Learn Kubernetes Weekly issue 60

Kubernetes network with Cilium and eBPF, RSS to WSS: navigating Kubernetes memory metrics, Portless ports, Validating admission policies

3 Jan 2024

Articles

1. Kubernetes network learning with Cilium and eBPF

   Addo Zhang

   In this guide, you will learn how Cilium processes packets in Kubernetes using eBPF.

2. From RSS to WSS: navigating the depths of Kubernetes memory metrics

   Yuval

   This article delves into the complexities of memory metrics and reveals the surprisingly different perspectives of Kubernetes and Linux on memory.

3. Portless ports: demystifying Kubernetes port forwarding

   Arjun Mundamani

   In this article, you'll explore the complexities of Kubernetes network management, iptables, and port forwarding and discover how Kubernetes hides service ports from traditional tools like netstat.

4. Secure your NGINX ingress controller behind cloud armor or identity-aware proxy (IAP)

   Mathieu Benoit

   In this tutorial, you will learn how to secure your Nginx Ingress controller (or any 3rd party reverse proxy you may use in GKE) behind Cloud Armor or Identity-Aware Proxy (IAP).

5. Effortless in-cluster validation with Kubernetes: introducing validating admission policies

   Eyal Zekaria

   In this tutorial, you will learn how to validate Kubernetes resources with Validating Admission Policies (VAPs) and Common Expression Language (CEL).

6. External Vault to Kubernetes clusters integration

   Igor Kanshyn

   This article describes how to:

   1. Enable Vault to Kubernetes cluster integration.
   2. Create a shell script file that defines secret values as environment variables in Kubernetes pods.

Articles worth checking out:

• Integrating OPA Gatekeeper as an admission controller with Kubernetes

• What if your pods need to trust self-signed certificates?

• Binding to Low Ports as a Non-root User with Docker and Kubernetes

• PIDs limit : how to change Kubernetes pod's limits

⎈ Become an expert in Kubernetes: Advanced Kubernetes course

Learnk8s

Join Learnk8s' 4-day Advanced Kubernetes workshop this September (online or in Amsterdam, NL).

Get your hands dirty with Kubernetes and learn what makes Kubernetes tick in a session packed with hands-on labs!

Kubernetes jobs

1. • DevOps Engineer with Rockstar Games

   • Salary: $88.5K to $113.8K a year

   • Location: based in the office in Manhattan, NY, USA

   • Tech stack: Kubernetes, ArgoCD, Docker, Shell, Python, Powershell, Mongo, Redis, PostgreSQL, Airflow

2. • Software Engineer with REWE International Dienstleistungsgesellschaft

   • Salary: €50.2K a year

   • Location: remote from Austria

   • Tech stack: Kubernetes, Docker, Java, PostgreSQL, Kafka

Discover more Kubernetes jobs on Kube Careers →

Code & tools

1. image-builder: building Kubernetes disk images

   Image Builder is a tool for building Kubernetes virtual machine images across multiple infrastructure providers.

   The resulting VM images are intended to be used with Cluster API but should be suitable for other setups that rely on Kubeadm.

2. Logging operator for Kubernetes

   The Logging operator solves your logging-related problems in Kubernetes environments by automating the deployment and configuration of a Kubernetes logging pipeline.

3. kubebuilder-declarative-pattern

   kubebuilder-declarative-pattern provides a set of tools for building declarative cluster operators with kubebuilder.

4. DARK: Dashboards As Resources in Kubernetes.

   DARK provides a way to define and deploy Grafana dashboards with Custom Resource Definitions.

   If you want to version your dashboards and deploy them across environments, this project is meant for you.

5. Airgapify: manifests to Docker image

   airgapify is a tool that will construct a Docker image archive from a set of Kubernetes manifests.

Other interesting projects:

• Samba Operator

• Helm Controller

• Kronic: CronJob admin UI

• Jib: containerize your Java applications

• nginx-reloaded: self reloading NGINX

• kube-hpa-scale-to-zero

• Helmify

• Rainbond: serveless on Kubernetes

• MariaDB operator

• kube-fencing

• DiffWatcher

• Kpad: manifest editor

• Logging operator for Kubernetes

Upcoming Kubernetes events

1. Jan

   4

   Mastering software operators for data and AI

   Online webinar organized by Canonical.

   • This is a virtual event

   • This is a free event.

2. Jan

   6

   Optimising data workloads using Argo workflows and Kubernetes & Cilium introduction

   Online meetup organized by Cloud Native Madurai.

   • This is a virtual event

   • This is a free event.

3. Jan

   6

   Understanding deployment options in Kubernetes

   Online webinar organized by DevOpsUniversity.

   • This is a virtual event

   • This is a free event.

4. Jan

   8

   NDC Security

   In-person conference organized by NDC Conferences.

   • Location: Oslo, NO

   • This event requires an entrance fee

5. Jan

   9

   Unifying observability with OpenTelemetry collector and operator

   Online & in-person meetup organized by Cloud Native Luxembourg.

   • Location: Luxembourg, LU and virtual

   • This is a free event.

6. Feb

   19

   Advanced Kubernetes course

   In-person workshop organized by Learnk8s.

   • Location: Munich, DE

   • This event requires an entrance fee

Discover more Kubernetes events on Kube Events →

Kubernetes Call for Papers

1. expired

   Kubernetes Community Days Costa Rica 2024

   The Call For Paper was open until 1 February 2024 at UTC. More info →

   • Location: Heredia, CR

   • In-person conference organized by KCD Costa Rica.

   • The conference starts on the 1 March 2024.

   • Apply here

2. expired

   Kubernetes Community Days Romania 2024

   The Call For Paper was open until 31 January 2024 at UTC. More info →

   • Location: Bucharest, RO

   • In-person conference organized by KCD Romania.

   • The conference starts on the 25 April 2024.

   • Apply here

3. expired

   Kubernetes Community Days Texas 2024

   The Call For Paper was open until 5 February 2024 at UTC. More info →

   • Location: Irving, TX, USA

   • In-person conference organized by KCD Texas.

   • The conference starts on the 12 April 2024.

   • Apply here

4. expired

   Kubernetes Community Days Guadalajara 2024

   The Call For Paper was open until 9 January 2024 at UTC. More info →

   • Location: Guadalajara, MX

   • In-person conference organized by KCD Guadalajara.

   • The conference starts on the 23 February 2024.

   • Apply here

5. expired

   Kubernetes Community Days Istanbul

   The Call For Paper was open until 31 January 2024 at UTC. More info →

   • Location: Istanbul, TR

   • In-person conference organized by KCD Istanbul.

   • The conference starts on the 15 May 2024.

   • Apply here

6. expired

   Kubernetes Community Days Munich 2024

   The Call For Paper was open until 31 January 2024 at UTC. More info →

   • Location: Munich, DE

   • In-person conference organized by KCD Munich.

   • The conference starts on the 2 July 2024.

   • Apply here

7. expired

   KubeHuddle Toronto 2024

   The Call For Paper was open until 3 February 2024 at UTC. More info →

   • Location: Toronto, CA

   • In-person conference organized by KubeHuddle.

   • The conference starts on the 8 May 2024.

   • Apply here

8. expired

   Cloud Native 2024

   The Call For Paper was open until 19 February 2024 at UTC. More info →

   • This is a virtual event

   • Online conference organized by Conf42.

   • The conference starts on the 21 March 2024.

   • Apply here

9. expired

   DevOps fwdays'24

   The Call For Paper was open until 17 January 2024 at UTC. More info →

   • Location: Kyiv, UA and virtual

   • Online & in-person conference organized by fwdays.

   • The conference starts on the 17 February 2024.

   • Apply here

Until next time!

— Dan

Subscribe and, every Wednesday, receive the latest Kubernetes news!