DiscoverKubernetes Podcast from Google
Kubernetes Podcast from Google
Claim Ownership

Kubernetes Podcast from Google

Author: Adam Glick and Craig Box

Subscribed: 1,399Played: 29,777


A weekly podcast focused on what's happening in the Kubernetes community covering Kubernetes, cloud-native applications, and other developments in the Kubernetes community. Co-hosts Adam Glick and Craig Box can be reached on Twitter at @KubernetesPod or by email at
73 Episodes
containerd was born from community desire for a core, standalone runtime to act as a piece of plumbing that applications like Kubernetes could use. It sits between command line tools like Docker, which it was spun out from, and lower-level runtimes like runC or gVisor, which execute the container’s code. This week’s guest is Derek McGowan, a Software Engineer at Docker and a containerd maintainer-d.Along with the news of the week, Adam and Craig discuss the many Vancouvers.Do you have something cool to share? Some questions? Let us know:web: kubernetespodcast.commail: kubernetespodcast@google.comtwitter: @kubernetespodChatter of the weekVancouver, Vancouver, and George VancouverSouth Bend, North Bend, and BendCosmpolis“50 Year Sensation: the Dave McMacken Retrospective” (album art show in Astoria, Oregon)News of the weekIstio 1.3 is outGoogle’s Anthos now incudes Anthos Service Mesh, Cloud Run for Anthos and moreCloud Native Application Bundles hit 1.0Episode 61 with Ralph Squillace and Jeremy RickardNominations for the annual CNCF Community AwardsBloomberg hits 90% utilization with KubernetesMistakes that “cost” thousands by Gajus KuizinasKubernetes Edge working group publishes whitepaperIsopod, by CruisePulumi 1.05 RBAC mistakes you must avoid (number 4 will shock you)OpenShift 4.2 disconnected installRed Hat Quay 3.1Microsoft AKS brings Scale Sets and Standard LB to GAUpstream kernel bugsAmazom EKS adds cluster tagging and IAM roles for service accountsDeep dive into AWS Fargate by Abhisheck Ray from AmazonKong introduces Kuma, “universal service mesh”Google introduces Cloud Dataproc for KubernetesApache Flink operator from Google CloudContainer runtime security bypasses on Falco by Mark “Antitree” ManningRafay Systems lands $8m in Series A fundingLinks from the interviewcontainerdOriginal announcementThe many meanings of ‘container runtime’kubelet and Container Runtime InterfacesrunC, gVisor, Kata Containers, and the Windows Host Compute Service (HCS)ctr debug toolcontainerd’s graduation from the CNCFcontainerd shim APIgVisor shimFirecracker containerd integrationKata Containers shimWindows Container shimrkt announced in 2014 with appC specOpen Container Initiativelibcontainer, which became runCWeb Assembly (WASM)BuildKit1.3.0 releases are comingContribution opportunities:Reporting issuesPlugin ecosystemDerek McGowan and containerd on Twitter
Patrick Lang is the co-chair of the Kubernetes Windows SIG. He is a Senior Software Engineer at Microsoft, developing Kubernetes and related open-source projects supporting Windows Server Containers. Patrick joins Adam and Craig to tell the story of how containers came to Windows.Do you have something cool to share? Some questions? Let us know:web: kubernetespodcast.commail: kubernetespodcast@google.comtwitter: @kubernetespodChatter of the weekGetting to the Peak TramNews of the weekKubeCon 2019 scheduleTim Hockin and Kal Henidak on dual stack IPv4Building a 5G network live on stageGKE Shielded VM NodesMæshProject Contour 0.15Contour on KindTechCrunch video: How Kubernetes Changed EverythingAaron Roydhouse reverse engineers release schedules as 1.15 hits Preview on Azure and Rapid Channel on GKEGKE Scalability best practicesThe Kubernetes scalability hypercubeCloud Foundry Networking Team UpdateBuilding a Continuous Delivery Pipeline for Symphony by Ivan BabenkoThe Cult of Kubernetes and Hacker News discussionLinks from the interviewWindows Server containersWindows Server Core and Nano ServerSessions on WindowsDocker and Windows partnership announced in 2014Active DirectoryGroup Managed Service Accounts (GMSA)GMSAs for Windows containersWindows network namespacesHost Networking Service and Virtual Filtering PlatformGMSA integration with KubernetesGPU acceleration in Windows ContainersBatch files!Patching:Patch TuesdayWindows base OS images on Docker HubWindows container version compatibilityHyper-V isolationDocker for WindowsGet started with Windows containersWindows Server Containers in preview on AKS, EKS or GKESIG Windows and their Slack channelPatrick Lang on GitHub
kind, with Ben Elder

kind, with Ben Elder


kind stands for Kubernetes in Docker. Originally built for continuous integration (CI) and testing of Kubernetes itself, kind has found many uses, including acting as a cluster for bootstrapping other clusters. Original author Ben Elder from Google Cloud joins Craig and Adam to talk about it.Want to see Adam’s puzzles? Let us know:web: kubernetespodcast.commail: kubernetespodcast@google.comtwitter: @kubernetespodChatter of the weekAdam’s new Seattle office buildingExample Quick Cryptic from The TimesExample USA Today crosswordNew York Times crossword puzzle case studyThe NYT mini crosswordCraig’s record is 13 seconds!Times for the Times solver blogA puzzle in a tweetThe answerCode GolfNews of the weekIntroducing Kubernetes Academy Brought To You By VMwareKubernetes Academy Brought To You By VMwareKnative serverless Kubernetes bypasses FaaS to revive PaaSHelm 3 BetaTo Helm or not to Helm? by Stepan StiplAnnouncing etcd 3.4 by Gyuho Lee and Jingyi HuBlocking old Cert Manager versions from Lets EncryptLinux Namespaces by Ifeanyi UbahHow kubectl exec works by Erkan ErolAnnouncing the CNCF Kubernetes Project Journey ReportThe reportAdopting Istio for a multi-tenant kubernetes cluster in Production by Vishal BanthiaStackRox 2.5Platform9 raises $25m in Series DThe first managed Kubernetes service on VMware?Dell previews data protection software for KubernetesDNS spoofing in Kubernetes clusters by Daniel SagiDynamic Kubernetes informers by Robert RossWhat’s next for Vault and Kubernetes?Consul 1.6 is now GAKubernetes security audit: What GKE and Anthos users need to knowManaged AD now in Beta on Google CloudIntroducing Red Hat OpenShift 4.2 in Developer Preview; releasing nightly buildsDeveloper Preview now available on GCPOperational Insights for Containers and Containerized ApplicationsDeploying GitOps with Weave Flux and Amazon EKSLinks from the interviewBen’s GSoC proposal and first Kubernetes project: use iptables for proxying instead of userspacekind webpageDocumentationkind on GitHubPrivileged containerskubernetes CICluster APIIPv6 on kindEnd to end testingRunning Kubernetes in a CI pipeline by LoodseCluster API logo - it’s turtles all the way downkubeadmcluster-api-provider-dockerOther tools:kinderkindestShoutouts to:Antonio Ojea from SUSEJames Munnelly from JetStackSIG Cluster LifecycleBen Elder on Twitter
Container Camp is a series of independent conferences, spanning three continents and in their fifth year. “Camp mother” Angie Maguire is the co-organiser, and is also the founder of Ladies of Code. She joins Adam, who is yet to attend a Camp, but actually goes camping, and Craig, who has spoken at Camps in London and Sydney, and prefers hotels.Do you have something cool to share? Some questions? Let us know:web: kubernetespodcast.commail: kubernetespodcast@google.comtwitter: @kubernetespodChatter of the weekThe mound is movingThe traffic isn’tNews of the weekVMware buys:PivotalCarbon BlackIntrinsicGreenlandVMworld news:Introducing Project PacificProject Pacific technical overviewReintroducing Project Bonneville?Joe Beda’s takeTanzu, VMware’s approach to modern applicationsTanzu Mission ControlSplunk acquires SignalFX2019 Accelerate State of DevOps reportRed Hat OpenShift Service Mesh is GAMaistra, the upstream of the operatorsCilium 1.6 is outE2E Kubernetes testing with GitHub ActionsWhy does developing on Kubernetes suck?Hacker News says it doesn’tCNCF Google Summer of Code projectsLinks from the interviewContainer CampLadies of CodeWomen Who CodeBlack Girls CodeContainer Camp videos on YouTubeCraig’s talk from London in 2016Kaggle talk from San Francisco in 2016IPFS CampDigital nomadsAngie’s Netflix recommendations:Blown AwayMindhunterWhen They See UsAva DuVernayContainer Camp and Angie Maguire on Twitter
Orka, with Chris Chapman

Orka, with Chris Chapman


Kubernetes and Docker might not seem the obvious choice for managing virtual macOS instances on hosted Apple hardware. Learn how they were used to build Orka - Orchestration for Kubernetes on Apple - a virtualisation layer for Mac build infrastructure offered by hosting company MacStadium. Craig and Adam ask MacStadium SVP of Software Chris Chapman about Orka, and how Kubernetes is useful in places you might not expect.Do you have something cool to share? Some questions? Let us know:web: kubernetespodcast.commail: kubernetespodcast@google.comtwitter: @kubernetespodChatter of the weekLetterboxingGeocachingOrienteeringNews of the weekHTTP/2 security bulletin from NetflixNew releases for:KubernetesIstioEnvoygRPCNGINXAnd othersCNCF archives the rkt projectGitHub Actions is now a CI/CD serviceAnnouncing preview of GitHub Actions for AzureKubernetes web UIs in 2019 and Kubernetes Web View by Henning JacobsEpisode 38: Kubernetes Failure Stories, with Henning Jacobsk3sup by Alex EllisEpisode 57: Rancher Labs, with Darren ShepherdEvolving Istio’s APIs, by Sandeep Parikh and Louis RyanEpisode 58: Istio 1.2, with Louis RyanIstio 1.3 release branch cutIntel GPU Plugin for Kubernetes by Brian CareyKubernetes Gated Deployments at GoDaddyCNCF now has 100 end user membersVMware, Pivotal and Dell:VMware in talks to acquire PivotalPivotal CTO: Kubernetes means we’re all distributed systems programmers nowKubernetes is set to take over VMworld 2019AT&T brings Dell into the Airship programHelm Summit EU 2019Links from the interviewMacStadiumOrkaConference presentation videos from Chris:macOS in a Docker container for development - MacADUK 2019Announcing Orka - AltConf 2019Mac OS X Lion supports running additional OS X instances (up to two)10.7 EULA (PDF)Device test labsDocker for MacVirtual Command, Chris’s prior company acquired by MacStadiumThe orcakubevirtMac hardware:Mac Pro (2013) - the “trashcan”The MacStadium sledMac Pro 2019 - the return of the “cheesegrater”T2 security chipMacStadium in WWDC 2018 keynoteInside the MacStadium data centerJenkinsWorld 2019Orka plugin for JenkinsDocker for Mac in macOS on DockerYo dawg, I hear you like DockerSpinning topTurduckenMacStadium on Twitter
No matter how you say it, you probably use kubectl all the time. Did you know you can extend it with plugins? Did you know you can find and install those plugins using krew, a plugin manager for kubectl? krew was built by Luk Burchard, a student at TUBerlin, as an intern project. He was supervised by Ahmet Alp Balkan at Google Cloud, and they both join Craig and Adam to discuss it.Do you have something cool to share? Some questions? Let us know:web: kubernetespodcast.commail: kubernetespodcast@google.comtwitter: @kubernetespodChatter of the weekPluotsFox evidenceNews of the week“Open sourcing” the Kubernetes security auditCyberArk’s penetration testing methodologyDocker reverse shells and making it rain shells in Kubernetes by Rory McCuneGoogle Cloud Security Scanner: web application vulnerability scanner for GKEKnative 0.8 release notesBuilding a Kubernetes platform at PinterestOctant by VMwareCall to participate in the CNCF SurveyDirect linkReannouncing the Kubernetes ForumLinks from the interviewkubectl overviewExtend kubectl with pluginsSample CLI pluginWrite your own kubectl subcommands and The case for a kubectl plugin manager by Ahmet Alp Balkankustomize becoming a kubectl sub-commandkubectl access-matrix (a.k.a. rakkess, as a stand-alone binary)krewkrew plugin indexAhmet’s recruitment tweetLuk’s first day at GoogleAhmet Alp Balkan:WebTwitterLuk Burchard:WebTwitter
Ian Coldwater specializes in breaking and hardening Kubernetes, containers, and cloud native infrastructure. A pre-eminent voice in the Kubernetes security community, they are currently a Lead Platform Security Engineer at Heroku. Ian joins Adam and Craig to talk about the offensive and defensive arts.Do you have something cool to share? Some questions? Let us know:web: kubernetespodcast.commail: kubernetespodcast@google.comtwitter: @kubernetespodChatter of the weekBlack Hat USADEFCONScavenger huntsAn example of Spot the FedAn example of the Mystery ChallengeNews of the weekMesosphere becomes D2iQGoogle Cloud launches Migrate for Anthos in BetaGoogle Cloud Game Servers coming soonEpisode 26: Agones, with Mark Mandel and Cyril TovenaAnnouncing Kubernetes Summits in Seoul and SydneySecurity updates of the weekCVE-2019-11247: API server allows access to custom resources via wrong scopeCVE-2019-11249: kubectl cp (round 3!)IBM and Red Hat:OpenShift on IBM CloudOpenShift coming to Z Series and LinuxONECloud Paks and servicesCisco Container Platform now supports Microsoft AKSHelm deployments at the KubedexHow Kubernetes can be used for genetic analysis by Mu Huan and Eric Li Alibaba CloudAnnouncing CloudBees Jenkins X DistributionEpisode 44, Continuous Delivery Foundation, with Tracy MirandaTiDB Operator now Generally AvailableLinks from the interviewRed teams and penetration testingFuzzingAttacking Helm’s TillerBlack-box and white-box testingDevSecOps: guard rails, not gatesOWASP - the Open Web Application Security ProjectThe math behind calculating security riskCVSS scoreetcd: encrypt it at rest!Admission controlTechnologies for isolation:AppArmorSeccompgVisorFirecracker (not yet supported with Kubernetes)“Kubernetes is powerful, and it’s insecure by design”Ian and Duffie Cooley’s BlackHat talkCloud doesn’t make it better!Threat modellinghostpath - “a powerful escape hatch”Trail of Bits blog: understanding Docker container escapesRecommended watching:Ship of Fools by Ian Coldwater (slides)Hacking and Hardening Kubernetes by Example by Brad Geesaman (slides)A Hackers Guide to Kubernetes and the Cloud by Rory McCune (and his upcoming Black Hat training)DIY Pen Testing for your Kubernetes Cluster by Liz Rice (our guest on episode 19)Ian Coldwater on Twitter
Cloud Code provides everything you need to write, debug, and deploy Kubernetes applications, including extensions to IDEs such as Visual Studio Code and IntelliJ. Joining Craig and Adam are Sarah D’Angelo, a UX Researcher, and Patrick Flynn, an engineering lead, both on the Cloud Code team at Google.Do you have something cool to share? Some questions? Let us know:web: kubernetespodcast.commail: kubernetespodcast@google.comtwitter: @kubernetespodChatter of the weekAll-meat diet (do not try this at home)Warmest UK day on recordNews of the weekHappy first birthday Knative!Episode 14, with Oren TeichEpisode 47, with Kim LewandowskiEpisode 44, with Tracy MirandaGrafana Labs: How a production outage was caused using Kubernetes pod prioritiesEpisode 38 with Henning JacobsBanzai Cloud: Kafka on Istio performanceDocker Enteprise 3.0 is GA, and their new Technology Partner programTim Hockin on reconcilationEpisode 41, with Tim HockinFairwinds PolarisContainer platform security with CruiseYuniKornKubeCon China transparency reportKazuhm Kubernetes as a ServiceMorpheus v4Links from the interviewCloud CodeIntelliJVS CodeSkaffoldEpisode 6, with Matt RickardJibGitHub issues:IntelliJVS CodeSign up for a Cloud Code research study
Owen Rogers is a Research Vice President at 451 Research, co-leading the cloud team. He gained a PhD in the economics of cloud computing in 2013. Owen joins Craig and Adam to discuss the economics of cloud computing generally, and Kubernetes specifically.Do you have something cool to share? Some questions? Let us know:web: kubernetespodcast.commail: kubernetespodcast@google.comtwitter: @kubernetespodChatter of the weekApollo Guidance Computer RestorationSummary from Wall Street JournalCyberSquirrel1 global threat mapJellyfish attach power stationNews of the weekIBM launches KabaneroPivotal launches PAS for KubernetesWeave Flux joins the CNCFWindows Container Unconference on Friday July 26th:Sign upLeave questions if you can’t attendSpinnaker for GCP launchedLinkerd 2.4Architecting with GKE course, free for podcast listeners!Deep dive into Virtual Kubelet by Brian GoffSIG Usability formingGoogle groupGitHubSlackCloud Provider SIGs moving to sub-projectsAzure Monitor for containers adds Prometheus supportKubernetes API deprecations in 1.16Links from the interviewOwen Rogers451 ResearchCloud Price IndexStackOverflow’s old scale-up strategy (2009)Large Scale Complex IT SystemsOwen Rogers on Twitter
Back in 2012, CERN announced one of its most important achievements; the discovery of the Higgs boson. This work led to the 2013 Nobel Prize in Physics. Ricardo Rocha, Lukas Heinrich and Clemens Lang of CERN redid the data analysis on top of Kubernetes this year, which Ricardo and Lukas demonstrated at a keynote at KubeCon EU. All three join Adam and Craig for a short physics lesson and a view into computing at the largest scale, for particles at the smallest.Do you have something cool to share? Some questions? Let us know:web: kubernetespodcast.commail: kubernetespodcast@google.comtwitter: @kubernetespodChatter of the week50th anniversary of the launch of Apollo 11 by NASA’s Astronomy Picture of the Day, and as reported by CBS News in real timeLEGO Saturn V - mid-completion47th annual Seafair Milk Carton DerbyAdam’s pictures, including the Saturn V rocketNews of the weekIBM announced it has closed its acquisition of Red HatHashicorp Consul 1.6Benchmarking best practices for Istio by Megan O’Keefe, Mandar Jog and John HowardIPv6 enhancement proposal for KubernetesNow passing tests!Architecting with Google Kubernetes Engine specializationWeave IgniteCloud Native CI/CD with OpenShift Pipelinesk3vAvoid time-of-measurement bias with PrometheusPrometheus client tracer for RubyLinks from the interviewCERNLHC Computing GridATLAS experimentCMS experimentStandard model of particle physicsCosmos: A Spacetime Odyssey, with Neil deGrasse TysonDark Matter is a misnomerBaryonic matterDark matterHistory of computing at CERNWhere the web was bornLarge Hadron ColliderHiggs bosonDiscovery of the Higgs bosonServicing the first web server - Tim Berners-Lee’s NeXT cubeCERN Program Library (FORTRAN)KubeCon EU keynote: Reperforming a Nobel Prize Discovery on KubernetesSlidesYouTube videoCERN openlab partnershipROOT Data Analysis FrameworkParticle physics is embarassingly parallelKubeflowSpark Operator on KubernetesOpen Data InitiativeFind a Higgs boson in LHC public dataClemens’ shirtOur guests on Twitter:Ricardo RochaLukas HeinrichClemens Lange
Comments (4)

Sebastian Nyberg

What happened at 12:23 lol

Jul 11th


Using hybrid in a way where some things run on prem is interesting! Plus the name Bonzai is just a great name.

Jun 29th

Facts Don't Care About Your Feelings

Google is not your friend. They give you "free" stuff to spy on you and steal as much of your private information as they can.

Apr 24th

Frank Boucher (FBoucheros)

Nice update. I like the talk about Anthos it look like a great migration tool. I need to find that GitHub repo...

Apr 22nd
Download from Google Play
Download from App Store