Kubernetes Icon

Kubernetes

Kubernetes is an open source system for automating deployment, scaling, and management of containerized applications.
85 Stories
All Topics

Patrick DeVivo Medium

Looking at Kubernetes’ 2k+ TODO comments

Patrick DeVivo pointed tickgit at Kubernetes’ source code and discovered that the team has a lot TODO…

  • 2,380 TODOs across 1,230 files from 363 distinct authors
  • 489 TODOs were added in 2019 so far
  • 860 days (or 2.3 years) is the average age of a TODO

That’s just a taste of what they found. The article has more info and some analysis to boot.

Kubernetes github.com

A chaos engineering platform for Kubernetes

Chaos Mesh is a cloud-native Chaos Engineering platform that orchestrates chaos on Kubernetes environments. At the current stage, it has the following components:

  • Chaos Operator: the core component for chaos orchestration. Fully open sourced.
  • Chaos Dashboard: a visualized panel that shows the impacts of chaos experiments on the online services of the system; under development; curently only supports chaos experiments on TiDB(https://github.com/pingcap/tidb).

For the uninitiated, chaos engineering is when you unleash havoc on your system to prove out its resiliency (or lack thereof).

A chaos engineering platform for Kubernetes

The Changelog The Changelog #375

Gerhard goes to KubeCon (part 2)

Gerhard is back for part two of our interviews at KubeCon 2019. Join him as he goes deep on Prometheus with Björn Rabenstein, Ben Kochie, and Frederic Branczyk… Grafana with Tom Wilkie and Ed Welch… and Crossplane with Jared Watts, Marques Johansson, and Dan Mangum.

Don’t miss part one with Bryan Liles, Priyanka Sharma, Natasha Woods, & Alexis Richardson.

The Changelog The Changelog #374

Gerhard goes to KubeCon (part 1)

Changelog’s resident infrastructure expert Gerhard Lazu is on location at KubeCon 2019. This is part one of a two-part series from the world’s largest open source conference. In this episode you’ll hear from event co-chair Bryan Liles, Priyanka Sharma and Natasha Woods from GitLab, and Alexis Richardson from Weaveworks.

Stay tuned for part two’s deep dives in to Prometheus, Grafana, and Crossplane.

Alberto Marchetti Medium

Get notified when your k8s cron jobs fail

Alberto Marchetti:

What do you do when you have CronJobs running in your Kubernetes cluster and want to know when a job fails? Do you manually check the execution status? Painful. Or do you perhaps rely on roundabout Prometheus queries, adding unnecessary overhead? Not ideal… But worry not! Instead, let me suggest a way to immediately receive notifications when jobs fail to execute, using two nifty tools…

Kubernetes learnk8s.io

Kubernetes production best practices checklist

How do you know if your Kubernetes cluster is production-ready?

If you’re a beginner, it’s hard to tell what you’re missing. The subject is soo vast and it’s easy to lose sight on what’s the right path to production.

And even if you’re an expert, remembering all networking, storage, cluster, and application development best practices is impossible. There are so many.

Here is a curated a list of best practices for Kubernetes that helps you drive your roadmap to production.

Check things off the list and keep track as you go. âś…

Go Time Go Time #105

Kubernetes and Cloud Native

Johnny and Mat are joined by Kris Nova and Joe Beda to talk about Kubernetes and Cloud Native. They discuss the rise of “Cloud Native” applications as facilitated by Kubernetes, good places to use Kubernetes, the challenges faced running such a big open source project, Kubernetes’ extensibility, and how Kubernetes fits into the larger Cloud Native world.

Kubernetes learnk8s.io

How do you rollback deployments in Kubernetes?

You should have a plan to roll back releases that aren’t fit for production. In Kubernetes, rolling updates are the default strategy to release software.

In a nutshell, you deploy a newer version of your app and Kubernetes makes sure that the rollout happens without disrupting the live traffic. However, even if you use techniques such as Rolling updates, there’s still risk that your application doesn’t work the way you expect it at the end of the deployment.

Kubernetes has a built-in mechanism for rollbacks. Learn how it works in this article.

Aymen github.com

A Gentle introduction to Kubernetes with more than just the basics

In this workshop, we’re going to:

  1. Deploy Kubernetes services and an Ambassador API gateway.
  2. Examine the difference between Kubernetes proxies and service mesh like Istio.
  3. Access the Kubernetes API from the outside and from a Pod.
  4. Understand what API to choose.
  5. See how Service Accounts and RBAC works
  6. Discover some security pitfalls when building Docker images and many interesting things.
  7. Other things :-)

Jef Spaleta blog.sensu.io

How Kubernetes works

If you’ve ever wondered why exactly Kubernetes is a thing OR wondered what the root problem is that Kubernetes solves, then this post from Jef Spaleta is for you.

For organizations that operate at a massive scale, a single Linux container instance isn’t enough to satisfy all of their applications’ needs. It’s not uncommon for sufficiently complex applications, such as ones that communicate through microservices, to require multiple Linux containers that communicate with each other. That architecture introduces a new scaling problem: how do you manage all those individual containers?

…Enter Kubernetes, a container orchestration system — a way to manage the lifecycle of containerized applications across an entire fleet.

CNCF Icon CNCF

Open sourcing the Kubernetes security audit

The CNFC has been funding security audits of projects since last year. With CoreDNS, Envoy, and Prometheus taken care of, Kubernetes itself recently received the treatment.

The assessment yielded a significant amount of knowledge pertaining to the operation and internals of a Kubernetes cluster. Findings and supporting documentation from the assessment has been made available today, and can be found here.

If you don’t want the full report, the linked announcement lists some of the major takeaways.

Jessie Frazelle blog.jessfraz.com

The business executive's guide to Kubernetes

This isn’t just for business executives. It’s good knowledge to have for anyone who has heard the hype around K8S but never any of the potential problems:

This post will cover some hard truths of Kubernetes and what it means for your organization and business. You might have heard the term “Kubernetes” and you might have been led to believe that this will solve all the infrastructure pain for your organization. There is some truth to that, which will not be the focus of this post. To get to the state of enlightenment with Kubernetes, you need to first go through some hard challenges. Let’s dive in to some of these hard truths.

Kubernetes github.com

Virtual Kubernetes

A proof-of-concept virtual Kubernetes control plane that lets you take one physical Kubernetes cluster and chop it up in to smaller virtual clusters. The benefits of doing this are:

  1. Better security/multitenancy
  2. Better separation of concerns between infra and custom controllers (operators)
  3. Ability to package complex k8s based applications

Henning Jacobs github.com

Kubernetes failure/horror stories

Learn from other people’s fail stories. This is a compiled list of public Kubernetes failure stories. Why?

Kubernetes is a fairly complex system with many moving parts. Its ecosystem is constantly evolving and adding even more layers (service mesh, …) to the mix. Considering this environment, we don’t hear enough real-world horror stories to learn from each other! This compilation of failure stories should make it easier for people dealing with Kubernetes operations (SRE, Ops, platform/infrastructure teams) to learn from others and reduce the unknown unknowns of running Kubernetes in production. For more information, see the blog post.

Kubernetes github.com

Ensure your Kubernetes clusters are using best practices âś…

Polaris helps keep your cluster healthy. It runs a variety of checks to ensure that Kubernetes deployments are configured using best practices that will avoid potential problems in the future.

Provides a dashboard with an overview of how your clusters are doing as well as an experimental “validating webhook” that can stop future deployments that don’t live up to the standards.

Ensure your Kubernetes clusters are using best practices âś…

Ev Kontsevoy gravitational.com

Rolling your own servers with Kubernetes (goodbye AWS)

Why Kubernetes? Should you roll your own servers? Should you go off the cloud?

If you’ve listened to The Changelog #344 — where we cover the details of Changelog.com’s 2019 infrastructure with special guest Gerhard Lazu — then you’ll know the answer to these questions. But if not, as you might assume, I recommend listening to that episode and reading this post from Ev, in that order.

In this three-part blog series, we’ll try to address some of the fears and uncertainties faced by organizations who had successfully started their projects on public clouds, like AWS, but for one reason or another found themselves needing to replicate their cloud environment from scratch, starting with an empty rack in their own enterprise server room or a colocation facility.

The Changelog The Changelog #344

Inside the 2019 infrastructure for Changelog.com

We’re talking with Gerhard Lazu, our resident ops and infrastructure expert, about the setup we’ve rolled out for 2019. Late 2016 we relaunched Changelog.com as a new Phoenix/Elixir application and that included a brand new infrastructure and deployment process. 2019’s infrastructure update includes Linode, CoreOS, Docker, CircleCI, Rollbar, Fastly, Netdata, and more — and we talk through all the details on this show.

This show is also an open invite to you and the rest of the community to join us in Slack and learn and contribute to Changelog.com. Head to changelog.com/community to get started.

Fernand Galiana github.com

Popeye - a Kubernetes cluster sanitizer

Popeye is a utility that cruises Kubernetes cluster resources and reports potential issues with your deployment manifests and configurations. By scanning your clusters, it detects misconfigurations and ensure best practices are in place thus preventing potential future headaches.

This is a read-only tool, which means it’s pretty safe to kick the tires. For the back story, check out Fernand’s announcement post.

The Changelog The Changelog #343

Running functions anywhere with OpenFaaS

We’re talking with Alex Ellis, the founder of OpenFaaS — serverless functions made simple for Docker and Kubernetes. We talked about the back story and details of OpenFaaS, “the curious case of serverless on Kubernetes,” the landscape of open source serverless platforms, how Alex is leading and building this community, getting involved, and maintainership vs leadership.

Matthias Endler matthias-endler.de

Maybe you don't need Kubernetes

There’s another gorilla to consider for container orchestration.

Kubernetes is the 800-pound gorilla of container orchestration. It powers some of the biggest deployments worldwide, but it comes with a price tag.

Especially for smaller teams, it can be time-consuming to maintain and has a steep learning curve. For what our team of four wanted to achieve at trivago, it added too much overhead. So we looked into alternatives — and fell in love with Nomad.

From the Nomad website:

HashiCorp Nomad is a single binary that schedules applications and services on Linux, Windows, and Mac. It is an open source scheduler that uses a declarative job file for scheduling virtualized, containerized, and standalone applications.

Anyone from the community with experience using Nomad? Let us know in the discussion below.

Omer Levi Hevroni blog.solutotlv.com

Can Kubernetes keep a secret?

Omer Levi Hevroni:

When we made the shift to Kubernetes, we wanted to keep our devs independent and put a lot of effort into allowing them to create services rapidly. It all worked like a charm – until they had to handle credentials…

The solution they came up with is called Kamus, which is:

an open source, GitOps, zero trust, secrets solution for Kubernetes applications. Kamus allows you to seamlessly encrypt secret values and commit them to source control

Jump over to the article for more on Kubernetes built-in secrets, an overview of some other alternatives, and a deep-dive on how Kamus works.

0:00 / 0:00