The weekly newsletters for all things Kubernetes.

KubeWeekly is curated by Bob Killen, Chris Short, Craig Box, Kim McMahon and Michael Hausenblas

Interested in submitting an article? Send it to us at kubeweekly@cncf.io

Current Edition






KubeWeekly #222: June 26, 2020

The Headlines

Editor’s pick of the highlights from the past week. 

Congratulations, Harbor on CNCF Graduation!

This week, CNCF announced that the Harbor project has reached graduated status. The project is the eleventh to graduate. To move from the maturity level of incubation to graduation Harbor has demonstrated growing adoption, an open governance process, feature maturity, and a strong commitment to community, sustainability, and inclusivity.

Harbor is an open-source registry that secures artifacts with policies and role-based access control, ensures images are scanned and free from vulnerabilities, and signs images as trusted. We encourage you to learn more about the project and this exciting milestone here.

SPIFFE/SPIRE move to CNCF Incubation-level hosted projects

In other project news this week, SPIFFE/SPIRE is now an Incubation-level hosted project. The SPIFFE (Secure Production Identity Framework For Everyone) specification defines a standard to authenticate software services in cloud native environments through the use of platform-agnostic, cryptographic identities. SPIRE (the SPIFFE Runtime Environment) is the code that implements the SPIFFE specification on a wide variety of platforms and enforces multi-factor attestation for the issuance of identities. In practice, this reduces the reliance on hard-coded secrets when authenticating application services. 

Joining CNCF incubation-level projects like OpenTracing, gRPC, CNI, Notary, NATS, Linkerd, Rook, etcd, OPA, CRI-O, TiKV, CloudEvents, Falco, Argo, and Dragonfly, SPIFFE and SPIRE are part of a neutral foundation aligned with its technical interests, as well as the larger Linux Foundation, which provides governance, marketing support, and community outreach. 

To learn more about SPIFFE/SPIRE, visit spiffe.io.
 

ICYMI: CNCF Webinars 

Weekly recap of CNCF project, SIG, Ambassador, and member webinars that you might have missed.

You can view all CNCF recorded and upcoming webinars here.

CNCF Member Webinar: Fast packet processing with KubeVirt
David Vossel, Principal Software Engineer and @RedHat Petr Horacek, Senior Software Engineer @Red Hat

CNCF Member Webinar: Kubernetes Cost Allocation Done Right
Webb Brown, Co-founder and CEO @Kubecost and Ajay Tripathy, CTO @Kubecost

CNCF Member Webinar: Cloud Infrastructure for Network Functions – Requirements and testing
Dana Nehama, Director, Product Management Network Cloud @Intel Corporation and Petar Torre, Principal Engineer @Intel Corporation

CNCF Member Webinar: Introduction to Cloud Provider Sub Sig BaiduCloud // 介绍SIG Cloud Provider子项目BaiduCloud
Ti Zhou 周倜, Senior Architect 高级架构师 @Baidu 百度 Zichao Ye 叶子超, Senior Software Engineer 高级软件工程师 @Baidu and 百度 Tianyuan Sun 孙天元, Senior Software Engineer 高级软件工程师 @Baidu 百度

CNCF Member Webinar: Monitoring Kubernetes clusters by “chatting” with them
Prasad Ghangal, Creator of BotKube and Software geek @InfraCloud
Vishal Biyani, CTO @InfraCloud and Hrishikesh Deodhar, Director of Engineering @InfraCloud



The Technical

Tutorials, tools, and more that take you on a deep dive into the code. 

Exploiting an Envoy heap vulnerability
Harvey Tuch, Google

Deploying Istio with restricted Pod Security Policies
Laszlo Bence Nagy, Banzai Cloud

Cross-Cluster Traffic Mirroring with Istio
Mert Acikportali, Trivago

Manage your Kubernetes cluster with Lens
Chris Collins, Red Hat

The Editorial

Articles, announcements, and morethatgive you a high-level overview of challenges and features. 

Kubermatic, with Sebastian Scheele
Adam Glick and Craig Box, Kubernetes Podcast from Google

Bayer Crop Science seeds the future with 15000-node GKE clusters
Rob Long and Maciek Różacki, Google Cloud

Tsunami: An extensible network scanning engine for detecting high severity vulnerabilities with high confidence
Guoli Ma, Claudio Criscione and Sebastian Lekies, Google Open Source

Kubernetes: 4 ways to save IT budget with automation
Kevin Casey, Red Hat

Architecting Kubernetes clusters — choosing a cluster size
Daniel Weibel, ITNEXT

Service Mesh Comparison: Istio vs Linkerd
Infracloud
 



Upcoming CNCF webinars

Ambassador Webinar: Commoditise Kubernetes with cluster-api
Gianluca Arbezzano, Senior Staff Software Engineer @Packet
June 26, 2020 10:00 AM Pacific Time 

REGISTER NOW »

Member Webinar: Best Practices for Running and Implementing Kubernetes
Kendall Miller, President @Fairwinds
Robert Brenna, Director of Open Source @Fairwinds
June 30, 2020 10:00 AM Pacific Time 

REGISTER NOW »

Member Webinar: 7 Critical Reasons for Kubernetes-Native Backup
Deepika Dixit, Member of Technical Staff @Kasten
Mark Severson, Member of Technical Staff @Kasten

July 1, 2020 7:00 AM Pacific Time 

REGISTER NOW »

Member Webinar: Pivoting Your Pipeline from Legacy to Cloud Native 
Tracy Ragan, CEO @DeployHub and CDF Board Member
Nathan Martin, CEO @Sagecore Technologies

July 1, 2020 1:00 PM Pacific Time 

REGISTER NOW »

Member Webinar: Stay on top of ongoing Kubernetes security hygiene
Zohar Kaufman, Co-Founder and VP R&D @Portshift.io
Ariel Shuper, VP Product @Portshift.io

July 2, 2020 10:00 AM Pacific Time 

REGISTER NOW »

Member Webinar: Optimize your Kubernetes Clusters on Azure with Built-in Best Practices
Jorge Palma, Senior Program Manager @Microsoft
July 7, 2020 10:00 AM Pacific Time 

REGISTER NOW »

Member Webinar: The Challenges and Countermeasures of Service Mesh Practice
裴斐 (Fei Pei), 网易 杭州研究院 云计算技术专家、架构师 @网易
This webinar will be delivered in Chinese.
July 8, 2020 10:00 AM China Standard Time 

REGISTER NOW »

Project Webinar: What’s new in Linkerd 2.8 : Multi-cluster Kubernetes made simple and secure by default
Oliver Gould, Linkerd Project Lead, co-founder & CTO @Buoyant
July 8, 2020 10:00 AM Pacific Time 

REGISTER NOW »

Member Webinar: Building Production-ready Services with Kubernetes and Serverless Architectures
Mike Metral, Software Architect and Engineer @Pulumi
Jason (Jay) Smith, App Modernization Specialist @Google Cloud

July 8, 2020 1:00 PM Pacific Time 

REGISTER NOW »

Member Webinar: 如何落地 Service Mesh – 从技术选型到实践
马若飞 FreeWheel 北京研发中心首席工程师 @FreeWheel
This webinar will be delivered in Chinese.
July 9, 2020 10:00 AM China Standard Time

REGISTER NOW »

Member Webinar: The top 10 most-useful Kubernetes APIs for comprehensive cloud-native observability
Caleb Hailey, Co-founder and CEO @Sensu
July 9, 2020 10:00 AM Pacific Time

REGISTER NOW »

Member Webinar: Securing and Accelerating the Kubernetes CNI Data Plane with Project Antrea and NVIDIA Mellanox ConnectX SmartNICs
Antonin Bas, Maintainer of Project Antrea and Staff Engineer @VMware
Moshe Levi, Sr. Staff Engineer @NVIDIA

July 14, 2020 10:00 AM Pacific Time

REGISTER NOW »

Member Webinar: Serving Millions of Customers with Cloud Native and DevSecOps
Chris Hollies, CTO, Oracle Practice @Capgemini
Akshai Parthasarathy, Principal Director, Cloud Native and DevOps @Oracle Cloud
July 15, 2020 7:00 AM Pacific Time

REGISTER NOW »

Member Webinar: Advancing image security and compliance through Container Image Encryption!
Brandon Lum, Senior Software Engineer @IBM
July 15, 2020 10:00 AM Pacific Time

REGISTER NOW »

Member Webinar: Kubernetes and storage. Kubernetes for storage. An overview.
Kiran Mova, Chief Architect at MayaData and core maintainer of OpenEBS @MayaData
July 16, 2020 10:00 AM Pacific Time

REGISTER NOW »

Member Webinar: Kubernetes Security Anatomy and the Recently Disclosed CVEs
Gadi Naor, CTO & Co-Founder @Alcide
July 21, 2020 10:00 AM Pacific Time

REGISTER NOW »

Member Webinar: Implementing Canary Releases on Kubernetes w/ Spinnaker, Istio, and Prometheus
Oleg Chunikhin, CTO @Kublr
July 22, 2020 1:00 PM Pacific Time

REGISTER NOW »

Member Webinar: Observability of multi-party computation with OpenTelemetry
Antoine Toulme, Engineering Manager @Splunk
Dave McAllister, Sr. Technical Evangelist @Splunk

July 23, 2020 10:00 AM Pacific Time

REGISTER NOW »

Member Webinar: Kubernetes Policies 101
Eran Leib, Founder, VP Product Management @Apolicy
Spenser Paul, Director of Sales, North America @DoiT International

July 28, 2020 10:00 AM Pacific Time

REGISTER NOW »

Project Webinar: How We Doubled System Read Throughput with Only 26 Lines of Code
TiKV team
July 31, 2020 10:00 AM Pacific Time

REGISTER NOW »



TweetTweet

ForwardForward

ShareShare

KubeWeekly is curated by Bob Killen, Chris Short, Craig Box, Kim McMahon, and Michael Hausenblas

Please send submissions to kubeweekly@cncf.io 

Copyright © 2020 Cloud Native Computing Foundation, All rights reserved.