Detroit Is Turning Lampposts Into Internet-Connected EV Chargers

Nov 05, at 3:25am ET Share 12 Comments / 12 New AT&T and Voltpost will bring internet-connected lamppost EV chargers to Michigan and the Metro-Detroit area.…

November 7, 2024 at 09:22AM

via Instapaper

Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years…

November 7, 2024 at 09:17AM

via Instapaper

Week Ending November 3, 2024

https://lwkd.info/2024/20241106

Developer News

Registration for the Salt Lake City Contributor Summit closes Thursday, so don’t forget to register; check your email to make sure that you did. Also make sure to add any Unconference topic you have soon.

Release Schedule

Next Deadline: Code Freeze, November 8th

Code Freeze Is Coming, and this cycle (because of Kubecon) we’ll have test freeze at the same time. So make sure to get you work on 1.32 features and their tests done this week. The removals and deprecations blog post has been postponed to this Friday.

And, just to pile it on: patch release cherry-picks are also due Friday.

Merges

Update scheduler_perf tests to run with QueueingHints both enabled and disabled

Tests for getReplicaSetFraction in the deployment controller

Improve validation for ReplicaSet annotations in the deployment controller

JSON request encoding fallback added for CBOR HTTP 415 errors

kubeadm: ensure proper parsing of SSR username

kubeadm: use actual addresses/ports for WaitForAllControlPlaneComponents

Improved test coverage for kubectl autoscale

Fixes to reporting of elapsed times for validating admission policy

KCM volume plugin probe refactored

--concurrent-daemonset-syncs command line flag added to kube-controller-manager

kubelet’s /metrics/slis endpoint made always available

New utility function ResetLabelValueAllowLists to reset allow lists for label values

New optional ResetFieldsFilterStrategy interface for storage

dynamicResources struct refactored to DynamicResources

Container filesystem and image filesystem now allowed to be on the same drive but in a different partition

New alpha seLinuxChangePolicy field within Pod level securityContext

Fix for eviction manager not deleting unused images or containers when it detected containerfs signal

Stricter validations for the qosClass field of Pod status

DRA: scheduling pods is up to 16x faster now thanks to some performance optimization

v1alpha1 API for mutating admission policies added

PodLifecycle’s Sleep Action now supports a sleep duration of zero with a feature gate

Bug fix for an issue with state un-marshalling in InPlacePodVerticalScaling

Line breaks from kubectl explain descriptions now realinged

Windows now supports CPU and memory affinity

Promotions

MemoryManager to GA

PodIndexLabel for StatefulSet and IndexedJob to GA

RecoverVolumeExpansionFailure to beta

PodLifecycleSleepAction to GA

Deprecated

Dropped last remaining reference to github.com/golang/groupcache/lru

EnforceMountableSecretsAnnotation deprecated in v1.32

ZeroLimitedNominalConcurrencyShares feature gate removed after graduation to GA in v1.30

HPAContainerMetrics feature gate removed after graduation to GA in v1.30

Version Updates

vendor: system-validators to v1.9.1

via Last Week in Kubernetes Development https://lwkd.info/

November 06, 2024 at 06:00PM

casey/just: 🤖 Just a command runner

Table of Contents↗️ just just is a handy way to save and run project-specific commands. This readme is also available as a book. (中文文档在 这里, 快看过来!) Commands,…

November 5, 2024 at 09:51AM

via Instapaper

Kubernetes webhooks explained and Aspect Oriented Programming, with Gordon Myers

https://kube.fm/webhooks-aop-gordon

This episode explores Admission Controllers and Webhooks with Gordon Myers, who shares his experience implementing webhook solutions in production. Gordon explains the lifecycle of Kubernetes API requests and how webhooks can intercept and modify resources before they are stored in etcd.

You will learn:

How the Kubernetes API processes requests through authentication, authorization, and Admission Controllers.

The difference between Validating and Mutating webhooks and how to implement them using JSON Patch.

Best practices for testing webhooks and avoiding common pitfalls that can break cluster deployments.

Real-world examples of webhook implementations, including injecting secrets from HashiCorp Vault into containers.

Sponsor

This episode is sponsored by Learnk8s — get started on your Kubernetes journey through comprehensive online, in-person or remote training.

More info

Find all the links and info for this episode here: https://kube.fm/webhooks-aop-gordon

Interested in sponsoring an episode? Learn more.

via KubeFM https://kube.fm

November 05, 2024 at 05:00AM

From Docker to Kubernetes: Running Backstage in Production!

In this video, we dive into packaging and running Backstage in Kubernetes. We'll start by building OCI images, then run Backstage with Docker, and finally, deploy it in Kubernetes using Helm charts. Learn how to automate builds, package and publish images, and set up CI workflows.

Backstage #Kubernetes #Helm #Docker

Consider joining the channel: https://www.youtube.com/c/devopstoolkit/join

▬▬▬▬▬▬ 🔗 Additional Info 🔗 ▬▬▬▬▬▬ ➡ Transcript and commands: https://devopstoolkit.live/internal-developer-platforms/from-docker-to-kubernetes-running-backstage-in-production 🔗 Backstage: https://backstage.io 🎬 Getting Started with Backstage: From Zero to Operational Dev Portal: https://youtu.be/A-3Ai--Z-Gs 🎬 Should We Run Databases In Kubernetes? CloudNativePG (CNPG) PostgreSQL: https://youtu.be/Ny9RxM6H6Hg 🎬 Manage Kubernetes Secrets With External Secrets Operator (ESO): https://youtu.be/SyRZe5YVCVk

▬▬▬▬▬▬ 💰 Sponsorships 💰 ▬▬▬▬▬▬ If you are interested in sponsoring this channel, please visit https://devopstoolkit.live/sponsor for more information. Alternatively, feel free to contact me over Twitter or LinkedIn (see below).

▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬ ➡ Twitter: https://twitter.com/vfarcic ➡ LinkedIn: https://www.linkedin.com/in/viktorfarcic/

▬▬▬▬▬▬ 🚀 Other Channels 🚀 ▬▬▬▬▬▬ 🎤 Podcast: https://www.devopsparadox.com/ 💬 Live streams: https://www.youtube.com/c/DevOpsParadox

▬▬▬▬▬▬ ⏱ Timecodes ⏱ ▬▬▬▬▬▬ 00:00 Backstage in Docker and Kubernetes 02:43 Build, Push, and Run Backstage with Docker 11:19 Run Backstage in Kubernetes 16:27 Build, Package, and Push Backstage Automatically 19:43 All Together

via YouTube https://www.youtube.com/watch?v=fLAVFQAhzM4

AWS Game Builder Challenge

November 4, 2024 at 10:25AM

via Instapaper

Cedar Language Playground

Author: Micah Hausler, Principal Engineer, AWS October 30, 2024 Today we are excited to announce a new open source project, Cedar access controls for…

November 4, 2024 at 10:24AM

via Instapaper

hypermodeinc/modus: Modus: an open source, serverless framework for building intelligent functions and APIs, powered by WebAssembly

November 4, 2024 at 09:23AM

via Instapaper

Misc - Feat. Kepler, Inspektor Gadget, k8sgpt, Perses, and Pixie (You Choose!, Ch. 04, Ep. 09)

Miscelaneous - Choose Your Own Adventure: The Observability Odyssey

In this episode, we'll go through the tools in the observability space that are not part of any of the previous sub-categories. The contestants are Kepler, Inspektor Gadget, k8sgpt, Perses, and Pixie.

Vote for your choice of a tool for signing artifacts at https://cloud-native.slack.com/archives/C05M2NFNVRN. If you have not already joined CNCF Slack, you can do so from https://slack.cncf.io.

This and all other episodes are available at https://www.youtube.com/playlist?list=PLyicRj904Z9-FzCPvGpVHgRQVYJpVmx3Z.

More information about the "Choose Your Own Adventure" project including the source code and links to all the videos can be found at https://github.com/vfarcic/cncf-demo.

٩( ᐛ )و Whitney's YouTube Channel → https://www.youtube.com/@wiggitywhitney

kepler #IInspektorGadget #k8sgpt #perses #pixie.

▬▬▬▬▬▬ 🔗 Additional Info 🔗 ▬▬▬▬▬▬ 🔗 Miscalaneous: https://github.com/vfarcic/cncf-demo/tree/main/manuscript/observability-misc/README.md

via YouTube https://www.youtube.com/watch?v=OZE1hoT9-gs

Please just stop saying "just"

Do you work in Software Engineering, and have you seen messages or sentences like these before? “Can’t we just set up a redirect to this other domain?” “Why…

November 1, 2024 at 12:38PM

via Instapaper

GitOps: How To Use _ (Not YAML) To Manage Kubernetes Resources With GitOps?

Today, we tackle a viewer question on using formats other than YAML to manage Kubernetes resources with GitOps tools like Argo CD and Flux. Learn how to effectively use Helm, Kustomize, CUE, KCL, ytt, and more to define your desired state in YAML. We'll explore workflows, best practices, and how to ensure smooth synchronization of your configurations. Leave your questions in the comments and join our community!

Kubernetes #GitOps #ArgoCD #Flux

Consider joining the channel: https://www.youtube.com/c/devopstoolkit/join

▬▬▬▬▬▬ 💰 Sponsorships 💰 ▬▬▬▬▬▬ If you are interested in sponsoring this channel, please visit https://devopstoolkit.live/sponsor for more information. Alternatively, feel free to contact me over Twitter or LinkedIn (see below).

▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬ ➡ Twitter: https://twitter.com/vfarcic ➡ LinkedIn: https://www.linkedin.com/in/viktorfarcic/

▬▬▬▬▬▬ 🚀 Other Channels 🚀 ▬▬▬▬▬▬ 🎤 Podcast: https://www.devopsparadox.com/ 💬 Live streams: https://www.youtube.com/c/DevOpsParadox

via YouTube https://www.youtube.com/watch?v=FWE2247octI

Welcoming Amazon as an infrastructure supporter on the Swift Package Index Blog – Swift Package Index

It may surprise you to learn how much hosting infrastructure a site like the Swift Package Index needs. We obviously need a web server, or actually a few web…

October 31, 2024 at 10:18AM

via Instapaper

Week Ending October 27, 2024

https://lwkd.info/2024/20241030

Developer News

Register before November 7 to attend the Contributor Summit. While you’re at it, consider volunteering to help run the Summit.

The inactive cluster-api-provider-nested Subproject has been archived.

Release Schedule

Next Deadline: Feature Blog Freeze, October 30

We are in the countdown to Code Freeze and this week is full of deadlines. Finish your feature blog entries by October 30, followed by any major deprecations/removals by November 4, with Code and Test Freeze on November 8th.

Featured PRs

125258 Etcd Kubernetes interface

Introduces the alpha version of a defined interface for Kubernetes-etcd communications. The interface will improve tests and reliability as well as permitting (but not implementing) alternate backends. It covers data storage and leases.

KEP of the Week

KEP-1847: Auto delete PVCs created by StatefulSet

The KEP implements automatic deletion of “Persistent Volume Claims (PVCs)” associated with StatefulSets upon their deletion or scale-down. It introduced a PersistentVolumeClaimRetentionPolicy field, allowing users to opt-in for PVC deletion. This enhancement simplifies resource management, while preserving application state during regular operations.

This KEP is tracked for stable release in the ongoing v1.32 cycle, but is considered “at risk” because it is missing requirements for Code Freeze.

Other Merges

uncountedTerminalPods refactored to avoid casting everywhere

kubeadm: added “disable success” and “disable denial” as parameters of the “cache” plugin in the Corefile

CBOR support for generated clients based on client-go feature gating

New ResetLabelAllowLists method added to various metric types, allowing for the reset of label allow lists

Reset streams if error happens during kubectl port-forward

Fix for suboptimal scheduler behavior where potential preemption victims were violating Pod Disruption Budgets

DRA resourceslice controller to support publishing multiple slices

Support for CBOR encoding for apply requests

Improvements to handling allocated resources for InPlacePodVerticalScaling

Apply fsGroup policy for ReadWriteOncePod volumes

Unit test coverage improved for printers

DRA API implements CEL cost limits

Updated OOM score adjustment calculation for sidecar container

AdmissionConfiguration now uses strict validation

Docs fixes for apiserver admission metrics

DRA resource claim controller now has metrics about the total number of and allocated ResourceClaims

Fixes for several issues related to “allocationMode: all” in DRA

kubelet metrics added to report informations about the cpu pools

Added a new option strict-cpu-reservation for CPU Manager static policy

Fix for issue in InPlacePodVerticalScaling which causes apiserver panic

Added metrics to measure latency of DRA Node operations and DRA GRPC calls

New implementation of watch cache using btree data structure

Promotions

CronJobScheduledTimestampAnnotation to GA

ComponentSLIs to GA

TopologyManagerPolicyOptions to GA

SizeMemoryBackedVolumes to GA

Deprecated

AllowServiceLBStatusOnNonLB remains deprecated and is now locked to false to support compatibility versions

Version Updates

cni-plugins to v1.6.0

Shoutouts

To CY Jiang for helping fill various gaps (missing unit tests, doc comments, typos) in DRA and elsewhere

To Kirtana Ashok and Prince Pereira for paying down some massive tech debt in Kubernetes dependencies

To Mahamed Ali for helping to get access to the new AWS account for publishing AMIs for the CAPA project

To Aravind Parekh for getting our old data archived from SurveyMonkey

To thank a contributor, add your own kudos to #shoutouts in Kubernetes Slack

via Last Week in Kubernetes Development https://lwkd.info/

October 30, 2024 at 07:00PM

Quarto

Welcome to Quarto® An open-source scientific and technical publishing system Author using Jupyter notebooks or with plain text markdown in your favorite editor.…

October 30, 2024 at 01:31PM

via Instapaper