Search the Community

Kubernetes v1.25 introduced support for user namespaces for only stateless pods. Kubernetes 1.28 lifted that restriction, after some design changes were done in 1.27. The beauty of this feature is that: it is trivial to adopt (you just need to set a bool in the pod spec) doesn't need any changes for most applications improves security by drastically enhancing the isolation of containers and mitigating CVEs rated HIGH and CRITICAL. This post explains the basics of user namespaces and also shows: the changes that arrived in the recent Kubernetes v1.28 release a demo of a vulnerability rated as HIGH that is not exploitable with user namespaces the runtime requirements to use this feature what you can expect in future releases regarding user namespaces. View the full article

Homepage Documentation GitHub About Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications. It groups containers that make up an application into logical units for easy management and discovery. Kubernetes builds upon 15 years of experience of running production workloads at Google, combined with best-of-breed ideas and practices from the community. Planet Scale Designed on the same principles that allows Google to run billions of containers a week, Kubernetes can scale without increasing your ops team. Never Outgrow Whether testing locally or running a global enterprise, Kubernetes flexibility grows with you to deliver your applications consistently and easily no matter how complex your need is. Run Anywhere Kubernetes is open source giving you the freedom to take advantage of on-premises, hybrid, or public cloud infrastructure, letting you effortlessly move workloads to where it matters to you. Kubernetes Concepts Explained in 9 minutes! Kubernetes Explained Kubeadm Deep Dive

New capabilities and pricing model to unlock developer productivity for entire teams using Kubernetes KubeCon + CloudNativeCon EU, BOSTON — May 16, 2022 — Ambassador Labs, the cloud native developer experience leader, today announced the newest release of Ambassador Cloud. Built on leading open source Cloud Native Computing Foundation (CNCF) projects, including Emissary-ingress, Telepresence, and […] The post Ambassador Labs Announces New Ambassador Cloud Team Edition appeared first on DevOps.com. View the full article

For the next week, save on Bundles & Power Bundles for Linux and Kubernetes certifications at The Linux Foundation. Bundles that are available: LFCS + LFCA CKA + CKAD CKA + CKS CKA + KCNA Learn more and save 30% at kub.to/may! Respected, verifiable certifications from a vendor-neutral entity like The Linux Foundation demonstrate the depth of your skills to potential employers, most of whom report they are more likely to hire someone holding such certifications. Whether you’re just starting out and aren’t sure where to begin, or if you’re an experienced pro looking to add a new certification, find a solution at kub.to/may. The offer is available until May 17th. Here are some frequently asked questions: Kubernetes Administration is one of the most sought after skill in the IT industry today. And the Kubernetes certifications - CKA/ CKAD/ CKS - are some of the hottest IT certifications. Kubernetes certifications are practical hands-on exams. How long is this offer valid? The discount sale goes through May 17th. But that doesn't mean you have to give the exam or schedule it within then. It is only to purchase the exam. Read on below. How long do I have to take the exam? Once purchased you can take the exam within the 12 months. Enough time to prepare and attempt both CKA and CKAD exams. How many attempts do I get? You get 1 free retake for each of these exams. That is 2 attempts for CKA and 2 attempts for CKAD. Should I go for CKA or CKAD? If you just need to try Kubernetes Certification and get one quickly, I'd say go for CKAD. As it's easy to prepare and crack, compared to CKA. If you really want to learn Kubernetes well, go for CKA. I think all system administrators and operations engineers should target CKA. If you prepare for CKA, CKAD is an easy add on. You can target to achieve CKAD 2-3 weeks after CKA. I am not a developer. So is CKAD for me? You don't need to be a developer to attempt CKAD. No coding experience required. You will be focusing on deploying a given application. Do I need any coding or programming knowledge to learn Kubernetes? No you do not need any scripting or programming knowledge to do CKA or CKAD. How do I start training for the exams? We have courses on KodeKloud that will prepare you from an absolute beginner to becoming a certified expert, with real hands-on labs and mock exams. Here's a video I recorded previously for a similar offer on Chinese New Year where I show how to avail the discount and register for the exams. Except for the coupon code used, everything else remains the same. https://www.youtube.com/watch?v=EbR3iRCGMT8 If you have any questions, please don't hesitate to reach out to me. Thank you and wish you all the best, Mumshad Mannambeth Trainer & Founder KodeKloud mumshad@kodekloud.com www.kodekloud.com

Kubernetes is now the standard for container orchestration. With organizations slowly adopting container first development structure, a large part of existing workloads are still running on virtual machines, either in the public cloud or private data centres. View the full article

Amazon Elastic Kubernetes Service (EKS) now supports a configurable Kubernetes service IP address range. This enables customers with clusters running in a peered or direct connected network environment to ensure that their pods can communicate with external applications on networks outside the cluster. View the full article

Amazon EMR on Amazon EKS provides a new deployment option for Amazon EMR that allows you to run Apache Spark on Amazon Elastic Kubernetes Service (Amazon EKS). If you already use Amazon EMR, you can now run Amazon EMR based applications with other types of applications on the same Amazon EKS cluster to improve resource utilization and simplify infrastructure management across multiple AWS Availability Zones. If you already run big data frameworks on Amazon EKS, you can now use Amazon EMR to automate provisioning and management, and run Apache Spark up to 3x faster. With this deployment option, you can focus on running analytics workloads while Amazon EMR on Amazon EKS builds, configures, and manages containers. View the full article

Amazon Elastic Kubernetes Service (Amazon EKS) now allows you to see the Kubernetes API resources and applications running on your Amazon EKS cluster using the AWS Management Console. This makes it easy to visualize and troubleshoot Kubernetes applications using Amazon EKS. View the full article

Using Kubernetes is a synonym for manipulating YAML. Even if the YAML community describes it as a human-readable language, it can sometimes be tricky to read it, especially in the context of Kubernetes when you are manipulating complex deployments, services, ingresses, and other resources. View the full article

An extremely valuable list of links to public failure stories related to Kubernetes; https://codeberg.org/hjacobs/kubernetes-failure-stories

Amazon Elastic Kubernetes Service (Amazon EKS) now allows you to install and manage Kubernetes operational software (add-ons) as part of the Amazon EKS console, CLI, and API. Today, EKS supports managing the Amazon VPC CNI networking plugin, with more add-ons coming soon. View the full article

You can now use a custom AMI with EKS managed node groups; Details: introducing-launch-template-and-custom-ami-support-in-amazon-eks-managed-node-groups Just create a new launch template and set this on the EKS NodeGroup; The alternative is to use self-managed nodes, but then you have to manage the ASG yourself.

Good blog post describing a few tools to help you manage resources & reduce cloud spending; https://srcco.de/posts/saving-cloud-costs-kubernetes-aws.html

This is the first post of a 2 part series where we will set-up production grade Kubernetes logging for applications deployed in the cluster and the cluster itself. View the full article

We are excited to announce the launch of a new three-day classroom course, Running Containers on Amazon Elastic Kubernetes Service (Amazon EKS), which teaches practical, in-depth skills for managing containers. Enrol Now ! About Amazon EKS makes it easy for you to run Kubernetes on AWS without needing to install, operate, and maintain your own Kubernetes control plane. In this course, you will learn container management and orchestration for Kubernetes using Amazon EKS. You will build an Amazon EKS cluster, configure the environment, deploy the cluster, and then add applications to your cluster. You will manage container images using Amazon Elastic Container Registry (ECR) and learn how to automate application deployment. You will deploy applications using CI/CD tools. You will learn how to monitor and scale your environment by using metrics, logging, tracing, and horizontal/vertical scaling. You will learn how to design and manage a large container environment by designing for efficiency, cost, and resiliency. You will configure AWS networking services to support the cluster and learn how to secure your Amazon EKS environment. View the full article

Evolution of Kubernetes Worker Nodes and the architecture of CRI-O and Red Hat Openshift 4.x View the full article

Learning is a natural process that takes place throughout our lives. Yet the passion of learning that we cultivate as children seems to vanish as we grow older and enter society. However, learning should be an exciting, inspiring, and transformative process. If you are discovering Kubernetes, or even if you are already using it in production, these tools will give you a fun and gamified view on handling, exploring, and experimenting with the resources of your cluster. View the full article

AWS Step Functions is now integrated with Amazon EKS, making it easier to build resilient applications that orchestrate jobs running on Kubernetes with AWS services such as AWS Lambda, Amazon SNS, and Amazon SQS with minimal code. You can now build workflows including steps that launch tasks in Amazon EKS and wait for its completion without writing code to manage the state of the Kubernetes job. View the full article

It is indispensable to ensure that a system/service built is able to withstand chaotic conditions as failures are inevitable. Chaos engineering helps in boosting confidence in a system's resilience by “breaking things on purpose.” While it may seem counterintuitive, it is crucial to deliberately inject failures into a complex system like OpenShift/Kubernetes and check whether the system recovers gracefully without any downtime and doesn’t suffer in terms of performance and scalability. Chaos engineering is a discipline to identify potential problems and enhance the system’s resilience. Kraken to the Rescue We developed a chaos tool named Kraken with the aim of “breaking things on purpose” and identifying future issues. Kraken enables the user to effortlessly inject chaos in a Kubernetes/OpenShift cluster. The user can continuously cause chaos and watch how the cluster responds to various failure injections over a long run. Additionally, one can validate if the cluster completely recovers from chaos and returns to its normal healthy state after a single set of failure injections. View the full article

Amazon Elastic Kubernetes Service (Amazon EKS) now allows you to install and manage Kubernetes operational software (add-ons) as part of the Amazon EKS console, CLI, and API. Today, EKS supports managing the Amazon VPC CNI networking plugin, with more add-ons coming soon. View the full article

Amazon Elastic Kubernetes Service (Amazon EKS) now allows you to forward container logs from pods running on AWS Fargate to AWS services for log storage and analytics including Amazon Cloudwatch, Amazon Elasticsearch, Amazon Kinesis Data Firehose, and Amazon Kinesis Streams. View the full article

AWS App2Container (A2C) is a command-line tool for modernizing .NET and Java applications into containerized applications. A2C analyzes and builds an inventory of all applications running in virtual machines, on-premises or in the cloud. You simply select the application you want to containerize, and A2C packages the application artifact and identified dependencies into container images, configures the network ports, and generates the ECS task and Kubernetes pod definitions. View the full article

The Linux Foundation has announced the Certified Kubernetes Security Specialist (CKS) Certification, designed to certify developers of their proficiency in Kubernetes and container-based applications during build, deployment & running. Successful completion of the Certificate indicates the holder is adept at advanced CKS practices and certified by The Linux Foundation to take up CKS Specialist roles. View the full article

Build5Nines Weekly provides your go-to source to keep up-to-date on all the latest Microsoft Azure news and updates. Included within Build5Nines Weekly newsletter are blog articles, podcasts, videos, and more from Microsoft and the greater community over the past week. Be sure to subscribe to Build5Nines Weekly to get the newsletter in your email every week and […] The article Latest Cloud News: Apple on K8s, IoT, Microsoft Pluton and more! (November 20, 2020 – Build5Nines Weekly) appeared first on Build5Nines. View the full article

At a recent online virtual event with Kong, Paul Curtis (@pfcurtis_NY), Weaveworks’ Principle Solutions Architect demonstrated how you can use Weave Kubernetes Platform and GitOps to make your transition from running legacy applications on Virtual Machines onto Kubernetes much simpler... View the full article