🗹 Operating the Kube 🗹

Welcome to the operating Kubernetes edition of kubelist. If you thought operating the Kube was fun wait till you read up on these operator goodies.

From security, networking, logging and back again, operating the 🗹 is an adventure with several side quests and minigames. Get ready for several deep dives on what it means to operate the 🗹 and level up your 🗹ness. ⚔️

Issue #10

Typically, you build your docker containers with root privileges. How can we mitigate these risks especially building containers on the 🗹? GCP thinks kainko can save the day but as @jessfraz points out kainko’s design might not provide you with what your looking for. Checkout a more indepth conversation on what it might take to do secure builds on k8s here

There is a lot going on in networking the 🗹. Ingresses, services, network policies, affinities and on and on. One of the biggest things that the kubelist editors struggled with was how Ingresses route to services and the DNS sugar on top. Check out Maartje’s blog post on figuring out how these work by building your own Ingress controller, sweet!

The kubelist editors LOVE reading about how folks set up their 🗹. We're not huge into blockchain but this article gives a great overview of how any organization can take their infra to the next level with Kubernetes. ☸️ P.S. there is a little Helm sprinkled in there too! ☸️

Deploying and maintaining ElasticSearch is surprisingly hard stuff. It's a heavy JVM app, there is tons of networking and storage config going on there, and its topology means you need to ensure the worker/master distribution is just right 👌. Kudos to Carlos for his sweet setup of his ?EKF? Stack on the 🗹

Most of this article contains tactics folks are already implementing on their own (VPC segmentation, HTTPS, etc). We suppose this post by Google serves as a good review of what you should do when you set up your infra when not using GCP? In all seriousness though, the stuff on Encryption in Transit and Attack Mitigation is dope.

A little bit about the kubelist editors: One of us had no idea Pods refered to a pod of whales until last week. They always thought it had to do with peas?