KubeFM

In this KubeFM episode, Mircea shares his journey of migrating a home lab to Kubernetes, specifically choosing Talos over other operating systems like Ubuntu, Flatcar, or Bottlerocket.Mircea also discusses his decision-making process and experiences in setting up and optimizing his Kubernetes home lab.You will learn:What is Talos Linux and how it compares to other operating systems.The challenges and considerations involved in migrating to Kubernetes, including selecting network plugins and GitOps.Insights into managing and securing Kubernetes clusters, focusing on the advantages of immutable operating systems.SponsorThis episode is brought to you by Digital Ocean — enjoy a free $200 credit when you start using DigitalOcean KubernetesMore infoFind all the links and info for this episode here: https://ku.bz/LnzSW4BxYInterested in sponsoring an episode? Learn more.

With a passion for security and a knack for troubleshooting, Jen discusses the critical role of network policies in Kubernetes security, the complexities involved in their implementation, and the balance between security and manageability.She also covers the importance of Custom Resource Definitions and shares her perspective on emerging Kubernetes tools.In this KubeFM episode, you will learn:The importance of observability in troubleshooting network policies and how it aids in debugging complex issues.The trade-offs between the complexity of network policies and the security benefits they provide.The skills, thought process and humility behind troubleshooting technologies you are unfamiliar with.SponsorThis episode is brought to you by Otterize — automate workload IAM policies: zero-friction development, zero-trust security.More infoFind all the links and info for this episode here: https://ku.bz/0RxMvG14yInterested in sponsoring an episode? Learn more.

Alexander Block, creator of the kluctl tool, dives into the world of Kubernetes templating. He reveals the fundamental flaws of Helm and why existing tools like Kustomize and jsonnet aren't the complete answer. Alexander shares his journey from game development to Cloud Native, highlighting how Docker and Kubernetes transformed his workflow. He also discusses the complexities of YAML, the need for adaptable solutions, and what the future holds for resource templating in the ever-evolving Kubernetes landscape.

With the rapid pace of the cloud-native ecosystem, staying current with Kubernetes updates and managing upgrades becomes a daunting task for many organizations.In this KubeFM episode, Mat discusses the necessity of long-term support for Kubernetes and explores the intricacies of managing Kubernetes upgrades in a fast-evolving landscape.You will learn:The importance of long-term support (LTS) for Kubernetes and how it can alleviate the challenges associated with the platform's rapid release cycles.Strategies for managing Kubernetes upgrades, including insights into the release cycle and the potential pitfalls of the upgrading process.The role of managed services and semi-automatic upgrades in simplifying Kubernetes maintenance for organizations, especially in cost optimization and resource constraints.The implications of charging for support of older Kubernetes versions and the potential for a community-based approach to navigating the complexities of Kubernetes upgrades.SponsorThis episode is sponsored by Learnk8s — expert Kubernetes training for your teamMore infoFind all the links and info for this episode here: https://ku.bz/dVJW_qgF2Interested in sponsoring an episode? Learn more.

Ensuring the repeatability of your infrastructure is a crucial aspect of managing Kubernetes clusters.This allows you to swiftly tear down and set up a new one, a practice that is quite handy.However, there are exceptional circumstances when your cluster becomes more than a disposable tool.Dan shared, "A Kubernetes cluster will be treated as disposable until you deploy ingress, and then it becomes a pet."In this episode, you will delve into the concept of 'disposable' and 'pet' Kubernetes clusters and learn:How you can use GitOps to create a repeatable infrastructure that syncs.How resources such as the Ingress and external-dns require careful maintenance and monitoring to make your cluster special.How Crossplane and vCluster help you define repeatable environments that are disposable.All the flavours for Argo: Workflows, Autopilot, CD, etc., and "Project" a newer abstraction to manage apps across environments.SponsorThis episode is sponsored by Learnk8s — become an expert in KubernetesMore infoFind all the links and info for this episode here: https://ku.bz/m3YNgCh1WInterested in sponsoring an episode? Learn more.

In this podcast, William Morgan discusses the evolution of service meshes in Kubernetes, including the design, costs, and human factors involved. He explains how ambient mesh differs from the traditional sidecar model and delves into the power and limitations of eBPF technology. The episode also explores the future of service meshes in the Kubernetes ecosystem, organizational applications, and networking abstractions.

Steven Sklar, a senior Cloud engineer at QuestDB, dives into the nitty-gritty of managing databases on Kubernetes. He advocates for running stateful workloads, sharing his expertise on building custom operators using Kubebuilder and the Operator Framework. Sklar discusses his unique transition from finance to cloud-native tech and emphasizes the balance between using managed services and self-management. He also reflects on the significance of practical experience for those entering the tech field and the role of documentation in successful operator deployment.

Structured Authentication Config is the most significant Kubernetes authentication system update in the last six years.In this KubeFM episode, Maksim explains how this is going to affect you:You can use multiple authentication providers simultaneously (e.g., Okta, Keycloak, GitLab) — no need for Dex.You can change the configuration dynamically without restarting the API server.You can use any JWT-compliant token for authentication.You can use CEL (Common Expression Language) to determine whether the token's claims match the user's attributes in Kubernetes (username, group).SponsorThis episode is sponsored by Learnk8s — become an expert in KubernetesMore infoFind all the links and info for this episode here: https://ku.bz/lDCTZPPr2Interested in sponsoring an episode? Learn more.

Is sharing a cluster with multiple tenants worth it?Should you share or have a single dedicated cluster per team?In this KubeFM episode, Artem revisits his journey into Kubernetes multi-tenancy and discusses how the landscapes (and opinions) on multi-tenancy have changed over the years.Here's what you will learn:The trade-offs of multi-tenancy and the tooling necessary to make it happen (e.g. vCluster, Argo CD, Kamaji, etc.).The challenges of providing isolated monitoring and logging for tenants.How to design and architect a platform on Kubernetes to optimise your developer's experience.SponsorThis episode is sponsored by Learnk8s — become an expert in KubernetesMore infoFind all the links and info for this episode here: https://ku.bz/zp0L7-xM4Interested in sponsoring an episode? Learn more.

How hard could it be to debug a network issue where pod connections time out?It could take weeks if you are (un)fortunate like Alex.But Alex and his team didn't despair and found strength in adversity while learning several Kubernetes networking and kubespray lessons.In this KubeFM episode, you'll follow their journey and learn:How a simple connection refused led to debugging the kernel syscalls.How MetalLB works and uses Dynamic Admission webhooks.How Calico works and assigns a range of IP addresses to pods (and what you should watch out for).How to use tcpdump and strace to debug network traffic.And as a bonus, Alex shared his knowledge of onboarding engineers and how to perfect the process.Spoiler alert: this episode goes into a great level of (networking) detail, but the solution turned out to be very simple.SponsorThis episode is sponsored by Learnk8s — become an expert in KubernetesMore infoFind all the links and info for this episode here: https://ku.bz/P5Y-NrSW5Interested in sponsoring an episode? Learn more.