Grand Finale (You Choose!, Ch. 3, Ep. 11)

We're at the end of the Security season of YouChoose! We'll go through all the tools we explored this season and do an ...

via YouTube https://www.youtube.com/watch?v=5UZnXarnicM

How to Propagate Secrets Everywhere with External Secrets Operator (ESO) and Crossplane

We dive into the powerful synergy between External Secrets Operator (ESO) and Crossplane to efficiently manage and propagate ...

via YouTube https://www.youtube.com/watch?v=CmkIMhO4AjY

“Multiple major fiber cables” reaching Africa are broken

Damage to multiple subsea internet cables off the African coast is disrupting internet services across the continent – with network providers invoking Force Majeure owing to several deepsea cable cuts and full repairs of the damaged cables estimated to take five weeks.

Tags:

via Pocket https://www.thestack.technology/fibre-cable-cut-africa-internet-outage/

March 18, 2024 at 06:13AM

Containers on a diet

Sentry – Launch week! New features and products all week long (so get comfy)! Tune in to Sentry’s YouTube and Discord daily at 9am PT to hear the latest scoop. Too busy? No problem - enter your email address to receive all the announcements (and win swag along the way).

Tags:

via Pocket https://changelog.com/shipit/95

March 18, 2024 at 03:11AM

Meet DBOS: A Database Alternative to Kubernetes

Turing Award laureate Dr. Mike Stonebrakerjust keeps on inventing databases. Forty years ago, it was the first relational system, Ingress, and thirty years ago, it was PostgreSQL, More recently, he co-created an in-memory transactional database system, VoltDB.

Tags:

via Pocket https://thenewstack.io/meet-dbos-a-database-alternative-to-kubernetes/

March 18, 2024 at 02:33AM

Measuring Developer Productivity via Humans

Measuring developer productivity is a difficult challenge. Conventional metrics focused on development cycle time and throughput are limited, and there aren't obvious answers for where else to turn.

Tags:

via Pocket https://martinfowler.com/articles/measuring-developer-productivity-humans.html

March 18, 2024 at 02:33AM

Week Ending March 10, 2024

https://lwkd.info/2024/20240315

Developer News

Kubernetes Contributor Summit EU is happening next Tuesday, March 19, 2024. Make sure to register by March 15. If you want to bring a family member to social send an email to summit-team@kubernetes.io. We’re eagerly looking forward to receiving your contributions to the unconference topics.

Also, don’t forget to help your SIG staff its table at the Kubernetes Meet and Greet on Kubecon Friday.

Take a peek at the upcoming Kubernetes v1.30 Release in this Blog.

Release Schedule

Next Deadline: Draft Doc PRs, Mar 12th

Kubernetes v1.30.0-beta.0 is live!

Your SIG should be working on any feature blogs, and discussing what “themes” to feature in the Release Notes.

Featured PR

123516: DRA: structured parameters

DRA, or Dynamic Resource Allocation, is a way to bridge new types of schedulable resources into Kubernetes. A common example of this is GPU accelerator cards but the system is built as generically as possible. Maybe you want to schedule based on cooling capacity, or cash register hardware, or nearby interns, it’s up to you. DRA launched as an alpha feature back in 1.26 but came with some hard limitations. Notably the bespoke logic for simulating scale ups and scale downs in cluster-autoscaler had no way to understand how those would interact with these opaque resources. This PR pulls back the veil a tiny bit, keeping things generic but allowing more forms of structured interaction so core tools like the scheduler and autoscalers can understand dynamic resources.

This happens from a few directions. First, on the node itself a DRA driver plugin provides information about what is available locally, which the kubelet publishes as a NodeResourceSlice object. In parallel, an operator component from the DRA implementation creates ResourceClaimParameters as needed to describe a particular resource claim. The claim parameters include CEL selector expressions for each piece of the claim, allowing anything which can evaluate CEL to check them independently of the DRA plugin. These two new objects combine with the existing ResourceClaim object to allow bidirectional communication between Kubernetes components and the DRA plugin without either side needing to wait for the other in most operations.

While this does increase the implementation complexity of a new DRA provider, it also dramatically expands their capabilities. New resources can be managed with effectively zero overhead and without the even greater complexity of custom schedulers or a plugin-driven autoscaler.

KEP of the Week

KEP-647: APIServer Tracing

This KEP proposes to update the kube-apiserver to allow tracing requests. This is proposed to be done with OpenTelemetry libraries and the data will be exported in the OpenTelemetry format. The kube-apiserver currently uses kubernetes/utils/trace for tracing, but we can make use of distributed tracing to improve ease of use and to make analysis of the data easier. The proposed implementation involves wrapping the API Server’s http server and http clients with otelhttp.

This KEP is tracked to graduate to stable in the upcoming v1.30 release.

Other Merges

podLogsDir key in kubelet configuration to configure default location of pod logs.

New custom flag to kubectl debug for adding custom debug profiles.

PodResources API now has initContainers with containerRestartPolicy of Always when SidecarContainers are enabled.

Fix to the disruption controller’s PDB status sync to maintain PDB conditions during an update.

Service NodePort can now be set to 0 if AllocateLoadBalancerNodePorts is false.

Field selector for services that allows filtering by clusterIP field.

The ‘.memorySwap.swapBehaviour’ field in kubelet configuration gets NoSwap as the default value.

kubectl get jobs now prints the status of the listed jobs.

Bugfix for initContainer with containerRestartPolicy Always where it couldn’t update its Pod state from terminated to non-terminated.

The StorageVersionMigration API, which was previously available as a CRD, is now a built-in API.

InitContainer’s image location will now be considered in scheduling when prioritizing nodes.

Almost all printable ASCII characters are now allowed in environment variables.

Added support for configuring multiple JWT authenticators in Structured Authentication Configuration.

New trafficDistribution field added to the Service spec which allows configuring how traffic is distributed to the endpoints of a Service.

JWT authenticator config set via the –authentication-config flag is now dynamically reloaded as the file changes on disk.

Promotions

StructuredAuthorizationConfiguration to beta.

HPAContainerMetrics to GA.

MinDomainsInPodTopologySpread to GA.

ValidatingAdmissionPolicy to GA.

StructuredAuthenticationConfiguration to beta.

KubeletConfigDropInDir to beta.

Version Updates

google.golang.org/protobuf updated to v1.33.0 to resolve CVE-2024-24786.

Subprojects and Dependency Updates

gRPC to v1.62.1 fix a bug that results in no matching virtual host found RPC errors

cloud-provider-openstack to v1.28.2 Implement imagePullSecret support for release 1.28

via Last Week in Kubernetes Development https://lwkd.info/

March 14, 2024 at 11:53PM

Crossplane Compositions | Tutorial (Part 3)

In this third installment of our Crossplane tutorial series, we are exploring Compositions, probably the most important feature in ...

via YouTube https://www.youtube.com/watch?v=X7E6YfXWgvE

Tag App Delivery at Kubecon EU 2024

KubeCon EU 2024 is only four more weeks away! The TAG App Delivery is excited to bring together cloud-native application developers and framework builders to meet each other and share insights and knowledge.

Tags:

via Pocket https://tag-app-delivery.cncf.io/blog/tag-app-delivery-at-kubecon-eu-2024/

March 13, 2024 at 10:50AM