconfigurations, and vulnerabilities.
Kubernetes Secrets Store CSI Driver
kubernetes-sigs
The Secrets Store CSI Driver allows Kubernetes to mount multiple secrets, keys, and certs stored in enterprise-grade external secrets stores into their pods as a volume.
Once the Volume is attached, its data is mounted into the container's file system.
kubeconfig-merger is a command-line tool that concatenates two Kubernetes configuration files (kubeconfig files) into a single file.
The resulting file can be used as a single kubeconfig file to manage multiple Kubernetes clusters.
Other interesting projects:
Upcoming Kubernetes events
Oct
18
Online conference organized by Cloud Native Nairobi.
This is a virtual event
This is a free event.
Oct
18
Oct
19
In-person meetup organized by Cloud Native Austria.
Location: Vienna, AT
This is a free event.
Oct
19
Lessons learned from building a platform at Comparethemarket
Online meetup organized by Platform Engineers Atlanta.
This is a virtual event
This is a free event.
Oct
21
Kubernetes Community Days Hangzhou 2023
In-person conference organized by KCD Hangzhou.
Location: Hangzhou, CN
This is a free event.
Oct
30
Advanced Kubernetes course (Amsterdam)
In-person workshop organized by Learnk8s.
Location: Amsterdam, NL
This event requires an entrance fee
Nov
7
Open Source Monitoring Conference
In-person conference organized by NETWAYS.
Location: Nürnberg, DE
This event requires an entrance fee
Discover more Kubernetes events on Kube Events →
Kubernetes Call for Papers
expired
Kubernetes Community Days Oslo 2024
The Call For Paper was open until 13 November 2023 at UTC. More info →
Location: Olso, NO
In-person conference organized by KCD Norway.
The conference starts on the 24 January 2024.
- Apply here
expired
KubeCon + CloudNativeCon Europe
The Call For Paper was open until 26 November 2023 at UTC. More info →
Location: Paris, FR
In-person conference organized by Linux Foundation.
The conference starts on the 19 March 2024.
- Apply here
expired
Kubernetes Community Days Utrecht 2023
The Call For Paper was open until 22 October 2023 at UTC. More info →
Location: Utrecht, NL
In-person conference organized by KCD Netherlands.
The conference starts on the 1 December 2023.
- Apply here
expired
The Call For Paper was open until 4 December 2023 at UTC. More info →
Location: San Jose, CA, USA
In-person conference organized by Linux Foundation.
The conference starts on the 29 April 2024.
- Apply here
expired
The Call For Paper was open until 30 October 2023 at UTC. More info →
This is a virtual event
Online conference organized by Conf42.
The conference starts on the 30 November 2023.
- Apply here
expired
The Call For Paper was open until 1 December 2023 at UTC. More info →
Location: Birmingham, AL, USA
In-person conference organized by Devopsdays.
The conference starts on the 18 April 2024.
- Apply here
expired
Great International Developer Summit
The Call For Paper was open until 31 October 2023 at UTC. More info →
Location: Bengaluru, IN
In-person conference organized by Saltmarch.
The conference starts on the 23 April 2024.
- Apply here
expired
The Call For Paper was open until 1 November 2023 at UTC. More info →
Location: Los Angeles, CA, USA
In-person conference organized by Devopsdays.
The conference starts on the 15 March 2024.
- Apply here
expired
The Call For Paper was open until 31 October 2023 at UTC. More info →
Location: Porto Alegre, BR
In-person conference organized by Devopsdays.
The conference starts on the 9 December 2023.
- Apply here
Until next time!
— Dan
Subscribe and, every Wednesday, receive the latest Kubernetes news!