Kubernetes Podcast from Google

In this episode, release lead Kat Cosgrove walks us through what’s new in Kubernetes 1.30. Recorded at KubeCon EU 2024.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week Google Cloud Next Wrap Up Blog Amazon EKS extended support for Kubernetes versions now generally available Introducing the Windows Operational Readiness Specification Links from the interview Kubernetes v1.30: Uwubernetes blog A Peek at Kubernetes v1.30 Release Team Lead Handbook Kubernetes Release Team info   

KubeCon EU 2024 was the largest KubeCon yet! Explore the trends and learnings from the event through interviews with attendees.   Featuring: Olivia Al-Joundi Tabitha Sable Sreeram Venkitesh Lachlan Evenson James Blair Ian Coldwater Gabriele Bartolini Benjamin Koltermann Benazir Khan   And additional Guest Host, Mofi Rahman.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Go Workspaces in Kubernetes Blog by Tim Hockin Fermyon SpinKube donation announcement Istio Announces the Beta Release of Ambient Mode - Blog KubeCon EU 2024 CNCF Highlights Blog Kubestronaut Program Announcement Blog CNCF Udemy Partnership Announcement Blog Cloud Native Hacks Winners Blog KubeCon NA CFP KubeCon CloudNativeCon NA Cloud Native Glossary — the Japanese version is live! - Blog KuberTENes logo design contest KuberTENes.cncf.io Links from the interview   From Zero to Hero: Scaling Postgres in Kubernetes Using the Power of CloudNativePG - Gabriele Bartolini, EDB This Meeting Is Better Than An Email: A Panel Discussion on Facilitating Great Meetings SIG Security Update: Growing Together Cloud Native Rejekts Links from the post-interview chat WasmCon 2023 Kubernetes Podcast episode Ray on Kubernetes (KubeRay)  

Matt Klein is the CTO of bitdrift which is building a Mobile observability platform. Matt is known for being the creator of Envoy, one of the most popular open source proxies in the cloud space.  Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Cloud Native Rejekts CNCF 2024 Prospectus KubeCon Paris Guide Abdel co-authored KubeCon Paris Recommendations Map Links from the interview Matt Klein: Twitter LinkedIn Envoy Proxy Twitter kicks Android app users out for five hours due to 2015 date bug NGINX HAProxy Matt Klein’s X post about 1 billion pulls for envoy on DockerHub Envoyproxy on DockerHub Envoymobile Rust programming language

Mike Coleman is a developer advocate at Sysdig focused on open source software and spends a lot of time working on the Falco project. We’ll explore how Falco enables runtime security, and celebrate its recent graduation!   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Falco Graduation announcement Google Gemma Open Model GitOps Associate Certification (CGOA) Certified GitOps Associate (CGOA) Exam Linkerd 2.15 announcement Linkerd 2.15 stable release announcement Crossplane 1.15 announcement Open Source Summit North America Schedule Cloud Native Security Con North American Cloud Native Security Con America CFP Links from the interview Mike Coleman LinkedIn Twitter "Docker?!?! But, I’m a sysadmin" - Mike Coleman Mike Colemane and Bill Gates in an Earthquake Falco project LinkedIn Twitter Slack KubeCon NA 2019 CTF Cryptomining Detection Using Falco Navigating Open Source Project Hurdles to Achieve Community Enpowerments Aizhamal Nurmamat kyzy & Bob Killen Wrangle your alerts with open source Falco and the gcpaudit plugin Falcosidekick Practical Cloud Native Security with Falco Certified Kubernetes Security (CKS) exam

Lucas Käldström is a CNCF Ambassador, Kubernetes contributor and expert. Lucas Co-led SIG cluster lifecycle, ported Kubernetes to ARM and shepherded kubeadm from inception to GA. Today Lucas runs three meetup groups in Finland, studies at Aalto University, and, when time allows, contributes to cloud native software as a contractor. We chatted about Kubernetes API machinery, Chaos, Entropy, and Dishwashers. Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Weaveworks shutdown their operations Weavwork CEO Alexis Richardson post on Linkedin kubetrain.io Bytedance KubeAdmiral on GitHub Bytedance KubeAdmiral Announcement on InfoQ Strimzi joins the CNCF Incubator Microsoft new Cost Management tools for Azure Links from the interview Lucas Käldström LinkedIn Twitter/X Kubernetes as a dishwasher Understanding Kubernetes Through Real-World Phenomena and Analogies - Lucas Käldström Lucas research thesis Paper - Large-scale cluster management at Google with Borg API Machinery Dr. Stefan Schimanski KCP - Kubernetes-Like Control Plane Kubernetes API Conventions SIG Architecture Ingress2gateway - Ingress to Gateway Migrator Promise Theory: Principles and Applications (Mark Burgess, Jan Bergstra) In Search of Certainty: The Science of Our Information Infrastructure (Mark Burgess) Sweden Finns Links from the post-interview chat Keynote: Reperforming a Nobel Prize Discovery on Kubernetes - Ricardo Rocha & Lukas Heinrich Why Service Is the Worst API in Kubernetes, & What We’re Doing About It - Tim Hockin Gateway API TCP Routes Community-Powered Kubernetes LTS: Ensuring Stability and Compatibility While Driving Innovation Jeremy Rickard https://github.com/yannh/kubeconform

Madhav Jivrajani is an engineer at VMware, a tech lead in SIG Contributor Experience and a GitHub Admin for the Kubernetes project. He also contributes to the storage layer of Kubernetes, focusing on reliability and scalability. In this episode we talked with Madhav about a recent post on social media about a very interesting stale reads issue in Kubernetes, and what the community is doing about it.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod Chatter of the week Mofi Rahman co-host this episode with Kaslin Twitter/X LinkedIn Kubernetes Podcast episode 211 News of the week Google announced a new partnership with Hugging Face RedHat self-managed offering of Ansible Automation Platform on Microsoft Azure The schedule for KubeCon CloudNativeCon EU 2024 is out CNCF Ambassador applications are open The CNCF Hackathon at KubeCon CloudNativeCon EU 2024 CFP is open now The annual Cloud Native Computing Foundation report for 2023 CNCF's certification expiration period will change to 24 months starting April 1st, 2024. Sysdig 2024 Cloud Native Security and Usage Report Links from the interview Madhav Jivrajani Twitter/X LinkedIn Priyanka Saggu Interview Stale reads Twitter/X thread by Madhav "Kubernetes is vulnerable to stale reads, violating critical pod safety guarantees" - GitHub Issue tracking the stale reads CAP Theorem issue CMU Wasm Research Center "A CAP tradeoff in the wild" blog by Lindsey Kuper "Reasoning about modern datacenter infrastructures using partial histories" research paper The Kubernetes Storage Layer: Peeling the Onion Minus the Tears - Madhav Jivrajani, VMware KEP-3157: allow informers for getting a stream of data instead of chunking. KEP 2340: Consistent Reads from Cache Journey Through Time: Understanding Etcd Revisions and Resource Versions in Kubernetes - Priyanka Saggu, KubeCon NA 2023 Kubernetes API Resource Versions documentation

Guest is Bill Mulligan. Bill is Community Pollinator at Isovalent working on Cilium and eBPF. We learned how to properly pronounce Isovalent and what it actually means. We also spoke in depth about eBPF, Cilium, network function in Kubernetes and more.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week The Kubernetes legacy Linux package repositories are going away in January 2024 Kubernetes 1.29 is now available on GKE in the Rapid Channel The Vmware Tanzu Application Catalog is fully compliant with the SLSA Level 3 AWS extended support for Kubernetes minor versions pricing update The Kubernetes Contributor Summit Paris CFP is Open, closes Feb 4th KubeCon and CloudNativeCon EU 2024 co-located events agenda is live The Cloud Native Glossary is now available in French Blixt a new experimental LoadBalancer based on the Gateway API and eBPF Links from the interview Bill Mulligan: LinkedIn Twitter/X Covalent bonds on Wikipedia Isovalent Hybridization on Wikipedia Isovalent company site BPF - Berkeley Packet Filtering eBPF project site Fast by Friday: Why eBPF is Essential - Brendan Gregg GKE Dataplane V2 Cilium project site Hubble documentation Cilium Service Mesh Cilium annual report Cilium Certified Associate (CCA) CCA Study Guide from Isovalent on GitHub Istio Certified Associate (ICA) Certified Kubernetes Administrator (CKA) Certified Kubernetes Application Developer (CKAD) Kubernetes and Cloud Native Associate (KCNA) Resources to prepare for the CCA certification Isovalent library The World of Cilium Cisco acquired Isovalent Developing eBPF Apps in Java BGP in eBPF

This week’s guests are Johnny Horvi and Frode Sundby from NAVs (Norwegian Labour and Welfare Administration) platform team. We talked about NAIS. A kubernetes-based team centric platform aiming at providing the tools needed to deploy and operate apps easily.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week Kubernetes 1.29 features: https://kubernetes.io/blog/2023/12/14/cloud-provider-integration-changes/ https://kubernetes.io/blog/2023/12/20/contextual-logging-in-kubernetes-1-29/ https://kubernetes.io/blog/2023/12/19/pod-ready-to-start-containers-condition-now-in-beta/ https://kubernetes.io/blog/2023/12/19/kubernetes-1-29-taint-eviction-controller/ https://kubernetes.io/blog/2023/12/18/read-write-once-pod-access-mode-ga/ https://kubernetes.io/blog/2023/12/18/kubernetes-1-29-feature-loadbalancer-ip-mode-alpha/ https://kubernetes.io/blog/2023/12/15/kubernetes-1-29-volume-attributes-class/ https://kubernetes.io/blog/2023/12/15/csi-node-expand-secret-support-ga/ Kubernetes 1.29 release lead Interview Cisco acquired Isovalent Cilium 2023 Annual report KubeCon and CloudNativeCon Paris 2024 Hackathon https://www.cncf.io/blog/2023/12/20/kubecon-cloudnativecon-europe-hackathon-challenges-brought-to-you-by-the-united-nations/  https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/ https://unite.un.org/  https://sdgs.un.org/goals OpenFeature incubated as a CNCF project   Links from the interview Guests: Johnny Horvi Frode Sundby Nais Nais.io Twitter/X Github NAV JBoss IBM Websphere Apache Mesos   Links from the post-interview chat Nais on GitHub  

In this episode we interviewed Priyanka Saggu, Kubernetes v1.29 release lead and SIG ContribEx Tech Lead. We spoke about the release, the new features and enhancements, and more.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week Kyverno completes third-party security audit Google Deepmind Introduction to Gemini Google launches Gemini - The Verge Linux Foundation Newsletter: November 2023 High Performance Software Foundation (HPSF) Founding Announcement App Defense Alliance joins Joint Development Foundation under the Linux Foundation Open Source Summit North America 2023 CFP (closes January 14, 2024) Links from the interview Kubernetes v1.29 release information page on k8s.dev Removals, Deprecations, and Major Changes in Kubernetes 1.29 Release Blog - Kubernetes v1.29: Mandala Breaking changes KEP 2395: Removing In-Tree Cloud Providers (SIG Cloud Provider, Beta) Kubernetes v1.28 on the Kubernetes Podcast from Google - discussion of removal of in-tree storage plug-ins Major Changes KEP 1287: In-Place Update of Pod Resources (SIG Node, Alpha) Support in-place Pod vertical scaling in VPA KEP 753: Sidecar Containers (SIG Node, Beta)   Stable KEP 3299: KMS v2 Improvements OR KMSv2 (SIG Auth) SIG Etcd on the Kubernetes Podcast from Google KEP 2485: ReadWriteOncePod PersistentVolume Access Mode (SIG Storage, SIG Scheduling) KEP 727: Kubelet Resource Metrics Endpoint (SIG Instrumentation) “The Kubelet Summary API is a source of both Resource and Monitoring Metrics. Because of it’s dual purpose, it does a poor job of both.” Beta KEP 2799: Reduction of Secret-based Service Account Tokens (SIG Auth) Alpha KEP 3866: nftables kube-proxy backend (SIG Network) [KCSNA 2023] Iptables the end of an era - Dan Winship, Antonio Ojea   Links from the post-interview chat   Kaslin’s blog about “Out of Tree” Kubernetes In this episode we interviewed Priyanka Saggu, Kubernetes v1.29 release lead and SIG ContribEx Tech Lead. We spoke about the release, the new features and enhancements, and more.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week Kyverno completes third-party security audit Google Deepmind Introduction to Gemini Google launches Gemini - The Verge Linux Foundation Newsletter: November 2023 High Performance Software Foundation (HPSF) Founding Announcement App Defense Alliance joins Joint Development Foundation under the Linux Foundation Open Source Summit North America 2023 CFP (closes January 14, 2024) Links from the interview Kubernetes v1.29 release information page on k8s.dev Removals, Deprecations, and Major Changes in Kubernetes 1.29 Release Blog - Kubernetes v1.29: Mandala Breaking changes KEP 2395: Removing In-Tree Cloud Providers (SIG Cloud Provider, Beta) Kubernetes v1.28 on the Kubernetes Podcast from Google - discussion of removal of in-tree storage plug-ins Major Changes KEP 1287: In-Place Update of Pod Resources (SIG Node, Alpha) Support in-place Pod vertical scaling in VPA KEP 753: Sidecar Containers (SIG Node, Beta)   Stable KEP 3299: KMS v2 Improvements OR KMSv2 (SIG Auth) SIG Etcd on the Kubernetes Podcast from Google KEP 2485: ReadWriteOncePod PersistentVolume Access Mode (SIG Storage, SIG Scheduling) KEP 727: Kubelet Resource Metrics Endpoint (SIG Instrumentation) “The Kubelet Summary API is a source of both Resource and Monitoring Metrics. Because of it’s dual purpose, it does a poor job of both.” Beta KEP 2799: Reduction of Secret-based Service Account Tokens (SIG Auth) Alpha KEP 3866: nftables kube-proxy backend (SIG Network) [KCSNA 2023] Iptables the end of an era - Dan Winship, Antonio Ojea   Links from the post-interview chat Kaslin’s blog about “Out of Tree” Kubernetes

This episode Kaslin went to KubeCon North America In Chicago. She spoke to folks on the ground, asked them about their impressions of the conference, and collected a bunch of cool responses. Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Google researchers discover 'Reptar,’ a new CPU vulnerability Reptar by Tavis Ormandy Tim Hockin: Kubernetes Needs a Complexity Budget Kubernetes' Tim Hockin on a decade of dominance and the future of AI in open source  Keynote: A Vision for Vision - Kubernetes in Its Second Decade - Tim Hockin Open and Secure: A Manual for Practicing Thread Modeling to Assess and Fortify Open Source and Security Announcing our latest book release: a comprehensive security guide to assess and fortify open source security Links from the interview CNCF LLM Starter Pack Crossplane Web Assembly Intro to Kubernetes Gateway API Links from the post-interview chat  SIG ContribEx Comms Team Rap by Bart Farrell

Jesper Larsson is a Freelance PenTester. Jesper works with a hacker community called Cure53. Co-organizes SecurityFest in Gothenburg, Sweden. Hosts Säkerhetspodcasten or The Security Podcast. Jesper is also a Star on Hackad, a Swedish TV Series about hacking.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week Kubernetes Removals, Deprecations, and Major Changes in Kubernetes 1.29 Introducing SIG etcd etcd, with Marek Siarkowicz and Wenjia Zhang (The Kubernetes Podcast from Google) WebAssembly (WASM) and OpenShift: A Powerful Duo for Modern Applications Linux Foundation Events Pass the torch in ContribEx #7603 Links from the interview Cure53 Hacker Community Säkerhetspodcasten Hackad TV Show on IMDB SecurityFest Gothenburg Falco by Sysdig Wolfi by Chainguard The Untold Story of NotPetya, the Most Devastating Cyberattack in History Links from the post-interview chat The Untold Story of NotPetya, the Most Devastating Cyberattack in History

Fabian Kammel is a Security Architect at ControlPlane, where he helps to make the (cloud-native) world a safer place. In his career, he continuously worked to bring hardware security and cloud-native security closer together. His past projects include: * A cloud-native PKIs for on-road vehicle services secured by enterprise HSMs * An always-encrypted Kubernetes distribution that harnesses the power of Confidential Computing * And more recently securing SPIFFE-based machine identities via hardware attestation.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   Links from the interview Confidential Computing Blog from kubernetes.io Confidential Computing Consortium Confidential Computing Whitepaper Intel SGX Enclave Swap Memory with Kubernetes in Beta in 1.28 Hardware Security Modules Trusted Platform Modules (TPM) Envelope Encryption Confidential Computing Concepts - Confidential Virtual Machine AMD Secure Encrypted Virtualization (AMD SEV) AMD Secure Encrypted Virtualization - Secure Nested Paging (AMD SEV SNP) Trusted Computing Base (TCB) Remote Attestation Confidentiality, Integrity, and Availability: The CIA Triad Intel SGX Enclaves Confidential Containers (CoCo) Katacontainers AWS Firecracker  

Guests are Marek Siarkowicz , Senior Software Engineer in Google Cloud, Tech Lead of SIG-etcd   AND Wenjia Zhang, Engineering Manager in Google Cloud, Co-Chair of SIG-etcd, Google. We spoke about the project, the recent change to become a Special Interest Group and how to learn etcd.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Co-host this week is Mofi Rahman [X, LinkedIn]. Cloud Developer Advocate at Google Karpenter graduated to Beta The Kubernetes SIG Network announced release 1.0 of the Gateway API Ingress2gateway new CLI to migrate from Ingress to Gateway The Call for Proposals for KubeCon EU 2024 will close on Nov 26, 2023 Links from the interview etcd Meaning of etcd etcd history from CoreOs Raft paper On the Hunt for Etcd Data Inconsistencies by Marek Siarkowicz - [youtube] Lessons Learned From Etcd the Data Inconsistency Issues by Marek Siarkowicz - [youtube] The first pancake rule etcd as a Kubernetes sig The Case for SIG-ifying etcd CNCF Contributor License Agreements (CLA) Kubernetes Prow Contributor Experience Special Interest Group Kubernetes Watch Go Serialization and Deserialization Cilium with external etcd Certified Kubernetes Administrator etcd mentorship program etcd @kubecon NA 2023 Links from the post-interview chat Kubernetes considerations for large clusters Operating etcd clusters for Kubernetes Kueue etcd on the podcast The Heartbleed Bug XKCD meme about dependency  

WasmCon took place in BELLEVUE, WASHINGTON on Sept 6-7 2023. Kaslin and Mia from our advocacy team went down there and spoke to some folks at the conference to get their impression of the event. Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Mia Villaseñor: Twitter/X LinkedIn Cilium Graduated Docker AI apps tools Kubernetes steering committee election results CRI-O moved to Kubernetes owned repository CNCF TOC voted to archive the SMI project Links from the interview WasmCon 2023 Guests Dan Wilson Hood Chatham Brendan Irvine-Broque Josh Berkus Kevin Zheng Sid Hussmann Dawn Parzych Daiki Akasaka Radu Matei Dan Mihai Dumitriu Russell Ashi Chris Madison Brooks Townsend Open Policy Agent V8 Gapfruit OS WASI Capabilities Trusted Compute Group Trusted Platform Module (TPM) Jnode Midokura WASM Runtime Cosmonic Cloud CNCF WasmCloud Wasm Components Model WASI WasmTimeSQLite in Wasm talk at WasmCon AI and Wasm talk at WasmCon Envoy and Wasm The WIT format Cloudflare RU workers Wasm and Kubernetes Wasm and Kubernetes case study Doom on Cloudflare workers with Wasm Wasm and bosch by Emily Ruppel Dynamic Linking Python Dynamic Linking in Wasm from Wasm I/O 23 Links from the post-interview chat Podcast episode#208 with Phil estes Podcast episode#203 with Justin Cormack

  This week we explore what’s new in Istio with core maintainers John Howard and Keith Mattix   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week Announcing Linkerd 2.14: Improved enterprise multi-cluster, Gateway API conformance, and more! Amazon to invest up to $4 billion in AI startup Anthropic KubeCon EU 2024 CFP is open until November 26th CNCF Security Slam NEW Certification: Istio Certified Associate (ICA) npm packages caught exfiltrating Kubernetes config, SSH keys Links from the interview Kubernetes Native Sidecars in Istio (Blog from Istio) Kubernetes v1.28: Introducing native sidecar containers Argo Workflows Apache Airflow Envoy Proxy Istio Ambient Mesh Introducing Rust-Based Ztunnel for Istio Ambient Service Mesh eBPF Kernel TLS HTTP Based Overlay Network Environment (HBONE) KubeCon EU 2023: “Future of Service Mesh - Sidecar or Sidecarless or Proxyless?” - Idit Levine & Yuval Kohavi, Solo.io; Keith Mattix II, Microsoft; Eric Van Norman, IBM; John Howard, Google Istio Ambient Waypoint Proxy Made Simple kiali.io Kubernetes Gateway API (Istio) Getting Started with Istio and Kubernetes Gateway API Istio Desitination Rule Announcing Istio's graduation within the CNCF Istio sails into the Cloud Native Computing Foundation (CNCF Blog)

This week we explore the history of containers, particularly containerd, with Phil Estes.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week Notary Project announces a major release! (Blog)  Kubernetes Legacy Package Repositories Will Be Frozen On September 13, 2023 (Blog) Gateway API v0.8.0: Introducing Service Mesh Support (Blog) Amazon VPC CNI now supports Kubernetes Network Policies (Blog) Introducing VMware Tanzu Developer Portal: Empowering Developers with Enterprise-Grade Backstage Google Cloud Next page Google Cloud Next Blogs Google Cloud Post-Next Videos KubeCon NA 2023 Schedule Rig.dev startup (Blog)   Links from the interview Docker Containerd Chroot (archlinux wiki) Linux namespaces (Linux man page) runC announcement (2015) runC on Github Containerd project creation announcement (2016) Containerd donation to CNCF announcement (2017) Containerd graduation announcement (2019) Container Runtime Interface (CRI) Kubernetes SIG Node Dockershim debacle (kubernetes.io blog) Dockershim deprecation FAQ (kubernetes.io blog) Mirantis-owned cri-dockershim on Github Open Container Initiative (OCI) Cloud Native Computing Foundation (CNCF) CoreOS (“What was CoreOS” blog by RedHat) Rkt (“What is Rkt” blog by RedHat) Kinvolk BlaBlaCar BlaBlaCar Case Study on Google Cloud gRPC gVisor Kata Containers Docker && WASM with Justin Cormack (Docker CTO) on the Kubernetes Podcast from Google WasmEdge (A Wasm runtime) CRI-O (lightweight container runtime for Kubernetes) Containerd scope and principles nerdctl: Docker-compatible CLI for containerd Docker Buildkit github.com/container-image, github.com/container-storage Podman Skopeo Firecracker microvms Intel Clear Containers Hyper.sh Open Infrastructure Foundation OpenStack Cloud Native Rejekts “Face off: VMs vs. Containers vs Firecracker” by Alex Ellis at Cloud Native Rejekts EU 2023   Links from the post-interview chat   Keynote: Reperforming a Nobel Prize Discovery on Kubernetes - Ricardo Rocha & Lukas Heinrich Keynote: CERN Experiences - Ricardo Rocha & Clenimar Filemon Jesse Frazelle’s container escape challenge used to be at contained.af, but it doesn’t seem to exist anymore. Containers from Scratch - Liz Rice at GOTO 2018 (there are a bunch of recordings of this talk) Mirantis-owned cri-dockershim on Github  

Guest is Grace Nguyen. Kubernetes 1.28 release lead and student at the University of Waterloo. Grace had to juggle exams and community work to bring Kubernetes 1.28 to life. We will get to know grace and learn what work went into release, where the theme come from and what's special about it Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Docker Desktop 4.22 is live The CNCF announced the End User Technical Advisory Board The Go community released v1.21 Configu raised a $3M pre-seed round Links from the interview Grace Nguyen LinkedIn X Kubernetes SIG-Security Kubernetes 1.28 Planternetes API Awareness of SideCars Native SideCar containers in Istio pkgs.k8s.io: Kubernetes Community-Owned Package Repositories Expanding support skew between control plane and node components Non-Graceful node shutdown Pod replacement policy for Jobs (alpha) Match conditions for admission webhooks Feature graduations and deprecations in Kubernetes v1.28 Kubernetes 1.28 webinar. Sept 6th 2023 9am PDT Kubernetes 1.29 PR to assemble team Kubernetes 1.29 shadow program is open Kubernetes 1.27 release lead Xander Grzywinski Links from the post-interview chat Beta support for enabling swap space on Linux SideCars handling is the most popular issue on kubernetes tracker Reddit conversation about native SideCars Native SideCars explained

Guests are Wesley Hales and Max Bruce are co-founders of LeakSignal. LeakSignal is an American startup which is building a set of tools and products to detect and prevent data exfiltration in Service Meshes and proxies supporting Envoy and proxy-wasm.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week Dragonfly v2.0.1 is released Redhat Terraform Provider for ROSA Preview Microsoft Azure Operator Nexus Hashicorp Adopts BSL Blog Open Source Security Foundation S2C2F Kubernetes and Cloud Native events Q4, 2023 WasmCon on Sept 6 and 7 in Bellevue, Washington The Open Source Summit EU on Sept 19 to 21 in Bilbao, Spain GRPC Conf on Sept 20 in Sunnyvale, California Virtual IstioCon on Sept 25 and 26. KubeCon, Cloud NativeCon And Open Source Summit China on Sept 26 to 28 in Shanghai, China PromCon EU on Sept 28 and 29 in Berlin, Germany KubeCon and CloudNativeCon NA on Nov 6 to 9 in Chicago, Illinois. KubeDay India On December 8 in Bangalore KubeDay Singapore on December 12 Fermyon added SQL Database support and custom domains to their Wasm Cloud Platform Exposed Kubernetes Clusters are everywhere   Links from the Interview LeakSignal LeakSignal GitHub OpenShift Apigee Keyhouse Spiffe WebSockets gRPC Wasm Envoy Nginx AWS Lambda Proxy Wasm Istio Proxy Wasm Apisix Istio Prometheus PCI Compliance Cloud Armor Blog post about Cloud Armor WAF capabilities Akamai eBPF   Links from the post-interview chat Envoy Mobile

“The State of Kubernetes Cost Optimization,” is a recent report based on research into best practices for running Kubernetes clusters. If you’re running your workloads as efficiently as possible, your costs will be optimal too. The report reviews the data and offers recommendations on tools and techniques you can use to optimize your Kubernetes clusters. We talk with two of the report’s creators, Fernando Rubbo and Kent Hua, to learn more.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week - CNCF Istio Graduation blog - Istio’s blog about CNCF Graduation - CNCF Blog on Flux v2 GA release - Redhat Blog on Kubevirt 1.0 - Pulumi blog on v4.0 of their Kubernetes Provider - VMware Wasm Labs blog on serverless with wasm - CNCF announcement of over 30 new members  - VMware docs on self-hosted Tanzu Links from the interview - The State of Kubernetes Cost Optimization report - “Sharing the inaugural State of Kubernetes Cost Optimization report” blog - Resource Management for Pods and Containers (Kubernetes Documentation) Links from the post-interview chat - Google Site Reliability Engineering (SRE) books - Google Cloud Managed Service for Prometheus

This week we speak to GKE Project Manager, Nicholas Eberts, about Platform Engineering. He draws from his considerable experience both with the Cloud Native community and working with businesses to set up their cloud platforms to explore the trend.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week - Kubernetes binary distribution via CDN at dl.k8s.io - OpenShift Service Mesh version 2.4 - AWS Signer - KubeCon CloudNativeCon North America 2023 registration - KubeCon CloudNatieCon and Open Source Summit China 2023 registration - Kubernetes Bill of Materials CLI from KSOC Labs   -  Blog   - GitHub - CNCF Blog "Version after version: how the open source project Kubernetes releases its software"   Links from the interview Nicholas Eberts: - Twitter - LinkedIn   - Abdel tweeting about Platform Engineering - "DevOps is dead, long live Platform Engineering" tweet - DORA (DevOps Research and Assessment) - Charity Majors on the Hacking the Org Podcast - Charity Majors on the DevInterrupted Podcast - Open Service Broker - CNCF Landscape - Google Bard