The Headlines
Editor’s pick of the highlights from the past week.
Congratulations, Harbor on CNCF Graduation!
This week, CNCF announced that the Harbor project has reached graduated status. The project is the eleventh to graduate. To move from the maturity level of incubation to graduation Harbor has demonstrated growing adoption, an open governance process, feature maturity, and a strong commitment to community, sustainability, and inclusivity.
Harbor is an open-source registry that secures artifacts with policies and role-based access control, ensures images are scanned and free from vulnerabilities, and signs images as trusted. We encourage you to learn more about the project and this exciting milestone here.
SPIFFE/SPIRE move to CNCF Incubation-level hosted projects
In other project news this week, SPIFFE/SPIRE is now an Incubation-level hosted project . The SPIFFE (Secure Production Identity Framework For Everyone) specification defines a standard to authenticate software services in cloud native environments through the use of platform-agnostic, cryptographic identities. SPIRE (the SPIFFE Runtime Environment) is the code that implements the SPIFFE specification on a wide variety of platforms and enforces multi-factor attestation for the issuance of identities. In practice, this reduces the reliance on hard-coded secrets when authenticating application services.
Joining CNCF incubation-level projects like OpenTracing, gRPC, CNI, Notary, NATS, Linkerd, Rook, etcd, OPA, CRI-O, TiKV, CloudEvents, Falco, Argo, and Dragonfly, SPIFFE and SPIRE are part of a neutral foundation aligned with its technical interests, as well as the larger Linux Foundation, which provides governance, marketing support, and community outreach.
To learn more about SPIFFE/SPIRE, visit spiffe.io.
ICYMI: CNCF Webinars
Weekly recap of CNCF project, SIG, Ambassador, and member webinars that you might have missed.
You can view all CNCF recorded and upcoming webinars here .
CNCF Member Webinar: Fast packet processing with KubeVirt
David Vossel, Principal Software Engineer and @RedHat Petr Horacek, Senior Software Engineer @Red Hat
CNCF Member Webinar: Kubernetes Cost Allocation Done Right
Webb Brown, Co-founder and CEO @Kubecost and Ajay Tripathy, CTO @Kubecost
CNCF Member Webinar: Cloud Infrastructure for Network Functions – Requirements and testing
Dana Nehama, Director, Product Management Network Cloud @Intel Corporation and Petar Torre, Principal Engineer @Intel Corporation
CNCF Member Webinar: Introduction to Cloud Provider Sub Sig BaiduCloud // 介绍SIG Cloud Provider子项目BaiduCloud
Ti Zhou 周倜, Senior Architect 高级架构师 @Baidu 百度 Zichao Ye 叶子超, Senior Software Engineer 高级软件工程师 @Baidu and 百度 Tianyuan Sun 孙天元, Senior Software Engineer 高级软件工程师 @Baidu 百度
CNCF Member Webinar: Monitoring Kubernetes clusters by “chatting” with them
Prasad Ghangal, Creator of BotKube and Software geek @InfraCloud
Vishal Biyani, CTO @InfraCloud and Hrishikesh Deodhar, Director of Engineering @InfraCloud
The Technical
Tutorials, tools, and more that take you on a deep dive into the code.
Exploiting an Envoy heap vulnerability
Harvey Tuch, Google
Deploying Istio with restricted Pod Security Policies
Laszlo Bence Nagy, Banzai Cloud
Cross-Cluster Traffic Mirroring with Istio
Mert Acikportali, Trivago
Manage your Kubernetes cluster with Lens
Chris Collins, Red Hat
The Editorial
Articles, announcements, and more that give you a high-level overview of challenges and features.
Kubermatic, with Sebastian Scheele
Adam Glick and Craig Box, Kubernetes Podcast from Google
Bayer Crop Science seeds the future with 15000-node GKE clusters
Rob Long and Maciek Różacki, Google Cloud
Tsunami: An extensible network scanning engine for detecting high severity vulnerabilities with high confidence
Guoli Ma, Claudio Criscione and Sebastian Lekies, Google Open Source
Kubernetes: 4 ways to save IT budget with automation
Kevin Casey, Red Hat
Architecting Kubernetes clusters — choosing a cluster size
Daniel Weibel, ITNEXT
Service Mesh Comparison: Istio vs Linkerd
Infracloud
Upcoming CNCF webinars
Ambassador Webinar: Commoditise Kubernetes with cluster-api
Gianluca Arbezzano, Senior Staff Software Engineer @Packet
June 26, 2020 10:00 AM Pacific Time
REGISTER NOW »
Member Webinar: Best Practices for Running and Implementing Kubernetes
Kendall Miller, President @Fairwinds
Robert Brenna, Director of Open Source @Fairwinds
June 30, 2020 10:00 AM Pacific Time
REGISTER NOW »
Member Webinar: 7 Critical Reasons for Kubernetes-Native Backup
Deepika Dixit, Member of Technical Staff @Kasten
Mark Severson, Member of Technical Staff @Kasten
July 1, 2020 7:00 AM Pacific Time
REGISTER NOW »
Member Webinar: Pivoting Your Pipeline from Legacy to Cloud Native
Tracy Ragan, CEO @DeployHub and CDF Board Member
Nathan Martin, CEO @Sagecore Technologies
July 1, 2020 1:00 PM Pacific Time
REGISTER NOW »
Member Webinar: Stay on top of ongoing Kubernetes security hygiene
Zohar Kaufman, Co-Founder and VP R&D @Portshift.io
Ariel Shuper, VP Product @Portshift.io
July 2, 2020 10:00 AM Pacific Time
REGISTER NOW »
Member Webinar: Optimize your Kubernetes Clusters on Azure with Built-in Best Practices
Jorge Palma, Senior Program Manager @Microsoft
July 7, 2020 10:00 AM Pacific Time
REGISTER NOW »
Member Webinar: The Challenges and Countermeasures of Service Mesh Practice
裴斐 (Fei Pei), 网易 杭州研究院 云计算技术专家、架构师 @网易
This webinar will be delivered in Chinese.
July 8, 2020 10:00 AM China Standard Time
REGISTER NOW »
Project Webinar: What’s new in Linkerd 2.8 : Multi-cluster Kubernetes made simple and secure by default
Oliver Gould, Linkerd Project Lead, co-founder & CTO @Buoyant
July 8, 2020 10:00 AM Pacific Time
REGISTER NOW »
Member Webinar: Building Production-ready Services with Kubernetes and Serverless Architectures
Mike Metral, Software Architect and Engineer @Pulumi
Jason (Jay) Smith, App Modernization Specialist @Google Cloud
July 8, 2020 1:00 PM Pacific Time
REGISTER NOW »
Member Webinar: 如何落地 Service Mesh – 从技术选型到实践
马若飞 FreeWheel 北京研发中心首席工程师 @FreeWheel
This webinar will be delivered in Chinese.
July 9, 2020 10:00 AM China Standard Time
REGISTER NOW »
Member Webinar: The top 10 most-useful Kubernetes APIs for comprehensive cloud-native observability
Caleb Hailey, Co-founder and CEO @Sensu
July 9, 2020 10:00 AM Pacific Time
REGISTER NOW »
Member Webinar: Securing and Accelerating the Kubernetes CNI Data Plane with Project Antrea and NVIDIA Mellanox ConnectX SmartNICs
Antonin Bas, Maintainer of Project Antrea and Staff Engineer @VMware
Moshe Levi, Sr. Staff Engineer @NVIDIA
July 14, 2020 10:00 AM Pacific Time
REGISTER NOW »
Member Webinar: Serving Millions of Customers with Cloud Native and DevSecOps
Chris Hollies, CTO, Oracle Practice @Capgemini
Akshai Parthasarathy, Principal Director, Cloud Native and DevOps @Oracle Cloud
July 15, 2020 7:00 AM Pacific Time
REGISTER NOW »
Member Webinar: Advancing image security and compliance through Container Image Encryption!
Brandon Lum, Senior Software Engineer @IBM
July 15, 2020 10:00 AM Pacific Time
REGISTER NOW »
Member Webinar: Kubernetes and storage. Kubernetes for storage. An overview.
Kiran Mova, Chief Architect at MayaData and core maintainer of OpenEBS @MayaData
July 16, 2020 10:00 AM Pacific Time
REGISTER NOW »
Member Webinar: Kubernetes Security Anatomy and the Recently Disclosed CVEs
Gadi Naor, CTO & Co-Founder @Alcide
July 21, 2020 10:00 AM Pacific Time
REGISTER NOW »
Member Webinar: Implementing Canary Releases on Kubernetes w/ Spinnaker, Istio, and Prometheus
Oleg Chunikhin, CTO @Kublr
July 22, 2020 1:00 PM Pacific Time
REGISTER NOW »
Member Webinar: Observability of multi-party computation with OpenTelemetry
Antoine Toulme, Engineering Manager @Splunk
Dave McAllister, Sr. Technical Evangelist @Splunk
July 23, 2020 10:00 AM Pacific Time
REGISTER NOW »
Member Webinar: Kubernetes Policies 101
Eran Leib, Founder, VP Product Management @Apolicy
Spenser Paul, Director of Sales, North America @DoiT International
July 28, 2020 10:00 AM Pacific Time
REGISTER NOW »
Project Webinar: How We Doubled System Read Throughput with Only 26 Lines of Code
TiKV team
July 31, 2020 10:00 AM Pacific Time
REGISTER NOW »
===========================================================
KubeWeekly is curated by Bob Killen, Chris Short, Craig Box, Kim McMahon, and Michael Hausenblas