Kubernetes Bytes

In this episode, Ryan and Bhavin talk to Christoph Hartmann - the CTO and co-founder of Mondoo about all things Kubernetes Security. The discussion starts by talking about Kubernetes Security Posture Management (KSPM) and then dives into Software Bill Of Materials (SBOM) and SBOM Attestation. They also talk about the open-source project "cnspec" and how it can help organizations scan their entire infrastructure, including VMs, containers, container registries, code repositories, etc for vulnerabilities.  News: https://www.weave.works/blog/weaveworks-donates-project-kured-to-the-cncf https://sysdig.com/blog/top-15-kubectl-plugins-for-security-engineers/ https://techcrunch.com/2023/01/25/dell-has-acquired-cloud-orchestration-startup-cloudify-sources-tell-us-for-around-100m/ https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/cncf-hosted-co-located-events/about/ https://techcrunch.com/2023/01/26/mirantis-acquires-shipa/ https://www.harness.io/blog/harness-acquires-propelo Show Links: 1. cnspec Project Pagehttps://cnspec.io 2. cnspec on Github: https://github.com/mondoohq/cnspec 3. Hacking Kubernetes https://www.youtube.com/watch?v=9onasWkaeuE&t=3s 4. Mondoo https://mondoo.com/

In the first episode of season 3, Ryan and Bhavin talk to Michael Guarino - the CTO of plural.sh about how plural helps users deploy applications on Kubernetes easily. They discuss the challenges associated with deploying applications consistently across different Kubernetes distributions, and talk about how Plural provides a unified solution that auto-generates Kubernetes manifests, HELM charts, and Terraform files and follows GitOps principles to deploy applications across Amazon EKS, Azure AKS, and Google GKE.  News:  Kubernetes v1.26: Alpha support for cross-namespace storage data sources Best of 2022: 8 CNCF Projects for Cloud-Native Persistent Storage: https://containerjournal.com/features/8-cncf-projects-for-cloud-native-persistent-storage/ Best distributes file/block for k8s - Reddit 2023 thread - https://www.reddit.com/r/kubernetes/comments/100wdrq/best_distributed_fileblock_storage_for_kubernetes JuiceFS https://juicefs.com/docs/cloud/use_juicefs_in_kubernetes. Chronosphere funding round - https://chronosphere.io/learn/115m-series-c-funding-chronospheres/ Show Links: 1,  https://www.plural.sh/ 2. https://app.plural.sh/ 3. https://github.com/pluralsh/plural 4. https://docs.plural.sh/

In this last episode of Kubernetes Bytes Season 2, Bhavin Shah and Ryan Wallner dive into Service Mesh. You will learn all about the benefits of Service Mesh, how it helps reduce overhead for developers, the different deployment models (sidecar and Ambient Mesh), and the challenges and benefits for each. News: Trilio raises $17M - https://trilio.io/resources/funding-and-executive-update Snyk raises $196.5M at $7.4B valuation - https://snyk.io/news/snyk-closes-196-5-million-series-g-funding-at-7-4-billion-valuation/ Blocks and Files - Kubernetes Storage Tests Update -  https://blocksandfiles.com/2022/12/15/ondat-beats-pures-portworx-in-container-storage-tests/ Links / Background: https://www.techtarget.com/searchitoperations/definition/service-mesh https://www.redhat.com/en/topics/microservices/what-is-a-service-mesh https://linkerd.io/what-is-a-service-mesh/ https://kublr.com/blog/implementing-a-service-mesh-with-istio-to-simplify-microservices-communication/ https://www.oreilly.com/library/view/istio-ambient-explained/9781098142698/ch01.html https://istio.io/latest/blog/2022/introducing-ambient-mesh https://youtu.be/6zDrLvpfCK4 https://youtu.be/16fgzklcF7Y

In this episode of Kubernetes Bytes, Ryan and Bhavin talk Cesar Saavedra of Gitlab about the importance of GitOps, DevSecOps and more with Kubernetes. They also cover what Gitlab has to offer in this particular space and what new features they have been working on. EKS/Container Marketplace as EKS add-ons https://aws.amazon.com/blogs/aws/new-aws-marketplace-for-containers-now-supports-direct-deployment-to-amazon-eks-clusters/ New – Announcing Amazon EFS Elastic Throughput This new throughput mode is designed to provide your applications with as much throughput as they need with pay-as-you-use pricing.  Trivy now scans Amazon Machine Images (AMIs) - https://blog.aquasec.com/trivy-now-scans-amazon-machine-images-amis multicloud with crunchy postgres https://www.crunchydata.com/blog/multi-cloud-strategies-with-crunchy-postgres-for-kubernetes Get ready for 1.26 https://www.armosec.io/blog/kubernetes-1-26-everything-you-should-know/ Get ready for 1.26 (diff vendor) https://sysdig.com/blog/kubernetes-1-26-whats-new/ Argo has graduated - Dec 6 -  https://www.cncf.io/announcements/2022/12/06/the-cloud-native-computing-foundation-announces-argo-has-graduated/ Flux graduates from CNCF incubator - Nov 30 https://www.cncf.io/announcements/2022/11/30/flux-graduates-from-cncf-incubator/ GITLAB INFO https://docs.gitlab.com/ @cesar_saavedr GitLab Learn GitLab Blog GitLab Docs GitLab Snapshots (YouTube videos)

In this episode, Ryan and Bhavin interview Alexander Mattoni - Co-founder and Head of Engineering at Cycle.io about When to use and When to not use Kubernetes. The discussion focuses on the challenges associated with Kubernetes adoption - On Day 0 and Day 2, and what are other alternatives available to organizations that are just looking to run their applications easily. We talk about how Cycle.io can help organizations build a simplified infrastructure stack to run their applications. Have a listen and let us know what you think about Kubernetes.  Also, send us your 3-4 mins clips about your experience with Kubernetes - to be shared on future episodes  Show Notes:  Alexander Mattoni - https://twitter.com/alexmattoni Cycle.io - https://cycle.io/ News:  AWS Controllers for Kubernetes - ACK for Amazon EC2 https://aws.amazon.com/about-aws/whats-new/2022/11/aws-controllers-kubernetes-ack-elastic-compute-cloud-ec2-generally-available/ Removal of GlusterFS in 1.26 - https://kubernetes.io/blog/2022/11/18/upcoming-changes-in-kubernetes-1-26/ Two possible data inconsistency issues in etcd v3.4.[20-21] and v3.5 - https://groups.google.com/a/kubernetes.io/g/dev/c/sEVopPxKPDo?pli=1 Kubecon NA 2022 recordings - https://youtube.com/playlist?list=PLj6h78yzYM2O5aNpRM71NQyx3WUe1xpTn Kubernetes Bytes season 1 on youtube - https://youtube.com/playlist?list=PLCOmEAve4xr2lbCd6sPXMRf6XcZeWuaJ5 Kubernetes Bytes at Data On Kubernetes Day - Kubecon NA - https://youtu.be/q_K8Ma9LxWA Cloud Native Security Con NA - Feb1-2 https://events.linuxfoundation.org/cloudnativesecuritycon-north-america/ TiKV is an open-source, distributed, and transactional key-value database - evolutions of TiKV https://community.cncf.io/events/details/cncf-cncf-online-programs-presents-cncf-on-demand-webinar-the-evolution-of-tikv Backup and Restore using alpha k8s checkpointing feature - https://martinheinz.dev/blog/85 | https://kubernetes.io/docs/reference/node/kubelet-checkpoint-api/

In this episode of Kubernetes Bytes, Jonathan Phillips & Sean Pomeroy from Kubecost join us to talk about understanding the cost of Kubernetes clusters. Kubernetes and the pods that run within the cluster are a large part of the cost story but it doesn't end there, networking, object storage, egress and more are part of the pull optimization story when it comes to cost. Hear what Jonathon and Sean have to say about cost, Kubernetes and what Kubecost can help you achieve. News Articles https://bit.ly/kubecost-showlinks  Kubecost Links https://www.kubecost.com/ https://www.kubecost.com/install https://github.com/kubecost https://github.com/opencost/opencost https://blog.kubecost.com/tags/#case-study

In this part - 2 episode of Kubernetes Bytes - live from Detroit during the Kubecon + CloudNativeCon North America 2022, Ryan Wallner and Bhavin Shah talk to guests on the show floor and learn more about what's new at Kubecon, what are their thoughts on Day 0 events, Keynotes, etc, and also share some things to do in Detroit. They talk to Brad Ascar - Principal Product Manager at Redis, Ben A - Developer Relations at Teleport, Sean Carolan - Director of Sales Engineering at Instruqt, Scott Lowe - Developer Relations at Pulumi.  Show Notes: Redis Active - Active Databases on Kubernetes What's new with Pulumi + Kubernetes Oct 2022 Teleport at Kubecon 2022 Buddy's Pizza - Detroit Happy's Pizza - Detroit Instruqt

In this part - 1 episode of Kubernetes Bytes - live from Detroit during the Kubecon + CloudNativeCon North America 2022, Ryan Wallner and Bhavin Shah talk to guests on the show floor and learn more about what's new at Kubecon, what are their thoughts on Day 0 events, Keynotes, etc, and also share some things to do in Detroit. They talk to Peter Zaitsev - Founder of Percona, Gabriele Bartolini - VP of Cloud Native at EDB, Tim Banks - Lead Developer Advocate at Dell Technologies and Stephen Rust - Principal Software Engineer at Akamai.  Show Notes:  Percona Kubernetes Operators PostgreSQL 15 CloudNativePG Linode Kubernetes Engine  Linode Careers

In this episode of Kubernetes Bytes, Bhavin and Ryan talk with Vishnu Korde, CEO and Chief Architect of StackOS. The hosts explore the topic of "DeCloud" or decentralized cloud which aims to create anonymity through the use of cross-chain open protocols allowing individuals and organizations to create a decentralized computing layer for the internet allowing teams to bypass traditional infrastructure management and cloud compute silos. Learn how Vishnu's company StackOS is tackling this problem and how they are using Kubernetes as a orchestration layer to provide application deployment into this DeCloud. Cloud Native Data News of the Week Security Slam CNCF :https://community.cncf.io/events/details/cncf-cloud-native-security-slam-presents-security-slam-presented-by-cncf-sonatype-maintainer-sign-up IBM Doubles down   5 Years of Postgres on K8s Lucidity Introduces Autonomous Storage Orchestration Solution The Global Cloud Native Storage Market size is expected to reach $41.9 billion by 2028, rising at a market growth of 22.3% CAGR during the forecast period : CAGR - https://www.gartner.com/en/information-technology/glossary/cagr-compound-annual-growth-rate Kafka 3.3 : https://blogs.apache.org/kafka/entry/what-rsquo-s-new-in  Hosted Control Plane - https://thenewstack.io/hosted-control-planes-bring-extra-power-and-more-cost-control/  InfluxDB Cloud and Telegraf with K3s - https://thenewstack.io/how-to-monitor-kubernetes-k3s-using-telegraf-and-influxdb-cloud/  StackOS Links https://docs.stackos.io/stackos-docs https://www.stackos.io/ litepaper:  https://docsend.com/view/wq7qxzjk7zsd3wph docs:  https://docs.stackos.io/stackos-docs/ Youtube channel:  https://www.youtube.com/c/StackOS/videos discord link:  https://discord.gg/g2uxZdkNH8 telegram link:  https://t.me/StackOS app:  https://app.stackos.io/

In this Episode of Kubernetes Bytes, Ryan and Bhavin talk about upcoming conferences and dig into the world of Kuberentes Security. Bhavin and Ryan talk about  and dig into the various aspects of the 4C's of Cloud Native Security (Code, Container, Cluster and Cloud). Bhavin and Ryan dig in a foot deep from everything from encryption at rest, network policies, linux seccomp, software SBOM and ransomeware. This episode had so many good resources in the show notes, we decided to create a community resource for everyone. Please see the below public google doc with all show notes, links and more. Feel free to comment and engage! Cloud Native Security 101 Resource Community Document