Learn Kubernetes Weekly issue 69
6 Mar 2024
Namespaces are one of the fundamental resources in Kubernetes.
But they don't provide network isolation, are ignored by the scheduler and can't limit resource usage.
How do they actually work, and what are they useful for?
This Thursday, Salman covers everything there is to know about Kubernetes namespaces.
From 0 to 10'000 Jenkins builds a week
Stéphane Goetz
In 2023, Swissquote runs 50 fully automated instances of Jenkins in Kubernetes, one per team.
Each code push from a developer results in a build in the team’s instance.
The cluster performs approximately 10,000 builds per week.
Only one label to improve your Kubernetes security posture, with the Pod Security Admission
Mathieu Benoit
This article covers the Pod Security Admission Controller and how it simplifies enforcing Pod Security Standards.
You'll see an example of a managed offer like GKE Autopilot, which applies the baseline policies with some modifications for usability.
Learn network policies in Kubernetes
Sylvester C. Amaechi
This article explores the fundamental concepts, syntax, semantics, and implementation considerations associated with Network Policies.
It also delves into best practices and real-world examples to illustrate their practical application and benefits.
Self-signed locally trusted certificates with cert-manager
Gergely Brautigam
In this tutorial, you will learn how to use cert-manager for automated certificate handling using a GitHub Action for e2e testing on a CI environment.
Vault integration with Kubernetes using external secrets operator
Marko Skender
This tutorial teaches how to integrate Hashicorp Vault with Kubernetes for dynamic, secure secrets management using the External Secrets Operator (ESO).
It covers setting up Vault roles, policies, and the Key/Value secrets engine for ESO.
Testing Java apps on Kubernetes with Testkube
Piotr Minkowski
In this article, you will learn how to automatically test Java apps on Kubernetes with Testkube.
Migrating from MetaLB to Cilium
Vegard S. Hagen
In this tutorial, you will learn how to replace MetalLB with Cilium, thanks to the newly and recently added LB-IPAM L2 announcement capabilities.
Kubernetes testing with CircleCI, kind, and Skaffold
Piotr Minkowski
In this article, you will learn how to use tools like Kind and Skaffold to build integration tests on CircleCI for apps running on Kubernetes.
Platform Engineer with Duro
Salary: $135K to $175K a year
Location: based in the office (and remote from home) in Los Angeles, CA, USA
Tech stack: Kubernetes, Docker, Go, GraphQL, Javascript, Typescript, Terraform
Software Engineer with Novata
Salary: £90K a year
Location: based in the office (and remote from home) in London, GB
Tech stack: Kubernetes, AWS, ArgoCD, Docker, Javascript, Typescript, Terraform, GitHub Actions, Datadog
Site Reliability Engineer with NetApp
Salary: $153.45K to $187.55K a year
Location: based in the office in Boulder, CA, USA
Tech stack: Kubernetes, AWS, Azure, GCP, Go, Python, Perl, Java, Ruby, C#
Discover more Kubernetes jobs on Kube Careers →
Trivy-operator: Kubernetes-native security toolkit
The Trivy Operator leverages Trivy to continuously scan your Kubernetes cluster for security issues.
The scans are summarised in security reports as Kubernetes Custom Resource Definitions, which become accessible through the Kubernetes API.
Devpod: open source dev-environments-as-code
DevPod is a client-only tool to create reproducible developer environments based on a devcontainer.json on any backend such as the local computer, a Kubernetes cluster, any reachable remote machine or a VM in the cloud.
Eraser helps Kubernetes admins remove a list of non-running images from all Kubernetes nodes in a cluster.
You can use calico-route-sync to synchronize Calico routing information to virtual machines deployed outside the cluster so that you can access Pods in the cluster.
k8s-tun: access pod and service IP
K8s-tun is a project that lets you access pod and service IP addresses from outside the cluster with a tunnel (similar to a VPN).
Mar
7
Online workshop organized by Learnk8s.
This is a virtual event
This event requires an entrance fee
Mar
7
Kubernetes namespaces offer no isolation, and how you can work around it
Online webinar organized by Learnk8s.
This is a virtual event
This is a free event.
Mar
14
In-person conference organized by SCALE.
Location: Pasadena, CA, USA
This event requires an entrance fee
Mar
14
In-person conference organized by T3chFest.
Location: Madrid, ES
This event requires an entrance fee
Mar
17
In-person conference organized by Microsoft.
Location: Paris, FR
This is a free event.
Discover more Kubernetes events on Kube Events →
expired
CloudNativeSecurityCon North America
Location: Seattle, WA, USA
In-person conference organized by Linux Foundation.
The conference starts on the 26 June 2024.
expired
Kubernetes Community Days Italy 2024
Location: Milan, IT
In-person conference organized by KCD Italy.
The conference starts on the 20 June 2024.
expired
Kubernetes Community Days Czech Slovak 2024
Location: Prague, CZ and virtual
Online & in-person conference organized by KCD Czech & Slovak.
The conference starts on the 6 June 2024.
expired
Location: Hamburg, DE
In-person conference organized by Loovent.
The conference starts on the 4 September 2024.
expired
Kubernetes Community Days Zürich 2024
Location: Zürich, CH
In-person conference organized by KCD Zürich.
The conference starts on the 13 June 2024.
expired
Kuberentes Community Days Dhaka 2024
Location: Dhaka, BD
In-person conference organized by KCD Dhaka.
The conference starts on the 11 May 2024.
expired
Location: Vilnius, LT and virtual
Online & in-person conference organized by Data Miner.
The conference starts on the 20 May 2024.
expired
Location: Berlin, DE
In-person conference organized by NETWAYS.
The conference starts on the 19 June 2024.
expired
Devopsdays Ukraine: let's talk security
This is a virtual event
Online conference organized by Devopsdays.
The conference starts on the 4 June 2024.
Until next time!
— Dan
Subscribe and, every Wednesday, receive the latest Kubernetes news!