About the pain of GitOps, Docker Distribution donated to CNCF and OPA graduates, building container images with Go, meet Hildegard - the cryptojacking malware targeting K8s
CNCF Community & Industry
KubeCon Early Bird Tickets!
Don't miss the early bird ticket for just 10$ for the KubeCon EU. This is also a great hack: buying a ticket, you'll get a 50% discount on the next Kubernetes exam.
Announcing the Linkerd Steering Committee
"The Linkerd Steering Committee has one simple goal: to ensure that Linkerd meets the needs of its current and future users. Thus, rather than representing vendors, Linkerd's steering committee members represents Linkerd users. Members of the Linkerd Steering Committee will work with maintainers to ensure that Linkerd's roadmap is always focused on solving concrete, immediate problems for its current—and future—adopters."
Open Policy Agent graduates in the Cloud Native Computing Foundation
"The number of users on slack.openpolicyagent.org has grown by 3x (to over 3,600 users) and the number of Docker image downloads surpassed 39M (a 1000% increase!) We attribute much of this growth to the need for a robust policy-as-code solution in the cloud native ecosystem."
Containers & Orchestration
Killing Containers at Scale
As a big fan of repl.it I really appreciate insights into their infrastructure. This article is about how repl.it solved the issue of slow container shutdowns across their backend infrastructure.
Kubernetes at WeTransfer
These are field notes on WeTransfers journey upgrading Kubernetes 1.11 to 1.18 using kOps. Operating kOps clusters on my own for a couple of years now, I already appreciate this kind of report.
Analyzing gRPC messages using Wireshark
"In this post, you'll learn how to configure and use the Wireshark gRPC dissector and the Protocol Buffers (Protobuf) dissector, which are protocol-specific components that allow you to analyze gRPC messages with Wireshark."
The pains of GitOps 1.0
While it is a fascinating idea to deploy and operate software, it only takes care of a subset of the software release process. Using GitOps in production for over a year, I recognize quite a few problems mentioned in this article. This is a sincere evaluation of the current state of GitOps.
Why Helm never felt like it belonged
"Kubernetes is one the largest and fastest growing open-source projects. Since its inception in 2014, Kubernetes received tens of thousands of contributions from the community, and enhanced by plethora of new tools. But that doesn't come without its downsides. Namely, every now and then, there's a tool that doesn't adhere to Kubernetes core principles, and I think one such tool is Helm."
Hildegard: New TeamTNT Cryptojacking Malware Targeting Kubernetes
"Unit 42 researchers detected a new malware campaign targeting Kubernetes clusters. The attackers gained initial access via a misconfigured kubelet that allowed anonymous access. Once getting a foothold into a Kubernetes cluster, the malware attempted to spread over as many containers as possible and eventually launched cryptojacking operations."" - Maybe today is a good idea to check your kubelet and cluster configurations? 😉