Kubernetes v1.31, codenamed “Elli,” is officially released!
It brings 45 enhancements, including 11 being graduated to Stable, 22 in Beta, and 12 in Alpha.
The Release Theme is "Elli". “Elli is a cute and joyful dog, with a heart of gold and a nice sailor's cap, as a playful wink to the huge and diverse family of Kubernetes contributors.”
More details: official blog announcement; our previous post with helpful articles and resources for K8s v1.31.
#news #releases
It brings 45 enhancements, including 11 being graduated to Stable, 22 in Beta, and 12 in Alpha.
The Release Theme is "Elli". “Elli is a cute and joyful dog, with a heart of gold and a nice sailor's cap, as a playful wink to the huge and diverse family of Kubernetes contributors.”
More details: official blog announcement; our previous post with helpful articles and resources for K8s v1.31.
#news #releases
🎉6👍3
Our selection of the latest prominent software updates from the cloud native ecosystem:
1. Knative v1.15 was released with net-certmanager controller as a part of Serving core and Serving controller, TLS encryption of cluster local routes in Contour, startup probes in the spec for Knative Service, transport-encryption (beta) and CESQL v1 specification support in Knative Eventing, and much more.
2. External Secrets Operator, which integrates external secret management systems with Kubernetes, has seen its v0.10.0. This release added support for Delinea Secret Server,
3. Kmesh, a high-performance service mesh data plane, was updated to v0.4.0. New features include Prometheus-based metrics collection and aggregation, fine-grained Pod-level management, IPv6 communication in workload mode, waypoint traffic capture, and support for the DNS-typed services.
4. OpenKruise, a CNCF incubating project for managing large-scale apps on Kubernetes, has released v1.7.0 with support for
5. KubeArmor, a CNCF sandbox project enforcing runtime security, got its v1.4.0. This update brought multi-enforcer controller, alert throttling, support for
6. Argo CD v2.12 is out after five RCs for this release. It comes with 30+ new features, including multi-source application support in the UI, separate repository credentials with the same URL for multiple app projects, application labels for Kubernetes events, a new sharding algorithm (consistent-hashing), fish shell completion for the CLI, and many others.
#news #releases
1. Knative v1.15 was released with net-certmanager controller as a part of Serving core and Serving controller, TLS encryption of cluster local routes in Contour, startup probes in the spec for Knative Service, transport-encryption (beta) and CESQL v1 specification support in Knative Eventing, and much more.
2. External Secrets Operator, which integrates external secret management systems with Kubernetes, has seen its v0.10.0. This release added support for Delinea Secret Server,
PushSecret for Pulumi ESC, headers in the Vault requests, and more.3. Kmesh, a high-performance service mesh data plane, was updated to v0.4.0. New features include Prometheus-based metrics collection and aggregation, fine-grained Pod-level management, IPv6 communication in workload mode, waypoint traffic capture, and support for the DNS-typed services.
4. OpenKruise, a CNCF incubating project for managing large-scale apps on Kubernetes, has released v1.7.0 with support for
SidecarSet, structured logging, start ordinal in StatefulSets, ImagePullJob for credential provider plugins, webhook CA injections using external certification management tool, and more.5. KubeArmor, a CNCF sandbox project enforcing runtime security, got its v1.4.0. This update brought multi-enforcer controller, alert throttling, support for
KubeArmorClusterPolicy, and an improved KubeArmor container image.6. Argo CD v2.12 is out after five RCs for this release. It comes with 30+ new features, including multi-source application support in the UI, separate repository credentials with the same URL for multiple app projects, application labels for Kubernetes events, a new sharding algorithm (consistent-hashing), fish shell completion for the CLI, and many others.
#news #releases
👍2🔥1
Here goes our latest bunch of interesting Kubernetes-related articles recently spotted online:
1. “Kubernetes Security Guide (Kubernetes Hardening)” by ReynardSec.
2. “How we migrated onto K8s in less than 12 months” by Ian VonSeggern, Figma.
3. “K8s Vertical Pod Autoscaler's Algorithm” by Tanay Tummalapalli.
4. “Kubernetes: The Art of Zero-Downtime Deployments” by Gulcan Topcu.
5. “Generating, transforming, and patching Kubernetes configuration with Kustomize” by Brian Grant, original lead architect of Kubernetes.
#articles
1. “Kubernetes Security Guide (Kubernetes Hardening)” by ReynardSec.
“This article discusses the topic of securing the configuration of Kubernetes clusters. [..] my goal is not merely to present a dry list of parameters and ready-made configuration snippets but to provide the reader with a fuller context. I want the reader to understand why certain modifications are necessary and what benefits their implementation will bring. Theory and practice must go hand in hand! Therefore, I have prepared a tool for you that will allow you to test everything I write about here in your local environment. You will find a script here that will easily start your Kubernetes cluster.”
2. “How we migrated onto K8s in less than 12 months” by Ian VonSeggern, Figma.
“At Figma, we need to be sure that any decision we make—whether it’s about user-facing features or back-end infrastructure—will leave the platform in a better position than when we started. The larger and more resource-heavy the workstream, the more confident we need to be that we’ll be able to complete the effort in a reasonable timeline without causing downtime to users. That’s why we didn’t take the decision to migrate our core services to Kubernetes lightly. Here’s a look at our process of evaluating, scoping, and executing the move.”
3. “K8s Vertical Pod Autoscaler's Algorithm” by Tanay Tummalapalli.
“I tried to understand how the Vertical Pod Autoscaler(VPA) works [..] I wanted to dig deeper to get at the essence of the recommender’s algorithm. This is my attempt to document my digging.”
4. “Kubernetes: The Art of Zero-Downtime Deployments” by Gulcan Topcu.
“This blog post will guide you through the techniques you need to achieve seamless deployments in Kubernetes. We’ll also put these strategies into practice using a knowledge-powered customer support chatbot. We’ll explore various deployment strategies, such as Blue/Green and Canary, sharing real-world examples and key metrics to monitor along the way.”
5. “Generating, transforming, and patching Kubernetes configuration with Kustomize” by Brian Grant, original lead architect of Kubernetes.
“Kustomize is a fairly unique tool, at least among the dozens of Kubernetes configuration and Infrastructure as Code tools that I’m aware of, and certainly it’s the most popular tool in its class. Why did we create it?”
#articles
👍2❤1🔥1
Need to deploy a Kubernetes cluster in Hetzner Cloud? This CLI tool fully automates the process, helping you install K3s in no time and maintain it with ease.
hetzner-k3s is an excellent repo from Vito Botta, which provides you with everything needed to create a highly available K3s cluster comprising 3 masters and 3 workers (for example) in a few minutes only. This project was started 3 years ago, and today, its v2.0.0 was released. Here’s what it offers today:
- Auto-creating instances and installing K3s on them, auto-configuring networking;
- Auto-installing Hetzner Cloud-specific components, including CCM (Cloud Controller Manager) for load balancers and CSI Driver for persistent storage;
- Using Flannel or Cilium as your CNI;
- Enabling node pools autoscaling by leveraging Cluster Autoscaler;
- Performing K3s version upgrades using Rancher System Upgrade Controller;
- Registry mirroring based on Spegel;
- Using external data stores for HA clusters as an alternative to embedded etcd.
▶️ GitHub repo
🚀 v2.0.0 release
🛠 Installation manual
#tools
hetzner-k3s is an excellent repo from Vito Botta, which provides you with everything needed to create a highly available K3s cluster comprising 3 masters and 3 workers (for example) in a few minutes only. This project was started 3 years ago, and today, its v2.0.0 was released. Here’s what it offers today:
- Auto-creating instances and installing K3s on them, auto-configuring networking;
- Auto-installing Hetzner Cloud-specific components, including CCM (Cloud Controller Manager) for load balancers and CSI Driver for persistent storage;
- Using Flannel or Cilium as your CNI;
- Enabling node pools autoscaling by leveraging Cluster Autoscaler;
- Performing K3s version upgrades using Rancher System Upgrade Controller;
- Registry mirroring based on Spegel;
- Using external data stores for HA clusters as an alternative to embedded etcd.
▶️ GitHub repo
🚀 v2.0.0 release
🛠 Installation manual
#tools
👍3
It’s time for another selection of the latest prominent software updates in the Cloud Native ecosystem! Today, we’d like to introduce a new section for our digest — Release Spotlight, which highlights one of the latest releases.
Release Spotlight: Karpenter 1.0
Karpenter is a Kubernetes node autoscaler launched by AWS in November 2021. Today, it’s adopted by numerous well-known companies worldwide. Its v1.0.0 release anticipates that Karpenter has graduated from beta officially becoming production-ready.
The latest changes include enhanced disruption controls by reason (
Other noticeable updates in the Cloud Native space:
1. Linkerd 2.16 is available with IPv6 support, audit mode for security policies, new retries, timeouts, and route metrics for Gateway API
2. Istio 1.23 was released and delivered numerous updates for the ambient mode (a single Helm chart to install all ambient mode components, support for dual-stack and IPv6 clusters,
3. vCluster, a Loft Labs solution for creating virtual Kubernetes clusters, got its v0.20.0. It introduced a new centralized configuration file (
4. Podman Desktop 1.12 was released with support for remote Podman setups, macOS GPU & Windows GPU, enhanced Kubernetes dashboard, and Podman 5.2.0.
5. helm-mapkubeapis, a Helm plugin that maps deprecated and removed Kubernetes APIs in a release to supported APIs, has seen its first releases in over a year. With v0.5.0, it got the latest Kubernetes API deprecation data, updated Helm dependencies, and ARM64 support for Mac.
#news #releases
Release Spotlight: Karpenter 1.0
Karpenter is a Kubernetes node autoscaler launched by AWS in November 2021. Today, it’s adopted by numerous well-known companies worldwide. Its v1.0.0 release anticipates that Karpenter has graduated from beta officially becoming production-ready.
The latest changes include enhanced disruption controls by reason (
Underutilized / Empty / Drifted), new consolidateAfter consolidation control for underutilized nodes, new disruption control terminationGracePeriod, and immutable NodeClaims. Find more information about this release and how to migrate to it here. Other noticeable updates in the Cloud Native space:
1. Linkerd 2.16 is available with IPv6 support, audit mode for security policies, new retries, timeouts, and route metrics for Gateway API
HTTPRoute and GPRCRoute resources, JSON output for all Linkerd CLI commands that output Kubernetes resources.2. Istio 1.23 was released and delivered numerous updates for the ambient mode (a single Helm chart to install all ambient mode components, support for dual-stack and IPv6 clusters,
trafficDistribution in Services, etc.), a new implementation of DNS auto-allocation, retry policy for inbound traffic, and switching to the Wolfi container base OS for distroless images.3. vCluster, a Loft Labs solution for creating virtual Kubernetes clusters, got its v0.20.0. It introduced a new centralized configuration file (
vcluster.yaml), unified Helm chart, support for SQLite and external databases as a storage backend (instead of etcd), and new default distribution for the vCluster control plane (vanilla Kubernetes instead of K3s).4. Podman Desktop 1.12 was released with support for remote Podman setups, macOS GPU & Windows GPU, enhanced Kubernetes dashboard, and Podman 5.2.0.
5. helm-mapkubeapis, a Helm plugin that maps deprecated and removed Kubernetes APIs in a release to supported APIs, has seen its first releases in over a year. With v0.5.0, it got the latest Kubernetes API deprecation data, updated Helm dependencies, and ARM64 support for Mac.
#news #releases
👍3🔥1
Here goes our latest bunch of interesting Kubernetes-related articles recently spotted online:
1. “GenAI Experiments: Monitoring and Debugging Kubernetes Cluster Health” by Lili Wan and Anusha Ragunathan, Intuit.
2. “How to Terminate Go Programs Elegantly – A Guide to Graceful Shutdowns” by Alex Pliutau.
3. “Installing Karpenter: Lessons Learned From Our Experience” by Pierre Gerbelot-Barillon, Qovery.
4. “How to Expose Kubernetes Apps Using the Gateway API” by Nigel Brown, Semaphore.
5. “I just want mTLS on Kubernetes” by John Howard.
6. “Transform AWS Exam Generator Architecture to Open Source” series by Hamza Bou Issa.
#articles
1. “GenAI Experiments: Monitoring and Debugging Kubernetes Cluster Health” by Lili Wan and Anusha Ragunathan, Intuit.
“Here at Intuit, where we have 325+ Kubernetes clusters, it can be quite overwhelming for our on-call engineers — given the potential for 100s of alerts per cluster. In this blog, we will look at some recent experiments using GenAI to help our platform engineers manage alerts, debug faster, and properly remediate unhealthy clusters. We’ll review initial promising results with open source k8sgpt, and provide insights into what’s ahead on our journey.”
2. “How to Terminate Go Programs Elegantly – A Guide to Graceful Shutdowns” by Alex Pliutau.
“In this guide, we'll dive into the world of graceful shutdowns, specifically focusing on their implementation in Go applications running on Kubernetes. [..] The ultimate goal: ensure our service gracefully handles shutdowns without losing any requests/data.”
3. “Installing Karpenter: Lessons Learned From Our Experience” by Pierre Gerbelot-Barillon, Qovery.
“In this article, we’ve explored how to install Karpenter on an AWS EKS cluster. The deployment options we evaluated, particularly the decision to run the Karpenter controller on AWS Fargate, have greatly simplified our infrastructure management while enhancing security and scalability. We detailed the steps and considerations involved in installing Karpenter, from configuring IAM roles and setting up SQS queues to deploying Karpenter via Helm, including using a separate Helm chart for installing and updating the necessary CRDs.”
4. “How to Expose Kubernetes Apps Using the Gateway API” by Nigel Brown, Semaphore.
“In this tutorial, you’ll use the Gateway API to configure ingress traffic to an example application running in a local Kubernetes cluster. You’ll be able to differentiate between the different Gateway API object types and see how they fit together to provide the full ingress experience for an application.”
5. “I just want mTLS on Kubernetes” by John Howard.
“A common phrase when talking to Kubernetes users is "I just want all my traffic mTLS encrypted on Kubernetes." Occasionally, this comes with some additional constraints such as "...without the complexity of a service mesh." It’s a fair request, with many solutions offering different tradeoffs. In this post, I'll go over the options and provide recommendations.”
6. “Transform AWS Exam Generator Architecture to Open Source” series by Hamza Bou Issa.
“In these articles, we will challenge ourselves and transform this AWS architecture: a serverless exam generator application for educators. [..] Here list of the used services and their alternatives: AWS Cognito → Ory Kratos and Oathkeeper; ECS → Kubernetes; S3 → Minio; Lambda → Knative; API Gateway → Istio; DynamoDB → MongoDB.”
#articles
👍5
After Kubernetes v1.31 was released last week, a series of related posts followed in the official blog. They reveal more details about significant improvements in v1.31, and there are many things to learn! Don’t miss the essential features you might benefit from soon:
- Moving cgroup v1 Support into Maintenance Mode
- PersistentVolume Last Phase Transition Time Moves to GA
- VolumeAttributesClass for Volume Modification Beta
- Accelerating Cluster Performance with Consistent Reads from Cache
- MatchLabelKeys in PodAffinity graduates to beta
- Prevent PersistentVolume Leaks When Deleting out of Order
- Read Only Volumes Based On OCI Artifacts (alpha)
- Pod Failure Policy for Jobs Goes GA
- Streaming Transitions from SPDY to WebSockets
- Autoconfiguration For Node Cgroup Driver (beta)
- Custom Profiling in Kubectl Debug Graduates to Beta
- Fine-grained SupplementalGroups control
- New Kubernetes CPUManager Static Policy: Distribute CPUs Across Cores
- kubeadm v1beta4 with its new configuration file format
#news #releases
- Moving cgroup v1 Support into Maintenance Mode
- PersistentVolume Last Phase Transition Time Moves to GA
- VolumeAttributesClass for Volume Modification Beta
- Accelerating Cluster Performance with Consistent Reads from Cache
- MatchLabelKeys in PodAffinity graduates to beta
- Prevent PersistentVolume Leaks When Deleting out of Order
- Read Only Volumes Based On OCI Artifacts (alpha)
- Pod Failure Policy for Jobs Goes GA
- Streaming Transitions from SPDY to WebSockets
- Autoconfiguration For Node Cgroup Driver (beta)
- Custom Profiling in Kubectl Debug Graduates to Beta
- Fine-grained SupplementalGroups control
- New Kubernetes CPUManager Static Policy: Distribute CPUs Across Cores
- kubeadm v1beta4 with its new configuration file format
#news #releases
👍4
Happy to announce our newest digest of the prominent software updates in the Cloud Native ecosystem!
Release Spotlight: Prometheus 2.54
Prometheus, the well-known monitoring system and time series database, got a significant update this month. Its v2.54.0 introduced a release candidate of PRW (Prometheus Remote Write) 2.0. This specification update adds a new Protobuf Message with new features that should enable “more use cases and wider adoption on top of performance and cost savings.” It is achieved by reducing the network bandwidth used for sending PRW data and allowing new features that were missing in PRW (such as metadata, exemplars, and native histograms). Find more details in the documentation.
PRW 2.0 is enabled by default in Prometheus 2.54 but can be disabled using a feature flag. This release also introduced numerous Prometheus enhancements, such as new PromQL aggregation operators (
Other noticeable updates in the Cloud Native space:
1. kind (Kubernetes IN Docker) v0.24.0 is out following the recent Kubernetes v1.31 release and based on it as the default node image. Other highlights include out-of-the-box support for network policy, support for building node images from existing K8s releases, loading multiple image archives in
2. Sveltos, a Kubernetes controller that simplifies the deployment and management of K8s add-ons and applications, was updated to v0.36.0. It introduced three significant features: pausing a cluster, specifying the fields that are ignored while evaluating the configuration drift, and patching subresources.
3. Strimzi, a Kafka operator for Kubernetes and CNCF incubating project, released v0.43.0 with Apache Kafka 3.8.0 support. It also added support for custom Cruise Control API users, additional volumes and volume mounts in Strimzi custom resources, and new OAuth configuration options.
4. Youki, a container runtime written in Rust, has seen its v0.4.0. It comes with an experimental SELinux crate, added
#news #releases
Release Spotlight: Prometheus 2.54
Prometheus, the well-known monitoring system and time series database, got a significant update this month. Its v2.54.0 introduced a release candidate of PRW (Prometheus Remote Write) 2.0. This specification update adds a new Protobuf Message with new features that should enable “more use cases and wider adoption on top of performance and cost savings.” It is achieved by reducing the network bandwidth used for sending PRW data and allowing new features that were missing in PRW (such as metadata, exemplars, and native histograms). Find more details in the documentation.
PRW 2.0 is enabled by default in Prometheus 2.54 but can be disabled using a feature flag. This release also introduced numerous Prometheus enhancements, such as new PromQL aggregation operators (
limitk() and limit_ratio()), optimised regexps, reduced locking and other optimisations in TSDB, etc. Find the full changelog here.Other noticeable updates in the Cloud Native space:
1. kind (Kubernetes IN Docker) v0.24.0 is out following the recent Kubernetes v1.31 release and based on it as the default node image. Other highlights include out-of-the-box support for network policy, support for building node images from existing K8s releases, loading multiple image archives in
kind load image-archive, customisable kubeadm phases, and PowerShell auto-completion.2. Sveltos, a Kubernetes controller that simplifies the deployment and management of K8s add-ons and applications, was updated to v0.36.0. It introduced three significant features: pausing a cluster, specifying the fields that are ignored while evaluating the configuration drift, and patching subresources.
3. Strimzi, a Kafka operator for Kubernetes and CNCF incubating project, released v0.43.0 with Apache Kafka 3.8.0 support. It also added support for custom Cruise Control API users, additional volumes and volume mounts in Strimzi custom resources, and new OAuth configuration options.
4. Youki, a container runtime written in Rust, has seen its v0.4.0. It comes with an experimental SELinux crate, added
max_usage in the cgroups v2 mode, and a new setup_envs method for the Executor trait.#news #releases
👍2🔥2
You may want to have a graphical representation of your Kubernetes clusters for many reasons. Here’s a convenient tool for such needs.
VpK (Visually presented Kubernetes) is a Node.js application that connects to your cluster via
- Displaying Pods and Nodes, Ingresses, configuration (ConfigMaps, Secrets), storage (StorageClass, PV, PVC), network (Endpoints, Services), and security (roles, bindings) resources.
- Flat (a.k.a. “schematic”) and 3D visual representations, which you can use in an interactive mode.
- Timelapse mode for the 3D view reflecting the creation and removal of cluster resources.
- Filtering K8s resources by namespaces, kinds, labels, names, and annotations.
▶️ GitHub repo
#tools
VpK (Visually presented Kubernetes) is a Node.js application that connects to your cluster via
kubectl and renders a nice visualisation of its resources. Its prominent features include:- Displaying Pods and Nodes, Ingresses, configuration (ConfigMaps, Secrets), storage (StorageClass, PV, PVC), network (Endpoints, Services), and security (roles, bindings) resources.
- Flat (a.k.a. “schematic”) and 3D visual representations, which you can use in an interactive mode.
- Timelapse mode for the 3D view reflecting the creation and removal of cluster resources.
- Filtering K8s resources by namespaces, kinds, labels, names, and annotations.
▶️ GitHub repo
#tools
👍6
KubeCon + CloudNativeCon + Open Source Summit China 2024 just happened: it was held in Hong Kong from 21 to 23 August 2024. CNCF has already uploaded 89 videos from this event on its YouTube channel*, including keynotes, project lightning talks, and regular talks.
The talks that are available to watch cover numerous CNCF projects, such as OpenTelemetry, Istio, Cilium, Kuasar, WasmEdge, KubeEdge, Karmada, Kyverno, KCL, Keycloak, TiKV, KubeVela, OpenYurt, Argo, Kepler, and others.
* Find the full playlist following this link, but keep in mind that more videos are yet to be uploaded there during the next few days.
UPD (Aug 29): There are 164 videos uploaded already.
#news #events #video
The talks that are available to watch cover numerous CNCF projects, such as OpenTelemetry, Istio, Cilium, Kuasar, WasmEdge, KubeEdge, Karmada, Kyverno, KCL, Keycloak, TiKV, KubeVela, OpenYurt, Argo, Kepler, and others.
* Find the full playlist following this link, but keep in mind that more videos are yet to be uploaded there during the next few days.
UPD (Aug 29): There are 164 videos uploaded already.
#news #events #video
👍1
Here goes our latest bunch of interesting Kubernetes-related articles recently spotted online:
1. “Piloting through the Fog: A Tale of Migrating to a New Kubernetes Platform” by Jacob Brandt, Klaviyo.
2. “A guide to modern Kubernetes network policies” by Scott Rigby, Buoyant.
3. “Using the Kubernetes Resource Model to provision Cloud infrastructure” by Briant Grant, original lead architect of Kubernetes.
4. “OpenTofu: RKE2 Cluster with Cilium on Azure” by Eleni Grosdouli.
5. “Building a Real-world Kubernetes Operator” by Anurag Rajawat.
#articles
1. “Piloting through the Fog: A Tale of Migrating to a New Kubernetes Platform” by Jacob Brandt, Klaviyo.
“I have some experience with Docker and ECS, but I am a complete noob when it comes to Kubernetes and related technologies. [..] In this post I go through my journey of migrating one such service from Klaviyo’s legacy kubernetes platform, to our new spiffy, well-managed platform.”
2. “A guide to modern Kubernetes network policies” by Scott Rigby, Buoyant.
“This guide is for anyone interested in learning more about policy-based controls for your Kubernetes network traffic. You will learn about the different types of policies and why they matter, the pros and cons of each, how to define them, and when to combine them.”
3. “Using the Kubernetes Resource Model to provision Cloud infrastructure” by Briant Grant, original lead architect of Kubernetes.
“In previous posts, I touched on the topic of Kubernetes being used as a universal control plane and using the Kubernetes Resource Model as a declarative configuration mechanism. In this post, I want to go into more depth regarding the use of the Kubernetes control plane and API to provision Cloud infrastructure declaratively.
4. “OpenTofu: RKE2 Cluster with Cilium on Azure” by Eleni Grosdouli.
“We will demonstrate how to use OpenTofu to automate the deployment. [..] Additionally, we will demonstrate how easy it is to customise the Cilium configuration and enable kube-vip for LoadBalancer services from the HCL (HashiCorp Configuration Language) definition.”
5. “Building a Real-world Kubernetes Operator” by Anurag Rajawat.
“In this series of in-depth tutorials, you'll learn how to build a real-world Kubernetes Operator in Golang with integration and end-to-end testing. We'll focus on hands-on coding to give you practical experience. We'll build an operator similar to Nimbus from scratch, just like my team did.”
#articles
👍4
Here comes our newest digest of the prominent software updates in the Cloud Native ecosystem!
Release Spotlight: Longhorn v1.7.0
Longhorn is a distributed block storage for Kubernetes and a CNCF Incubating project. Its recent v1.7.0 introduced several new V2 Data Engine features, including online replica rebuilding, data plane live upgrade, filesystem trim (efficient unused space reclaiming), and block-type disk support for SPDK AIO, NVMe, and Virtio bdev drivers. Note that V2 Data Engine is still considered a preview feature.
This new Longhorn version also added COS (Container-Optimized OS) support, high availability improvements (HA for backing images, RWX volumes fast failover), periodic and on-demand full backups, and a brand-new CLI tool to manage Longhorn (
Other noticeable updates in the Cloud Native space:
1. Numaflow, a Kubernetes-native, serverless platform to run massively parallel data/streaming jobs, was updated to v1.3.0. It brought a Batch Map mode (to process multiple data items in a UDF single call), built-in Jetstream source, read-only view for UI, Kubernetes model in Rust, and much more.
2. Portainer 2.21 was released and became the platform's first LTS (Long Term Support) version. Its community edition also got a new menu structure and numerous performance improvements (including front-end data caching for Kubernetes environments).
3. Xline, a geo-distributed KV store for metadata management and a CNCF Sandbox project, got its v0.7.0. This update introduced a CURP WAL (Write-Ahead-Log) implementation, deduplication command, snapshot restore via
4. mariadb-operator has seen its v0.0.30 with significantly refined Galera cluster recovery process, an ability to bootstrap Galera clusters from existing PVCs, new
5. The Kubernetes scheduler simulator project has released its v0.3.0. With this update, the simulator got a
#news #releases
Release Spotlight: Longhorn v1.7.0
Longhorn is a distributed block storage for Kubernetes and a CNCF Incubating project. Its recent v1.7.0 introduced several new V2 Data Engine features, including online replica rebuilding, data plane live upgrade, filesystem trim (efficient unused space reclaiming), and block-type disk support for SPDK AIO, NVMe, and Virtio bdev drivers. Note that V2 Data Engine is still considered a preview feature.
This new Longhorn version also added COS (Container-Optimized OS) support, high availability improvements (HA for backing images, RWX volumes fast failover), periodic and on-demand full backups, and a brand-new CLI tool to manage Longhorn (
longhornctl). You can find more details in this release announcement.Other noticeable updates in the Cloud Native space:
1. Numaflow, a Kubernetes-native, serverless platform to run massively parallel data/streaming jobs, was updated to v1.3.0. It brought a Batch Map mode (to process multiple data items in a UDF single call), built-in Jetstream source, read-only view for UI, Kubernetes model in Rust, and much more.
2. Portainer 2.21 was released and became the platform's first LTS (Long Term Support) version. Its community edition also got a new menu structure and numerous performance improvements (including front-end data caching for Kubernetes environments).
3. Xline, a geo-distributed KV store for metadata management and a CNCF Sandbox project, got its v0.7.0. This update introduced a CURP WAL (Write-Ahead-Log) implementation, deduplication command, snapshot restore via
xlineutl, and SSL/TLS support.4. mariadb-operator has seen its v0.0.30 with significantly refined Galera cluster recovery process, an ability to bootstrap Galera clusters from existing PVCs, new
suspend feature, MariaDB authentication plugins for supplying hashed passwords, initial CEL (Common Expression Language) support, and other new features.5. The Kubernetes scheduler simulator project has released its v0.3.0. With this update, the simulator got a
syncer that continuously syncs the simulator cluster's resources to the external cluster's ones. It also added Kubernetes 1.30 support, ARM64 support, optimised Dockerfiles, and several other improvements.#news #releases
👍2❤1
It’s gratifying to see our first 500 subscribers! 🥳 We came here literally “from scratch” in less than five months when our first post was published (April 18th, 2024).
The steady growth of interest reassures that Kubernative is on the right track and provides helpful content for Cloud Native enthusiasts and various engineers involved in DevOps, SRE, platform engineering, and software development.
Thank you for reading us and sharing our content with like-minded folks! 🤗
The steady growth of interest reassures that Kubernative is on the right track and provides helpful content for Cloud Native enthusiasts and various engineers involved in DevOps, SRE, platform engineering, and software development.
Thank you for reading us and sharing our content with like-minded folks! 🤗
🎉13❤4🔥3👍1
Have you considered using or maybe even used KubeInvaders to make chaos engineering in Kubernetes fun? It features a new demo now! But first, let’s recall what this tool is about.
KubeInvaders describes itself as a “gamified Chaos Engineering tool for Kubernetes,” which sums it up perfectly. There was a classic shoot 'em up arcade video game from the 70s, Space Invaders, involving a laser cannon to shoot rows of aliens. This project mimics it by using your actual Kubernetes Pods as aliens you’re shooting. It comes with various features, including:
- Shuffling the positions of the Pods to be killed;
- Randomly switching between namespaces;
- Showing you online stats (running/not running/deleted Pods) and events;
- Exposing Prometheus metrics;
- Programming mode (beta) to define your chaos experiments in YAML.
Now, the project also has a live demo, meaning you can open your web browser and play with KubeInvaders against a preconfigured Kubernetes cluster.
▶️ GitHub repo
🕹 Live demo
#tools #fun
KubeInvaders describes itself as a “gamified Chaos Engineering tool for Kubernetes,” which sums it up perfectly. There was a classic shoot 'em up arcade video game from the 70s, Space Invaders, involving a laser cannon to shoot rows of aliens. This project mimics it by using your actual Kubernetes Pods as aliens you’re shooting. It comes with various features, including:
- Shuffling the positions of the Pods to be killed;
- Randomly switching between namespaces;
- Showing you online stats (running/not running/deleted Pods) and events;
- Exposing Prometheus metrics;
- Programming mode (beta) to define your chaos experiments in YAML.
Now, the project also has a live demo, meaning you can open your web browser and play with KubeInvaders against a preconfigured Kubernetes cluster.
▶️ GitHub repo
🕹 Live demo
#tools #fun
❤3👍2
The organisers of Kubernetes Community Days Munich 2024, which happened this summer, have uploaded videos with all the talks. It was quite a big event, and we’re lucky to enjoy almost 50 videos in this playlist on YouTube.
If someone wants recommendations on what to choose, here are some (biased 😉) suggestions:
- “Choose Your Own Adventure: The Struggle for Security” by Whitney Lee (VMware Tanzu) and Viktor Farcic (Upbound).
- “Goodbye Ingress - Hello Gateway API” by Simon Pearce (SysEleven).
- “Fast Kubernetes Autoscaling with Knative” by Stefan Billet (QAware).
- “Kubernetes Authentication 2.0: Structured Authentication Configuration” by Maksim Nabokikh (Palark).
- “Kubernetes with Guardrails – How Mercedes-Benz enables Developers across 900+ Clusters” by Tjark Rasche (Mercedes-Benz Tech Innovation).
- “Oh No Our Kubernetes Cluster Has Been Compromised! Will YOU Save the Day?” by Benoît Entzmann (feesh) and Chay Te (dbi services).
#video #events
If someone wants recommendations on what to choose, here are some (biased 😉) suggestions:
- “Choose Your Own Adventure: The Struggle for Security” by Whitney Lee (VMware Tanzu) and Viktor Farcic (Upbound).
- “Goodbye Ingress - Hello Gateway API” by Simon Pearce (SysEleven).
- “Fast Kubernetes Autoscaling with Knative” by Stefan Billet (QAware).
- “Kubernetes Authentication 2.0: Structured Authentication Configuration” by Maksim Nabokikh (Palark).
- “Kubernetes with Guardrails – How Mercedes-Benz enables Developers across 900+ Clusters” by Tjark Rasche (Mercedes-Benz Tech Innovation).
- “Oh No Our Kubernetes Cluster Has Been Compromised! Will YOU Save the Day?” by Benoît Entzmann (feesh) and Chay Te (dbi services).
#video #events
❤4
Here goes our latest bunch of interesting Kubernetes-related articles recently spotted online:
1. “Building the lightest-weight Kubernetes dev ephemeral environments” by Galen Marchetti, Kardinal.
2. “Exploring Cloud Native projects in CNCF Sandbox. Part 1: 13 arrivals of 2023 H1” by Konstantin Nezhbert & Dmitry Shurupov, Palark.
3. “An Introduction to the OpenTelemetry Collector” by Josh Lee, Altinity.
4. “The Complete Process of How an External HTTP Request Reaches a Pod Container in Kubernetes” by Rifewang.
5. “Making SRE Workflows Smoother with AI Helpers: Using Ollama, OpenWebUI, and k8sGPT” by Krishnadas N S.
#articles
1. “Building the lightest-weight Kubernetes dev ephemeral environments” by Galen Marchetti, Kardinal.
“We’re excited to introduce Kardinal, an open-source tool that’s designed to make development and test environments for Kubernetes-deployed applications as lightweight as possible. If you manage multiple application deploys across dev, test, and QA, or you’re spinning up expensive development sandboxes, Kardinal can cut down resource usage and time-to-test by over 90%.”
2. “Exploring Cloud Native projects in CNCF Sandbox. Part 1: 13 arrivals of 2023 H1” by Konstantin Nezhbert & Dmitry Shurupov, Palark.
“New projects are joining CNCF and can surely help with your Cloud Native needs. Let’s discover Inspektor Gadget, Headlamp, Kepler, SlimToolkit, SOPS, Clusternet, Eraser, PipeCD, Microcks, kpt, Xline, HwameiStor, and KubeClipper!”
3. “An Introduction to the OpenTelemetry Collector” by Josh Lee, Altinity.
“By now you’re probably hearing about OpenTelemetry quite often. Maybe you’ve already read the description at opentelemetry.io. Maybe you’re asking yourself, “that’s a lot of words about metrics, traces, logs, and such — but how do I actually start using this thing?” If that sounds like you, then read on…”
4. “The Complete Process of How an External HTTP Request Reaches a Pod Container in Kubernetes” by Rifewang.
“How does an external HTTP/HTTPS request reach a container within a Pod in a Kubernetes cluster?”
5. “Making SRE Workflows Smoother with AI Helpers: Using Ollama, OpenWebUI, and k8sGPT” by Krishnadas N S.
“With Ollama, OpenWebUI, and K8sGPT, you can use AI-powered models to automate initial debugging and reporting steps, streamlining incident response and giving deeper insights into your cluster. [..] For Site Reliability Engineers (SREs), this integrated solution provides an initial overview of their Kubernetes cluster. Meanwhile, our locally hosted AI-powered chatbot assists in safeguarding sensitive information, helping SREs focus on generating reports and composing emails without worrying about data protection.”
#articles
👍2
The Certified Kubernetes Administrator (CKA) exam will change starting November 25, 2024.
The new program will include Gateway API, Helm and Kustomize, dynamic volume provisioning, CRDs and operators. You can find more information in this announcement and a good, detailed analysis made by Techiescamp.
#news #career
The new program will include Gateway API, Helm and Kustomize, dynamic volume provisioning, CRDs and operators. You can find more information in this announcement and a good, detailed analysis made by Techiescamp.
#news #career
👍4❤2
A new tool is announced for those who use Falco to detect suspicious events and lack a convenient way of reacting to them: Falco Talon.
Thomas Labarussias, the author of Falcosidekick, calls his new project a missing piece for Falco users. Falco Talon is a response engine for managing threats in Kubernetes clusters. It provides you with a simple, no-code solution to react to events from Falco by creating simple rules in YAML. Its features available with the first GA release (v0.1.0) include:
- Numerous ready-to-use actions to perform (
- Writing artifacts resulting from actions to local files, AWS S3, or MinIO S3;
- Various notifiers to forward action results, including Kubernetes events, Loki, Slack, webhooks, etc.;
- Structured logs, metrics (Prometheus and OTEL formats), and OTEL traces.
▶️ GitHub repo
📢 Project announcement
#tools #security #news
Thomas Labarussias, the author of Falcosidekick, calls his new project a missing piece for Falco users. Falco Talon is a response engine for managing threats in Kubernetes clusters. It provides you with a simple, no-code solution to react to events from Falco by creating simple rules in YAML. Its features available with the first GA release (v0.1.0) include:
- Numerous ready-to-use actions to perform (
actionners), such as kubernetes:exec, kubernetes:log, aws:lambda, cilium:networkpolicy, and more;- Writing artifacts resulting from actions to local files, AWS S3, or MinIO S3;
- Various notifiers to forward action results, including Kubernetes events, Loki, Slack, webhooks, etc.;
- Structured logs, metrics (Prometheus and OTEL formats), and OTEL traces.
▶️ GitHub repo
📢 Project announcement
#tools #security #news
❤3👍2
Last week, SimKube v1.0 was released. This project leverages KWOK (Kubernetes WithOut Kubelet) to simulate Kubernetes scheduling and autoscaling behaviour.
Announcing this release, its author, David R. Morrison, provides an example of using SimKube to compare how autoscaling works in Kubernetes Cluster Autoscaler vs. Karpenter. To run a simulation with SimKube, you need to collect a trace from your production cluster and create virtual K8s nodes (managed by KWOK) with fake Pods. SimKube also features:
- Autoscaling support (with Kubernetes Cluster Autoscaler or Karpenter);
- Collecting metrics from your simulations;
- Exporting traces to Amazon S3, Google Cloud Storage, and Azure Storage;
- Hooks to run arbitrary scripts at different points.
▶️ GitHub repo
📢 v1.0 announcement
UPDATE (September 19th): the second part of the SimKube 1.0 announcement was published. It covers running the simulations to compare Kubernetes Cluster Autoscaler & Karpenter.
#tools #news
Announcing this release, its author, David R. Morrison, provides an example of using SimKube to compare how autoscaling works in Kubernetes Cluster Autoscaler vs. Karpenter. To run a simulation with SimKube, you need to collect a trace from your production cluster and create virtual K8s nodes (managed by KWOK) with fake Pods. SimKube also features:
- Autoscaling support (with Kubernetes Cluster Autoscaler or Karpenter);
- Collecting metrics from your simulations;
- Exporting traces to Amazon S3, Google Cloud Storage, and Azure Storage;
- Hooks to run arbitrary scripts at different points.
▶️ GitHub repo
📢 v1.0 announcement
UPDATE (September 19th): the second part of the SimKube 1.0 announcement was published. It covers running the simulations to compare Kubernetes Cluster Autoscaler & Karpenter.
#tools #news
Here comes our newest digest of the prominent software updates in the Cloud Native ecosystem!
Release Spotlight: minikube v1.34.0
minikube is an official Kubernetes tool for running clusters locally. This week, its v1.34.0 was released, bringing numerous new features and enhancements. They include switching to Kubernetes 1.31.0 as the default version, a new
minikube now also supports running x86 QEMU on ARM64, multi-arch support in the
Other noticeable updates in the Cloud Native space:
1. Karmada, a Kubernetes management system for multi-cloud and multi-cluster orchestration (CNCF Incubating project), released its v1.11.0 with significantly improved
2. Kubespray v2.26.0 switched to installing Kubernetes v1.30.4 by default. It also got support to disable kernel
3. Trivy, a security scanner from Aqua Security, was updated to v0.55.0. It introduced abilities to customize detection sensitivity (the
4. Gardener, a framework for automated management and operation of Kubernetes clusters as a service, released its v1.103.0. It got a new
5. Chainsaw, a tool providing a declarative approach to testing Kubernetes operators and controllers, received numerous new features with its recent v0.2.9. They include server-side validation for resources, support for Kubernetes 1.31 and templating filenames used in operations, improved logging, and more.
6. Kong Gateway announced its v3.8.0 release with full support for OpenTelemetry, incremental configuration sync (in a tech preview), and several new plugins (json-threat-protection, upstream-oauth, header-cert-auth).
#news #releases
Release Spotlight: minikube v1.34.0
minikube is an official Kubernetes tool for running clusters locally. This week, its v1.34.0 was released, bringing numerous new features and enhancements. They include switching to Kubernetes 1.31.0 as the default version, a new
vfkit driver for macOS (based on a new virtualization framework from macOS 11), and a new addon for Volcano (a Cloud Native batch system).minikube now also supports running x86 QEMU on ARM64, multi-arch support in the
ingress-dns addon, darwin/arm64 support in the Parallels driver, and privileged ports on WSL. The addon images command got the -o json option; --driver and --container-runtime options got their shorthands (-d and -c, respectively).Other noticeable updates in the Cloud Native space:
1. Karmada, a Kubernetes management system for multi-cloud and multi-cluster orchestration (CNCF Incubating project), released its v1.11.0 with significantly improved
karmadactl capabilities, including a dozen of new commands (create, patch, label, etc.), the --operation-scope flag, and more detailed output. Other new features include a cluster-level ability to pause and resume resource propagation, standardised generation semantics for multi-cluster workloads, and a custom CRD download strategy in Karmada Operator.2. Kubespray v2.26.0 switched to installing Kubernetes v1.30.4 by default. It also got support to disable kernel
unattended-upgrades on Ubuntu, added the options to configure dependencies for kubelet.service and log levels for various components, deprecated support for CentOS 7 and dropped support for Debian 10.3. Trivy, a security scanner from Aqua Security, was updated to v0.55.0. It introduced abilities to customize detection sensitivity (the
--detection-priority flag) and scan generic YAML and JSON files for misconfigurations, the test scope for pom.xml files, and several improvements for Terraform.4. Gardener, a framework for automated management and operation of Kubernetes clusters as a service, released its v1.103.0. It got a new
NamespacedCloudProfile controller, metrics exposing the Garden resource's condition and last operation, an ability to deploy admission controllers for virtual-garden via gardener-operator, and a dummy admission controller for the provider-local extension.5. Chainsaw, a tool providing a declarative approach to testing Kubernetes operators and controllers, received numerous new features with its recent v0.2.9. They include server-side validation for resources, support for Kubernetes 1.31 and templating filenames used in operations, improved logging, and more.
6. Kong Gateway announced its v3.8.0 release with full support for OpenTelemetry, incremental configuration sync (in a tech preview), and several new plugins (json-threat-protection, upstream-oauth, header-cert-auth).
#news #releases
👍4