Learn Kubernetes Weekly issue 70

Signing container images, Envelope encryption in EKS, OWASP Kubernetes top 10, MetaGPU device plugin, Scaphandre: energy consumption agent

13 Mar 2024

Kubernetes: 50 namespaces vs 50 control planes vs 50 clusters.

For the last episode of "Building Kubernetes platforms", we decided to run an experiment: how much does multi-tenancy cost?

You can join the live event here.

Articles

1. Signing container images: comparing sigstore, Notary, and Docker content trust

   Hrittik Roy

   In this article, you'll compare three popular container signing solutions: Sigstore Cosign, Notary v2, and Docker Content Trust (DCT).

   You'll learn about their features, capabilities, and suitability for securing container image supply chains.

2. Envelope encryption in EKS

   Manoj Kumar, Poonam Pawar

   In this article, you will learn how envelope encryption works in EKS with KMS through illustrations.

3. OWASP Kubernetes top 10: a comprehensive guide

   Seifeddine Rajhi

   In this article, you will take a comprehensive look at the OWASP Kubernetes Top 10, discuss each risk in detail, and provide recommendations for mitigating it.

   Finally, you'll look at tools and techniques for auditing your configuration.

4. Fast & Modern Kubernetes GUI

   Aptakube

   Connect to multiple clusters simultaneously and minimize context switching.

   Explore Metrics, Logs, Quick Actions, Shell, YAML Editor, and more all neatly packaged into one compact app.

   sponsored

Kubernetes jobs

1. • Site Reliability Engineer with Sidero Labs

   • Salary: $80K to $130K a year

   • Location: remote from Europe

   • Tech stack: Kubernetes, On-premise, ArgoCD, Go, Terraform

2. • Infrastructure Architect with NetApp

   • Salary: $235.03K to $330K a year

   • Location: based in the office (and remote from home) in San Jose, CA, USA

   • Tech stack: Kubernetes, AWS, Azure, GCP

3. • Software Engineer with NetApp

   • Salary: $139.5K to $214.5K a year

   • Location: based in the office in Research Triangle Park, NC, USA

   • Tech stack: Kubernetes, AWS, Azure, GCP, Docker, Go, Python, C++, C

Discover more Kubernetes jobs on Kube Careers →

Code & tools

1. MetaGPU Device Plugin for Kubernetes

   Kubernetes doesn't provide a support for the GPU sharing.

   You must allocate the entire GPU to a workload, even if the actual GPU usage is less than 100%.

   This project helps to improve GPU utilization by allowing GPU sharing between multiple workloads.

2. kproximate: node autoscaler for Proxmox

   kproximate is a node autoscaler project for Proxmox, allowing a Kubernetes cluster to scale across a Proxmox cluster dynamically.

3. Local Persistence Volume Static Provisioner

   The local volume static provisioner manages PersistentVolume lifecycle for pre-allocated disks by detecting and creating PVs for each local disk on the host and cleaning up the disks when released.

   It does not support dynamic provisioning.

4. ko: easy Go containers

   ko is a simple, fast container image builder for Go applications.

   It's ideal for use cases where your image contains a single Go application without any/many dependencies on the OS base image (e.g., no cgo, no OS package dependencies).

5. Source-To-Image (S2I)

   Source-to-Image is a toolkit and workflow for building reproducible container images from source code.

   It produces ready-to-run images by injecting source code into a container image and letting the container prepare that source code for execution.

Other interesting projects:

• Scaphandre: energy consumption agent

• EKS Rolling Update

• EKS Node Group AMI Updater

• Alaz: low-overhead, eBPF-based Monitoring

• Kubernetes Easy Engine

• Kubernetes-reflector: replicate secrets, ConfigMaps and certificates

• AWS ACM Private CA

• imgpkg: store application configuration files in Docker/OCI registries

• wavy: GUI apps on Kubernetes

• webmesh-cni: connect pods to a webmesh network

• Dragonfly operator

• Fission: fast and simple Serverless for Kubernetes

• Glasskube operator: automated deployments for tools

• Cuber: deploy app easily

• Flux cluster template

• Rig: developer-centric application platform

• Helm compose

• General-purpose metrics adapter for HPA metrics

• Longhorn: cloud native distributed block storage

Upcoming Kubernetes events

1. Mar

   14

   Building a Kubernetes platform

   Online webinar organized by Learnk8s.

   • This is a virtual event

   • This is a free event.

2. Mar

   14

   Kubernetes Community Days Los Angeles 2024

   In-person conference organized by KCD Los Angeles.

   • Location: Los Angeles, CA, USA

   • This event requires an entrance fee

3. Mar

   17

   Cloud Native Rejekts EU 2024

   In-person conference organized by Microsoft.

   • Location: Paris, FR

   • This is a free event.

4. Mar

   19

   KubeCon + CloudNativeCon Europe

   In-person conference organized by Linux Foundation.

   • Location: Paris, FR

   • This event requires an entrance fee

5. Apr

   18

   Advanced Kubernetes course

   Online workshop organized by Learnk8s.

   • This is a virtual event

   • This event requires an entrance fee

6. Apr

   18

   Open Source Camp on Kubernetes

   In-person conference organized by NETWAYS.

   • Location: Nuremberg, DE

   • This event requires an entrance fee

Discover more Kubernetes events on Kube Events →

Kubernetes Call for Papers

1. expired

   CloudNativeSecurityCon North America

   The Call For Paper was open until 1 April 2024 at UTC. More info →

   • Location: Seattle, WA, USA

   • In-person conference organized by Linux Foundation.

   • The conference starts on the 26 June 2024.

   • Apply here

2. expired

   Kubernetes Community Days Italy 2024

   The Call For Paper was open until 4 April 2024 at UTC. More info →

   • Location: Milan, IT

   • In-person conference organized by KCD Italy.

   • The conference starts on the 20 June 2024.

   • Apply here

3. expired

   Kubernetes Community Days Czech Slovak 2024

   The Call For Paper was open until 31 March 2024 at UTC. More info →

   • Location: Prague, CZ and virtual

   • Online & in-person conference organized by KCD Czech & Slovak.

   • The conference starts on the 6 June 2024.

   • Apply here

4. expired

   ContainerDays 2024

   The Call For Paper was open until 31 March 2024 at UTC. More info →

   • Location: Hamburg, DE

   • In-person conference organized by Loovent.

   • The conference starts on the 4 September 2024.

   • Apply here

5. expired

   Kubernetes Community Days Zürich 2024

   The Call For Paper was open until 1 April 2024 at UTC. More info →

   • Location: Zürich, CH

   • In-person conference organized by KCD Zürich.

   • The conference starts on the 13 June 2024.

   • Apply here

6. expired

   Kuberentes Community Days Dhaka 2024

   The Call For Paper was open until 24 March 2024 at UTC. More info →

   • Location: Dhaka, BD

   • In-person conference organized by KCD Dhaka.

   • The conference starts on the 11 May 2024.

   • Apply here

7. expired

   Kubernetes Community Days Shanghai 2024

   The Call For Paper was open until 17 March 2024 at UTC. More info →

   • Location: Shanghai, CN

   • In-person conference organized by KCD Shanghai.

   • The conference starts on the 19 April 2024.

   • Apply here

8. expired

   Kubernetes Community Days Argentina 2024

   The Call For Paper was open until 5 April 2024 at UTC. More info →

   • Location: Buenos Aires, AR

   • In-person conference organized by KCD Argentina.

   • The conference starts on the 10 May 2024.

   • Apply here

9. expired

   Kubernetes Community Days Islamabad 2024

   The Call For Paper was open until 25 March 2024 at UTC. More info →

   • Location: Islamabad, PK

   • In-person conference organized by KCD Islamabad.

   • The conference starts on the 20 April 2024.

   • Apply here

Until next time!

— Dan

Subscribe and, every Wednesday, receive the latest Kubernetes news!