DiscoverKubernetes Podcast from Google
Kubernetes Podcast from Google
Claim Ownership

Kubernetes Podcast from Google

Author: Craig Box

Subscribed: 2,130Played: 79,489


A weekly podcast focused on what's happening in the Kubernetes community. We cover Kubernetes, cloud-native applications, and other developments in the ecosystem. Host Craig Box can be reached on Twitter at @KubernetesPod or by email at
164 Episodes
Sebastien Pahl is a pioneer of container technology, building the predecessor to Docker as a co-founder of Dotcloud. After working at some big tech companies, he’s back to the startup life as co-founder of Opstrace, a fully open source observability distribution, built on top of the tools you know and love. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Pictograms Korea on Italy Pita Taufatofua, the oily Tongan Olympic drones Inclement weather: Tokyo New York City London News of the week Kubernetes 1.22 release candidates is out Episode 146, with Nabarun Pal Cloud Foundry Foundation releases v5 Episode 105, with Chip Childers Connaisseur 2.0.0 Episode 155, with Priya Wadwha Chaos Mesh 2.0.0 Episode 121, with Ed Huang Spectro Cloud raises $20m Series A Nominate yourself for the 1.23 Release Team Links from the interview EPITECH Solomon Hykes Departure blog Dotcloud Y Combinator $10m funding round Cloudflare Mesosphere HD-DVD and Betamax Operator Framework/Operator SDK Opstrace Prometheus Cortex Grafana Loki Grafana relicensing OpenMetrics and OpenTelemetry Matter, for smart home devices Opstrace on GitHub Sebastien Pahl on Twitter
The idea of software supply chain security rocketed into the public consciousness in the last year, with the news that US government agencies had been breached. Priya Wadhwa is a software engineer at Google working on open source security, including projects to secure and verify container deployments. She outlines what is being done to make sure this doesn’t happen to you. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Virgin Galactic launch NBC News BBC News Blue Origin launch NBC News BBC News Rocket scene from Austin Powers: The Spy Who Shagged Me The memes News of the week Google Cloud Container Security webinar Register for Google Cloud Next 2021 Google Cloud IDS Windows Server support for Anthos on-prem Multi-Cluster Ingress for GKE CVE-2021-22555: Kernel code execution through Netfilter bug CVE-2021-25740: Endpoint & EndpointSlice permissions allow cross-Namespace forwarding CVE-2021-32690: Helm repository credentials passed to alternate domain Attacks on Argo Workflows discovered by Intezer Sysdig acquires Apolicy; Apolicy acquired by Sysdig CockroachDB Operator for Kubernetes Automatic remediation of Kubernetes nodes at Cloudflare Sciuro Kured CNCF App Delivery TAG publishes operator whitepaper Links from the interview Software supply chain Know, Prevent, Fix Reproducible builds Debian Project SolarWinds hack US Executive Order on Improving the Nation’s Cybersecurity Binary Authorization Provenance, in art and software in-toto “Farm to table” sigstore Announcement blog cosign Announcement blog Dan Lorenc’s blog Connaisseur Rekor Fulcio Key signing ceremony: Dan Lorenc on Episode 152 Announcement blog Video Tekton Tekton Chains Announcement blog, by Priya & Dan SBOM (Software Bill of Materials) Open Source Insights Announcement blog Nine Inch Nails' Year Zero ARG Scorecards Announcement blog v2 blog SLSA Announcement blog GitHub SupplyChainSecurityCon sigstore Slack channel Priya Wadhwa on Twitter
Gatekeeper is an open source project which lets you enforce policy in a Kubernetes cluster. It’s also the basis for Policy Controller, a hosted and managed version now available for all GKE users. Max Smythe, a senior SWE at Google, is a maintainer of Gatekeeper and the TL of Policy Controller. He joins us to talk constraints, config and Cruise. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week England loses Euro 2020 final It’s Coming Ohm: prediction on power usage Half time power spike Top 20 spikes The Thorn Birds The Superbowl Flush - debunked! Tokyo Olympic Games Opening Ceremonies Hedbanz News of the week APIs being removed in Kubernetes 1.22 ContainIQ launches Postgres Operator 5.0 NetworkServiceMesh 1.0.0 Google Cloud Certificate Authority Service GA and cert-manager integration Platform9 Managed KubeVirt InsightCloudSec from Rapid7 Sophos acquires Capsul8 Spring 2021 graduating class from CNCF-sponsored LFX Mentorship program Links from the interview Brian May Edge of Tomorrow The redemption thereof Chubby Riak Gatekeeper Anthos Config Management Config Sync Policy Controller Episode 101, with Tim Hinrichs and Torin Sandall PodSecurityPolicy is not going GA SIG Auth’s replacement proposal Using ACM constraints to enforce Pod security OPA Constraint framework Policy Controller: Creating constraints Writing a constraint template Structural schemas Design Patterns for Extendable, Scalable K8s Extensions by Rita Zhang and Max Smythe Max Smythe on Twitter
Debugging Kubernetes often involves correlating what happened just before something went bad. Itiel Shwartz is a co-founder of Komodor, a startup who builds a platform to help with exactly that. We talk Hebrew names, Hungarian dogs and German car crashes. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Jimmy Moore steps out from behind the scenes Conan O’Brien Needs A Friend Revisionist History Letterman reads out Johnny’s jokes Mythic Quest News of the week Joint US/UK cybersecurity advisory saying Russia is using Kubernetes CNCF and FinOps Foundation survey Canonical Kubernetes usage survey CNCF End User Radar for multi-cluster tools runc 1.0.0 Buoyant Cloud Public Beta Sloth, by Xabier Larrakoetxea Links from the interview Komodor “Itiel” and “ETL” Rookout Forter Ben Ofiri Komodor team photo The Komondor (and image search) Man Who Looks Like His Dog Jack Tramiel, co-founder of Commodore International The story of the name “Commodore” Man Who Looks Like His Dog Single bit-flip renders certificate transparency log invalid $25 million funding with angel investors Itiel Shwartz and Komodor on Twitter
Steve McGhee worked as an SRE at Google for almost 10 years, then took a job outside the company. He was tasked with recreating “Google Production” and SRE practice from first principals, but with three books, modern cloud providers, and the entire Kubernetes ecosystem to help. How did he do? Learn about that which you can and can’t replace. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Dan’s recent work has come up in episodes 136, 142, and 151, to name but a few Episode 39, with Dan Lorenc Tekton CD Sigstore Dan’s Peter Jackson look Sigstore Root Key Ceremony IANA Key Signing Ceremonies and changes in the time of COVID News of the week GKE news: New Tau VMs on Google Cloud and GKE Committed use discounts for GKE Autopilot Cloud Onboard training for GKE with Kaslin Fields, on June 22 Stackrox/Red Hat State of Kubernetes Security blog post and report etcd 3.5 SLSA: Supply chain Levels for Software Artifacts Ensemble, by Tesera Harbor operator 1.0 Weave GitOps Core Episodes 144 and 145, with Alexis Richardson WSO2 launches Choreo and acquires Platformer KubeCon EU 2021 transparency report COVID vaccine required to attend fall 2021 Linux Foundation events Opinions on Knative positioning by Ahmet Alp Balkan Episode 66 Links from the interview LG Chocolate Phone and the Crazy Frog Good SRE is the inverse of the XKCD comic on Standards “Breaking Prod: More than once, I personally made it impossible to use google search from a phone (for a little bit). Like, for everyone on the planet.” San Luis Obispo, California (SLO) GIFEE, coined at CoreOS Rebuilding SRE, from Memory Ben Treynor Sloss Homer Simpson’s Car Postcards from the future and the crystal ball It is against the law to have a sleeping donkey in your bathtub after 7pm How To Avoid Huge Ships Prometheus Canary releases Canary deployments with Istio SLO Math, by Steve McGhee (SLOconf 2021) The SRE I Aspire To Be, by Yaniv Aknin (SREcon 2019) RAID. a Redundant Array of Inexpensive/Independent Disks Deployment Archetypes for Cloud Applications, by Brad Calder and Anna Berenberg Steve McGhee on Twitter
NVIDIA and Google have teamed up to bring the new Multi-Instance GPU feature, launched with the NVIDIA A100, to GKE. We speak to Kevin Klues from NVIDIA and Pradeep Venkatachalam from Google Cloud on how and why people use GPUs, optimising instance shapes for machine learning, and why less is often more. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Episode 64, with Sarah D’Angelo and Patrick Flynn Catching up with Patrick in Episode 148 Winthrop, Washington Blackdown Hills, Devon News of the week Azure App Services now available for Azure Arc Azure Arc and App Service blog posts Other new AKS capbilities Virtualization Review coverage ECS Anywhere made GA by press release AWS App Runner Integrating Google Cloud DNS with GKE Istio 1.10 Terraform 1.0 Grafana 8.0 and Tempo 1.0 Argo Rollouts 1.0 Kubesphere 3.1.0 Cilium 1.10 OpenSLO spec launched at SLOConf Episode 147, with Brian Singer and Kit Merker Envoy GA on Windows Chaos Experimentation Framework for Envoy El Carro operator for Oracle Database from Google Cloud Moco operator for MySQL from Kintone PlanetScale GA Episode 81, with Jiten Vaidya and Sugu Sougoumarane FoundationDB paper from ACM SIG MOD DockerCon announcements Coverage of Development Environments from The Register Deps: Open Source Insights project from Google Graph for Kubernetes 1.0.0 Graph for Kubernetes 1.22.0-alpha.2 Verifiable Supply Chain Metadata with Tekton Chains Kubernetes CVEs: CVE-2021-25736 CVE-2021-25737 CVE-2021-25738 runc CVE-2021-30465 VS Code Plugin for Kubernetes CVE-2021-31938 Steve Smith says “GitOps is a placebo” in a blog post and Twitter thread Follow up from Vic Iglesias GitOpsDays Styra raises $40m Series B round Episode 101, with Tim Hinrichs and Torin Sandall Cloud Native community goes live with 10 shows on something called Twitch YouTube playlist for KubeCon EU 2021 Links from the interview Episode 92, with Pramod Ramarao Dogecoin Training and inference 12 things that prove Doom will run on literally anything “It runs Doom” subreddit CUDA vGPUs Multi-Instance GPUs GKE now supports multi-instance GPUs 7 core MacBook Air GPUs A100 GPU 16 A100 GPUs on a Google Cloud VM Running GPUs on GKE Node taints for scheduling NVIDIA Container Toolkit GCP NVIDIA GPU device plugin Kubernetes NVIDIA device plugin GTC 2021 talks: A Deep Dive on Supporting Multi-Instance GPUs in Containers and Kubernetes by Kevin and Pradeep Gain Competitive Advantage using ML Ops: Kubeflow and NVIDIA Merlin and Google Cloud by Andrew Stein and Maulin Patel (Google) and Davide Onofrio (NVIDIA) Kevin’s KubeCon talk and slides Kevin Klues on Twitter
Pixie Labs built an observabiity platform for Kubernetes, which uses eBPF to get telemetry without user intervention. They were recently acquired by New Relic, who open sourced the Pixie software. Co-founders Zain Asgar and Ishan Mukherjee join Craig Box to tell the story and talk about what’s next. Guest host Alex Ellis tends his garden. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Episode 116, with Alex Ellis GrowLab Announcement blog Alex’s talk at the GIFEE Day Monty Don OpenFaaS in the RISC-V keynote New Kubernetes on Edge training course News of the week eBPF for Windows GKE Dataplane V2 is GA Confluent for Kubernetes GA VMware Tanzu SQL, with MySQL, for Kubernetes, 1.0 VMware Modern Apps Connectivity Solution Do the State of DevOps survey! Links from the interview Pixie Labs What is Pixie overview slides presented to CNCF Public beta launch and announcement of Series A funding TechCrunch coverage Pixie Labs acquired by New Relic; New Relic acquires Pixie Labs A day in the life of a Kiva robot Recognition for Google Lens clothing recognition Dog or blueberry muffin? Episode 125, with Ramiro Berrelleza How Pixie Works New Relic goes all-in on OpenTelemetry and Open Source Pixie on GitHub Pixienauts community New Relic upgrades to Platinum member at CNCF Zain Asgar and Ishan Mukherjee on Twitter
A small army of community volunteers is necessary to host a KubeCon, but behind them is a professional events team. Colleen Mickey is Director of Event Services at the Linux Foundation and is responsible for KubeCon + CloudNativeCon, as well as other events like Hyperledger Global Forum and cdCon. She talks to us about hosting, feeding and watering 10,000 people, as well as the change to virtual events. We also bring the round-up of the KubeCon news, including our famous Lightning Round. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Episode 29, with Janet Kuo Looking back at KubeCon Shanghai 2018 News of the week New Relic and Pixie Labs blogs on Pixie being open sourced New Relic joins CNCF as a Platinum Member Red Hat launches the Stackrox community at OpenShift GitOps and OpenShift Pipelines Snyk’s State of Cloud Native Application Security report announcement and results OCI Distribution Specification reaches 1.0 Prometheus to launch conformance program New CNCF sandbox projects: Vineyard, an in-memory immutable data manager WasmEdge Runtime, a WebAssembly Virtual Machine for cloud, AI, and blockchain applications ChaosBlade, an open-source version of Alibaba’s chaos tools Fluid, a data and storage abstraction for AI and cloud-native applications Submariner, a cross-cluster overlay of overlay networks Antrea, a Kubernetes CNI plugin Episode 128, with Antonin Bas CNCF Edge survey results and free Kubernetes on Edge Training Episode 116, with Alex Ellis Inclusive Naming Initiative receives Honorable Mention at Fast Company’s 2021 World Changing Ideas Awards ‘Master,’ ‘Slave’ and the Fight Over Offensive Terms in Computing by Kate Conger of the New York Times Episode 130, with Stephen Augustus Spotify wins CNCF Top End User Award Episode 50, with David Xia Episode 136, with Lee Mills and Matt Clarke. Lightning round Accuknox secured $4.6m in seed funding Accurics announced Terrascan integrates with Argo CD Ambassador introduced a Developer Control Plane Armory introduced mini-Spinnaker installation Minnaker, built on k3s Arrikto announced MiniKF 1.3 and Eenterprise Kubeflow for Azure Avesha launched Smart Application Cloud Framework Bridgecrew published security trends from analyzing Helm charts CAST AI announced Amazon EKS cost optimizer Civo launched K3s-as-a service to early adopters Cloudical introduced version 1.8 of VanillaStack DataStax announced that k8ssandra supports all distributions Dynatrace added the ability to ingest OpenTelemetry traces HAProxy launched version 1.6 Kubernetes ingress controller Kasten added ransomware protection with v4.0 of K10 Kubermatic Kubernetes Platform 2.17 Kubernative says that KubeOps is now a full-fledged Managed Kubernetes Framework Netdata has added Kubernetes monitoring features to their Cloud service Nirmata announced Nirmata Policy Manager, based on Kyverno OpenNebula released a new K3s Virtual Appliance for running Edge Clouds Portainer raised $6M in a Series A round to Accelerate their global expansion Portworx pre-announced PX-Backup 2.0 with support for external auth services Rancher launched a new Rancher Desktop tool in Alpha for Windows and Mac Rafay launched new features to its Kubernetes Management Cloud Splunk announced their Observability Cloud is Generally Available StackPulse announced a Kubernetes-centric operations center StorageOS version 2.4 brings encryption at rest and rapid application recovery StormForge introduced automatic scanning of in-cluster resources StreamNative open sourced Function Mesh for running Apache Pulsar functions Sysdig added runtime detection and response for AWS Fargate Tigera released Calico Enterprise 3.5 with Dynamic Service Graph and eBPF data plane Timescale raised $40m Series B for Postgres-based TSDB and Prometheus cloud Trilio announced Kubernetes Backup Monitoring for Velero users Vitess launched version 10, with support for the Ruby on Rails framework Wanclouds launched multi-cloud Disaster Recovery as a Service Weaveworks launched Weave Kubernetes Platform 2.5 with multi cluster observability platform Zebrium now automatically perform Root Cause Analysis with integration into Opsgenie Links from the interview The first KubeCon in 2015 KubeCon donated to the CNCF CNCF presents CloudNativeCon and hosts future KubeCon events (2016) Dreamforce brings in cruise ships KubeCon NA 2017 in Austin, TX Linux Foundation Climate Finance Foundation Diamond sponsor lottery Diversity and inclusion at KubeCon EU Sponsorship open for KubeCon NA 2021 Event platforms: Intrado MeetingPlay KubeCon + CloudNativeCon Europe 2021 KubeCon + CloudNativeCon North America 2021 GopherCon EU 2018 in Iceland Colleen Mickey on LinkedIn
Liqo is short for Liquid Computing. It’s a tool for extending Kubernetes onto others clusters, developed at the Polytechnic University of Turin. Research assistant and Liqo co-creator Alex Palesandro is our guest this week. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Episode 64 with Sarah D’Angelo and Patrick Flynn Three years ago today James Strachan, James Rawlings and Dan Lorenc Jib reCAPTCHA News of the week Microsoft to acquire Kinvolk, Kinvolk to be acquired by Microsoft Episode 79 with Chris Kühl Red Hat Virtual Summit announcements Red Hat OpenShift Platform Plus Rackspace and Platform9 announce partnership Episode 88, with Madhura Maskasky Lens 5 Beta HYCU joins the Kubernetes backup party Sysdig joins the cloud security unicorns Episode 91, with Leonardo Di Donato GKE adds multi-instance GPUs and a new Gateway controller Kubernetes moves to three releases per year Links from the interview Alex Palesandro Politecnico di Torino Alex’s thesis Episode 141, with Daniel Mangum Episode 142, with Gianluca Arbezzano Fiat and Stellantis DAUIN, Department of Control and Computer Engineering Netgroup Crown Labs Blender Liqo Virtual Kubelet mDNS Kubernetes TLS bootstrapping Vint Cerf at 6UK launch in 2010 kubefed Liqo roadmap Liqo on GitHub Alex Palesandro on Twitter
Brian Singer co-founded Orbitera, which was acquired by Google in 2016. During that process he met Kit Merker, who was a PM on GKE and the GCP Marketplace, and the two are now working togther on relability engineering startup Nobl9. We talk about migrating Orbitera to GKE and Google’s SRE platform, and how many 9s are too many. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Episode 94, with Richard Belleville The G in gRPC stands for: Gilded Guadalupe River Park Conservancy The Great British Bake Off? Not grey, just backlit! Much improved here News of the week Grafana relicensing to AGPLv3 Q&A on relicensing Google’s public ban on AGPL Amazon introduces OpenSerarch Pulumi v3.0 Episode 76, with Joe Duffy k8ssandra v1.1 Cassandra Kubernetes SIG picks Cass Operator Docker Desktop for Apple Silicon Macs is GA Zerto for Kubernetes Three different multi-tenancy models Loft Labs open sources Vcluster CVE-2021-20291 in CRI-O and Podman Kubernetes blog updates: Volume health monitoring Indexed Jobs Graceful node shutdown Defining Network Policy conformance for CNI providers Evolving Kubernetes networking with the Gateway API Links from the interview Orbitera in 2016 - acquired by Google Why Orbitera was migrated to GKE Site Reliability Engineering Service level objectives Error budgets and risk Being too reliable SLOs, SLAs, SLIs SLOs explained in 90 seconds video by Kit Merker Nobl9 SLO Platform SLOconf Fly to SLO Fly to Oslo Beyond Seattle SRE meetup Slash at Wembley Arena Brian Singer on Twitter Kit Merker on Twitter
Celebrate the release of Kubernetes 1.21 with release team lead Nabarun Pal from VMware. Nabarun talks about choosing between “hardware” and software, additions and removals from Kubernetes 1.21, and how the Kubernetes project has become more welcoming to people outside the USA. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Moscone Center vaccination site Monday morning weather in London Before and after haircut World record barbering News of the week Kubernetes 1.21 CronJobs are GA Local Storage features go Beta Suspended Jobs in Alpha kube-state-metrics v2.0 emissary-ingress joins the CNCF Shell Operator v1 for Kubernetes operators kubesploit, from CyberArk CVE-2021-25735: Validating Admission Webhook does not observe some previous fields on Node objects Kubegres Minio adds Kubernetes operator and console Scaling Kubernetes with assurance at Pinterest by Anson Qian SUSE sponsors 300 scholarships in cloud native education A reprieve for Apache Mesos Links from the interview Nabarun Pal IIT Roorkee Logo ABU Robocon Models and Robotics Section, IIT Roorkee Rorodata/Algoshelf PyCon India Building microservices with Firefly at PyCon India 2017 Conference talks Linux Users' Group of Durgapur (DGPLUG) and FOSS training Kubernetes Bangalore meetup Nabarun’s journey in the Kubernetes release team Applications for Kubernetes 1.21 release team are open Episode 130 with Stephen Augustus Kubernetes 1.21 release blog Kubernetes Enhancement Proposals (KEPs) 1.21 release page PodSecurityPolicy deprecation and KEP Making sure features don’t languish in Beta Volume health monitoring Command metadata in kubectl headers Tweet from @dims bribing people to test Release Candidate builds Savitha Raghunathan is release lead for 1.21 Lewis Hamilton tied with Michael Schumacher Mick Schumacher joins F1 Nabarun Pal on Twitter
We conclude our two-part conversation with Weaveworks co-founder Alexis Richardson, picking up when the company received Series A investment in December 2014. Since then, they built projects like Scope, Cortex and Flux as well as SaaS offerings based on them. We also look at Alexis’s role in the founding of the CNCF. Please be sure to listen to the first part before this one! Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Educational YouTubers: Film Riot Mental Floss Animator Island Infrastructure for Entertainment by Justin Garrison at KubeCon NA 2020 Episode 20, with Justin Garrison News of the week Kubernetes 1.21 PodSecurityPolicy deprecation KubeVela 1.0 Argo Workflows 3.0 and Argo CD 2.0 Cilium launches NetworkPolicy site IBM Cloud Code Engine is GA Tanzu Cloud Native Runtimes public beta New security offerings from Tanzu Cisco Intersight Kubernetes Service is GA Tetrate Service Bridge is also GA Updates to Azure Arc enabled Kubernetes and OpenServiceMesh add-on for Azure in Preview etcd project journey report published Single sign-on guide for Kubernetes by Ben Dixon Apache Mesos moving to the Attic Links from the interview Last week’s episode Weaveworks Weaveworks takes a $5m Series A round Weave Scope and its annoucement Cortex Flux CD and its announcement as a service routing layer Weave Cloud Docker Swarm Mode kubernetes-anywhere kubeadm How we made kubeadm Brandon Philips' newsletter Launching eksctl The August 2017 post introducing GitOps Peter Bourgon and Michael Bridgen Kelsey Hightower talk at GitOpsDays Guide to GitOps Steam engine centrifugal governor Flux joins the CNCF Flagger Announcement about Argo and Flux joining forces Weaveworks is a founding member of the CNCF Alexis elected as TOC chair Battlestar Galactica Weave Kubernetes Platform Series C funding Alexis Richardson on Twitter
We’re trying something new! In Part 1 of a two-part conversation with Weaveworks co-founder Alexis Richardson, we have a wide ranging conversation about career choices, finance, founding and selling tech companies, and the dangers of being pigeon-holed based on the first project your company releases. Next week we’ll finish the conversation by talking about Weave projects like Flux and Cortex, as well as their SaaS offerings, the founding of the CNCF, and whether Weave built the platform they set out to build when they started 7 years ago. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Evergiven Everywhere “Reply all” at the State Department Evergreen truck blocks Chineses highway Little ship stuck in Littlehampton harbour Vote for the name of the Seattle Tunnel Boring Machine Sir Mix-a-Lot News of the week Outdated; a new open source project from Replicated Episode 143, with Grant Miller Kubestr by Kasten by Veeam, by golly The Aerospike Kubernetes Operator Tanzu Kubernetes Grid v1.3 Red Hat OpenShift on AWS is GA is changing login methods Container vulnerability scanning from Sophos Kubecost raises $5.5m in funding Episode 124, with Webb Brown Security Updates in Docker by Itamar Turner-Trauring Links from the interview Mathematical logic at Oxford University Stewart Butterfield on philosophy Computer Literacy Project Jeremy Ruston’s BBC Micro Revealed and 80s hair Haskell, Orwell and Miranda OCaml and Standard ML 1998 Russian financial crisis Metalogic Oy Cohesive Networks AMQP RabbitMQ NZ Easter Bunny hunt Matthias Radestock Erlang ejabberd Matthew Sackman and Tony Garnock-Jones Open Telecom Platform (OTP) VMware acquires Rabbit Technologies SpringSource previously Interface21 Weaveworks Introductory blog “Zettio introduces Weave” Weave Net Alexis Richardson on Twitter
Grant Miller is the co-founder and CEO of Replicated, which helps operationalize and scale the delivery of Kubernetes-based apps into the enterprise. We look at what it means to be enterprise software in a SaaS world, and we also get some 2021 predictions from guest host Liz Rice. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Episode 19, with Liz Rice Episode 133, with Thomas Graf Cilium talk at DockerCon 2017 Liz’s 2021 predictions from KubeCon NA (Virtual) 2020 Cheese exports are down Autonomous driving levels Prince Harry joins a startup Nick Clegg joins Facebook News of the week SoloCon announcements Mesh7 to be acquired by VMware GKE adds runtime configuration of pod subnets and larger Internal Load Balancer support Amazon reduces EKS cluster create time from “glacial” to “slow” NetApp launches Spot Wave CircleCI Server 3.0 Diamanti Spektra 3.2 Sonatype launches Nexus Container Davanum Srinivas elected to the CNCF TOC “Unironically Using Kubernetes for my Personal Blog” Links from the interview SparkPeople Marc Campbell acquired by LivePerson Replicated Open source from Replicated kurl KOTS Troubleshoot SchemaHero Donated to the CNCF EnterpriseReady and the EnterpriseReady Podcast Kubelist and the Kubelist Podcast Replicants, replicators and gremlins Grant Miller and Replicated on Twitter
If you’d like something more tangible than a virtual cloud instance, there’s always (still!) bare metal. Tinkerbell is a project from Equinix Metal to manage bare metal servers at scale, and Gianluca Arbezzano is one of its maintainers. We talk stacks, racks and MACs. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Episode 11, with Vic Iglesias Vic lives here, but not here Pokémon Go social distancing News of the week Flux moves to incubation in the CNCF NetApp Astra goes GA; more information Fairwinds introduces Saffire Cosign, by Dan Lorenc Episode 39 Komodor beta and swag offer Announcing Private Clusters on Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) Linkerd 2.10 The Money Section, with thanks to David Pait, guest of Episode 127 Docker takes $23m in Series “B” funding to get ship done Aqua Security takes $135m in Series E at $1b valuation Snyk raises $300m in Series E valuing company at $4.7 billion Tetrate raises $40m Series B Is Crossplane the Infrastructure LLVM? by Daniel Mangum Episode 141 Links from the interview PHP. and PHP in 2020 Turin InfluxData Episode 91, with Leonardo Di Donato Dropbox’s exodus from Amazon Equinix Metal Packet acquired by Equinix Tinkerbell OpenCompute and Open19 Server terminology: Next Unit of Computing (NUC) Baseboard management controller (BMC) Preboot Execution Environment (PXE) Floppy disks DIY Board management control for an Intel NUC: power control Tinkerbell services: Tink Boots OSIE Hook Hegel PB&J OVH fire How Tinkerbell Got Its Wings, including joining the CNCF Tinkerbell community Episode 136: Backstage, with Lee Mills and Matt Clarke Gianluca Arbezzano on Twitter and on the web Tinkerbell on Twitter
Crossplane lets you automate creation of infrastructure using Kubernetes APIs. Daniel Mangum is a Crossplane maintainer working at its creator Upbound, a TL of Kubernetes SIG Release, and a YouTube streaming star. He chats about tech with host Craig Box, who is helped this week by returning guest Ken Massada from GKE’s Support team. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Episode 18, with Ken Massada Things We Don’t Say podcast Glow in the dark sharks Earthquakes and tsunamis News of the week Microsoft Ignite news: Azure Arc for Kubernetes Azure Migrate app containerization service AKS release notes Microsoft Mesh Helm second security audit Meet Brigade v2 Harbor 2.2 and roadmap Google Summer of Code 2021 KubeCon EU 2021 schedule launched and the selection process explained Issue #100000 on kubernetes/kubernetes Links from the interview Visual Basic for Applications NYT article on retro computing Compiler Explorer Rich Code for Tiny Computers by Jason Turner Upbound Episode 36, with Jared Watts Crossplane Crossplane vs Terraform blog by Nic Cope Compositions and XRDs Crossplane vs Cloud Infrastructure Add-ons TBS episode with Matt Moore of Knative Helm provider July 2020: Crossplane joins the CNCF LFX mentorship program Dec 2020: v1.0 Mar 2021: v1.1 Kubernetes SIG Release Upcoming KubeCon talk: FPGK8s: Consumer-Grade FPGAs on Kubernetes Cutting GTA loading times by 70% and how YAML parsing can become quadratic Daniel’s current hirsuteness The Binding Status Flake-Finder Fridays Daniel Mangum on Twitter and on the web
Kamil Potrec is a Senior Security Engineer at Snyk, working on security around Kubernetes and cloud platforms. He joins the show to discuss how to think about securing your infrastructure, the different arts (and colors) of offensive and defensive security, and what not to lose sleep over. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Episode 23, with Andrew Philips and Lars Wander A pile of mail and a bike News of the week Red Hat OpenShift 4.7 is GA Fairwinds Insights 3.0 Envoy zero-day patched Istio security bulletin Sysdig contributes Falco modules to the CNCF StorageOS raises $10m in Series B Platform9 raises $12.5m in Series D CNCF relaunches Kubernetes Community Day with KCD Africa and Bengaluru Links from the interview Offensive unit in American Football Hand-egg Red and blue teams Unreal Tournament Capture the flag Kubernetes secrets Design document Encrypting secrets at the application layer Antivirus software Tracer-tee SolarWinds attack Reflections on Trusting Trust by Ken Thompson left-pad deleted from NPM Snyk Open Source The open source parts Snyk vulnerability database MITRE CVE database Kubernetes security at Snyk Deploy only trusted containers to GKE Application threat modeling Kubernetes security best practices, including security context, AppArmor, gVisor etc CVE-2020-8554: man-in-the-middle attack using ExternalIP services CVE-2020-14386: packet socket vulnerability with user namespaces enabled Earlier related work: CVE-2017-7308 and CVE-2016-8655 Project Zero writeup Rewrite it in Rust! Kamil Potrec on LinkedIn
Today Google Cloud introduced GKE Autopilot, a new mode of operation where you no longer manage or configure nodes, and you pay per-pod, per-second. Craig talks Autopilot with GKE product manager Yochay Kiriaty. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Episode 86, with Lin Sun Istio boat meetup at KubeCon NA 2019 IstioCon 2021 Craig and Lin’s session Jeff from Coupling Separated at birth? News of the week Google Cloud launches GKE Autopilot Dapr 1.0 Calico Cloud Gloo Mesh Enterprise goes GA Distroless FIPS-compliant Istio Red Hat closes acquisition of Stackrox Real load-aware scheduling in Kubernetes with Trimaran Kubernetes overlay networks with IPv6 Links from the interview Last week’s Star Wars show A selection of presentations wearing Darth Vader shirts Windows 7 Red Dog Google South Lake Union Seaplanes GKE Autopilot Launch blog Episode 49, wth Eric Brewer Virtual Kubelet Datadog Container Report Episode 137, with Michael Gerstenhaber
This week we talk multi-cluster services with Jeremy Olmsted-Thompson, co-chair of the Kubernetes Multicluster SIG, and tech lead on the Google Kubernetes Engine platform team. Guest host Tim Hockin shows us the way. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Episode 41, with Tim Hockin The Machete Order John Boyega on Star Wars News of the week Istio 1.9 IstioCon 2021 - February 22-26 Mayadata spins out Chaos Native Cilium Network Policy editor Kubernetes network policy explained by Dominik Tornow Trend Micro write-up on container-escaping malware Dynatrace Cloud Automation and native log support Episode 119, with Alois Reitbauer Shipa 1.2 New GKE, EKS and AKS releases Tanzu Build Service 1.1 Kubernetes 101 Retrospective by Jeff Geerling CFP for the eight KubeCon EU pre-days Designing for SaaS on Kubernetes at Teleport by Virag Mody Comparing OPA/Gatekeeper and Kyverno by Chip Zoller Links from the interview Anthos on VMware SIG Multicluster Federation v2 update Multi-Cluster Services KEP Namespace sameness Gateway API (formerly known as Service APIs) Istio RFC Introducing GKE multi-cluster services Multi-cluster Ingress Cluster API Cluster ID KEP Jeremy Olmsted-Thompson on Twitter and GitHub
Michael Gerstenhaber is a Director of Product Management at Datadog, and the curator of their annual Container Report. He joins Craig to discuss why they release it, some recent trends, and how it helps people validate their assumptions about technology. Do you have something cool to share? Some questions? Let us know: web: mail: twitter: @kubernetespod Chatter of the week Episode 103, with Saad Ali New TOC members Episode 62, with Ricardo Rocha, Lukas Heinrch and Clemens Lange Malaysian roti in London Elgin Marbles News of the week OPA graduates in the CNCF Episode 101, with Tim Hinrichs and Torin Sandall Docker Distribution donated to the CNCF Red Hat Quay 3.4 released CNCF proposal Hildegard malware writeup from Unit42 The original TeamTNT Attacking Kubernetes clusters using the Kubelet API by Eduardo Baitello Jetstack Secure Traefik Using Traefik as an ingress controller with Istio Kong Konnect is GA Kong raises $100M at a $1.4b valuation Get your KubeCon EU tickets early Buildpacks vs Dockerfiles by Genevieve L’Esperance Why Helm never felt like it belonged by Luka Skugor Links from the interview iOS and iOS The Happy Cloud Happy Cloud Taps the Cloud to Speed Up Video Game Downloads by Ryan Kim at GigaOM Datadog Live Container monitoring Live Process monitoring Golden signals Work metrics and resource metrics Datadog reports: Docker adoption 2015 2016 2017 2018 Container orchestration 2018 Container Report 2019 2020 KubeCon EU 2019 talk: 10 Ways to Shoot Yourself in the Foot with Kubernetes, #9 Will Surprise You by Laurent Bernaille & Robert Boll Autopilot: Workload Autoscaling at Google Scale Snow in NYC #17 on the all-time list by inches of snowfall Michael Gerstenhaber on Twitter
Comments (6)


28:50: not able to mount docker socket into pod

Jan 24th

Eliseu Monar dos Santos

Katherine is absolutely incredible. It's interesting to see how one person can elevate the quality of a project so much. Great episode!

Nov 21st

Sebastian Nyberg

What happened at 12:23 lol

Jul 11th


Using hybrid in a way where some things run on prem is interesting! Plus the name Bonzai is just a great name.

Jun 29th

Facts Don't Care About Your Feelings

Google is not your friend. They give you "free" stuff to spy on you and steal as much of your private information as they can.

Apr 24th

Frank Boucher (FBoucheros)

Nice update. I like the talk about Anthos it look like a great migration tool. I need to find that GitHub repo...

Apr 22nd
Download from Google Play
Download from App Store