Ep14 - Ask Me Anything About DevOps, Cloud, Kubernetes, Platform Engineering,...

There are no restrictions in this AMA session. You can ask anything about DevOps, Cloud, Kubernetes, Platform Engineering, containers, or anything else.

▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ Sponsor: Codefresh 🔗 GitOps Argo CD Certifications: https://learning.codefresh.io (use "viktor" for a 50% discount) ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬

▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬ ➡ BlueSky: https://vfarcic.bsky.social ➡ LinkedIn: https://www.linkedin.com/in/viktorfarcic/

▬▬▬▬▬▬ 🚀 Other Channels 🚀 ▬▬▬▬▬▬ 🎤 Podcast: https://www.devopsparadox.com/ 💬 Live streams: https://www.youtube.com/c/DevOpsParadox

via YouTube https://www.youtube.com/watch?v=bGF9duYPft0

Why Most Kubernetes Dashboards Are Failing You (and What's The Future)

Discover the common mistakes of Kubernetes dashboards and explore how to improve them for better navigation, search, and debugging in large-scale clusters. Learn about the limitations of Kubernetes API and how tools like Karpor can revolutionize cluster management with advanced search capabilities. Follow along as we set up Karpor, register clusters, and demonstrate powerful SQL-based search queries that can help you find resources across multiple clusters quickly and efficiently. Tune in for insights on transforming your Kubernetes experience from a file explorer to a Google-like search interface.

▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ Sponsor: Twingate 🔗 https://twingate.com ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬

KubernetesDashboards #KubernetesAPI #DevOpsToolkit

Consider joining the channel: https://www.youtube.com/c/devopstoolkit/join

▬▬▬▬▬▬ 🔗 Additional Info 🔗 ▬▬▬▬▬▬ ➡ Transcript and commands: https://devopstoolkit.live/kubernetes/why-most-kubernetes-dashboards-are-failing-you-and-whats-the-future 🔗 Karpor: https://kusionstack.io/karpor

▬▬▬▬▬▬ 💰 Sponsorships 💰 ▬▬▬▬▬▬ If you are interested in sponsoring this channel, please visit https://devopstoolkit.live/sponsor for more information. Alternatively, feel free to contact me over Twitter or LinkedIn (see below).

▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬ ➡ BlueSky: https://vfarcic.bsky.social ➡ LinkedIn: https://www.linkedin.com/in/viktorfarcic/

▬▬▬▬▬▬ 🚀 Other Channels 🚀 ▬▬▬▬▬▬ 🎤 Podcast: https://www.devopsparadox.com/ 💬 Live streams: https://www.youtube.com/c/DevOpsParadox

▬▬▬▬▬▬ ⏱ Timecodes ⏱ ▬▬▬▬▬▬ 00:00 Kuberentes Dashboards 01:11 Typical Kuberentes Dashboard (feat. Headlamp) 01:27 Twingate (sponsor) 02:29 Typical Kuberentes Dashboard (feat. Headlamp) (cont.) 05:57 How Kubernetes Dashboards Work? 13:56 Multi-Cluster Kubernetes Dashboard (feat. Karpor) 25:08 How Should Dashboards Work?

via YouTube https://www.youtube.com/watch?v=1n6tBTj2sFM

Week Ending March 2, 2025

https://lwkd.info/2025/20250306

Developer News

Benjamin Elder is implementing a policy of not re-triaging some issues; comment on the PR.

We’re promoting several Kind-based test jobs to release-blocking, since they’ve shown themselves to be reliable and able to catch real issues.

Release Schedule

Next Deadline: Code Freeze and Test Freeze March 21

We’re on our final approach to Code Freeze. Topics for the Feature Blog were frozen this week. Time to wrap up your work for 1.33.

March patch release cherry-picks are due this Friday.

Featured PRs

130349: Declarative Validation: Add validation generator

This PR kicks off the implementation of Declarative Validation in Kubernetes by introducing validation-gen, a code generator that automatically produces validation logic based on structured //+ tags in types.go files. The validation system is modular, with a core set of built-in validation rules, and future PRs will expand it with additional plugins like dnsName, enum, and union. This PR also includes a robust test suite to ensure correctness across various validation scenarios.

Other Merges

Annotations added to the APIServer audit request with auth and authz latency

endpoints.kubernetes.io/managed-by label added to Endpoints

Added declarative validation to scheme

Fixes to EndpointSlice while working on new TrafficDistribution

Tests for encoding collections in Proto

OrderedNamespaceDeletion feature gate turned on by default

conntrack reconciler to check the dst port

Added DeclarativeValidation and DeclarativeValidationMismatchMetric feature gates

E2E tests for MutatingAdmissionPolicy

selinux to ignore pods with Recursive policy

CEL CIDR library’s ContainsCIDR to allow non-equal addresses

Fix for kernel version check condition in nftables proxier

New error matcher to make writing tests easier and consistent

New Origin field to the Error type added for use by validation tests

Added missing increments of queue_incoming_pods_total metric in scheduling queue

Introduced API type coordination.k8s.io/v1beta1/LeaseCandidate

Some cleanup before pod subresource updates

InPlacePodVerticalScaling: Moved pod resource allocation management out of the status manager

kube-proxy nftables: Optimizations to kube-proxy restart time

scheduler: added filter integration tests for NodePorts plugin

Added e2e test for topology manager with restartable init containers

Fix for a bug with starting pods with postStart hooks specified

Volume affinity scheduling error message updated to be more intuitive

InPlacePodVerticalScaling to never attempt a resize of windows pods and use allocated resources for unsupported resize pods

Added a /statusz endpoint for kube-scheduler

Promotions

RecursiveReadOnlyMounts to GA

JobBackoffLimitPerIndex to GA

Deprecated

GA feature gate AppArmor removed

Version Updates

x/oauth2 to v0.27.0

x/crypto to v0.35.0

go.opentelemetry.io dependencies to v1.33.0/v0.58.0

via Last Week in Kubernetes Development https://lwkd.info/

March 06, 2025 at 07:12AM

Ep13 - Ask Me Anything About DevOps, Cloud, Kubernetes, Platform Engineering,... w/Scott Rosenberg

There are no restrictions in this AMA session. You can ask anything about DevOps, Cloud, Kubernetes, Platform Engineering, containers, or anything else. We'll have a special guest Scott Rosenberg to help us out.

▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬ Sponsor: Codefresh 🔗 GitOps Argo CD Certifications: https://learning.codefresh.io (use "viktor" for a 50% discount) ▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬

▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬ ➡ BlueSky: https://vfarcic.bsky.social ➡ LinkedIn: https://www.linkedin.com/in/viktorfarcic/

▬▬▬▬▬▬ 🚀 Other Channels 🚀 ▬▬▬▬▬▬ 🎤 Podcast: https://www.devopsparadox.com/ 💬 Live streams: https://www.youtube.com/c/DevOpsParadox

via YouTube https://www.youtube.com/watch?v=Q5ByWaOtq9U

I just want mTLS on Kubernetes, with John Howard

https://ku.bz/sk-ZF1PG9

Dive into the world of Kubernetes security with this insightful conversation about securing cluster traffic through encryption.

John Howard, Senior Software Engineer at Solo.io, explains the complexities of implementing Mutual TLS (mTLS) in Kubernetes. He discusses the evolution from DIY approaches to Service Mesh solutions, focusing on Istio's Ambient Mesh as a simplified path to workload encryption.

You will learn:

Why DIY mTLS implementation in Kubernetes is challenging at scale, requiring certificate management, application updates, and careful transition planning

How Service Mesh solutions offload security concerns from applications, allowing developers to focus on business logic while infrastructure handles encryption

The advantages of Ambient Mesh's approach to simplifying mTLS implementation with its node proxy and waypoint proxy architecture

Sponsor

This episode is sponsored by Learnk8s — get started on your Kubernetes journey through comprehensive online, in-person or remote training.

More info

Find all the links and info for this episode here: https://ku.bz/sk-ZF1PG9

Interested in sponsoring an episode? Learn more.

via KubeFM https://kube.fm

March 04, 2025 at 05:00AM