Kubernetes 1.18 And More

A lot has happened in the world since our last issue, including some Kubernetes developments worth talking about. With everyone quarantined right now, it felt like a good time to send some recommended reading (and a video) your way.

Issue #79

Last week, Kubernetes 1.18.0 shipped, and as usual, the folks at Sysdig delivered a complete writeup explaining what’s new. I’m pretty excited about debug containers, but you can get your complete 1.18 fix here.

Google recently introduced kpt, a GitOps-friendly way to package up (and share) a collection of Kubernetes manifests. It’s still early, but add this to the shelf on your workbench that has Helm, Kustomize, CNAB and other packaging tools. It’s great to see more work being done here, and we are looking forward to a good deep dive into kpt soon.

It’s pretty rare to run a modern workload without using some of the HashiCorp stack. And now it’s great that HashiCorp has made the commitment to join the CNCF. It will be interesting to see what changes this brings to the ecosystem.

Ian Coldwater and Brad Geesaman gave an eye-opening talk at RSA talking about some of the future of attacks as we all adopt Kubernetes and run it in prod. Start right around the 10 minute mark here to see some great examples of how to get secrets and more from a cluster. Pay attention to the takeaways at the end of the presentation.

A bit theoretical, but managing applications and workloads across disparate clusters is becoming a real-world problem that folks are starting to solve in interesting ways.

This is a fun and highly informative explanation of what happens when you run a typical kubectl command. Kubernetes does a lot of work to execute (or try to execute) your command. This document does a great job of explaining the internal workings and helps provide a deeper understanding of the “magic”.

As opinions and tools abound for how to package an application in Kubernetes, this tweet hits a little close to home for some of us.