Kubernetes Podcast from Google

We’re trying something new! In Part 1 of a two-part conversation with Weaveworks co-founder Alexis Richardson, we have a wide ranging conversation about career choices, finance, founding and selling tech companies, and the dangers of being pigeon-holed based on the first project your company releases. Next week we’ll finish the conversation by talking about Weave projects like Flux and Cortex, as well as their SaaS offerings, the founding of the CNCF, and whether Weave built the platform they set out to build when they started 7 years ago. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Evergiven Everywhere “Reply all” at the State Department Evergreen truck blocks Chineses highway Little ship stuck in Littlehampton harbour Vote for the name of the Seattle Tunnel Boring Machine Sir Mix-a-Lot News of the week Outdated; a new open source project from Replicated Episode 143, with Grant Miller Kubestr by Kasten by Veeam, by golly The Aerospike Kubernetes Operator Tanzu Kubernetes Grid v1.3 Red Hat OpenShift on AWS is GA Quay.io is changing login methods Container vulnerability scanning from Sophos Kubecost raises $5.5m in funding Episode 124, with Webb Brown Security Updates in Docker by Itamar Turner-Trauring Links from the interview Mathematical logic at Oxford University Stewart Butterfield on philosophy Computer Literacy Project Jeremy Ruston’s BBC Micro Revealed and 80s hair Haskell, Orwell and Miranda OCaml and Standard ML 1998 Russian financial crisis Metalogic Oy Cohesive Networks AMQP RabbitMQ NZ Easter Bunny hunt Matthias Radestock Erlang ejabberd Matthew Sackman and Tony Garnock-Jones Open Telecom Platform (OTP) VMware acquires Rabbit Technologies SpringSource previously Interface21 Weaveworks Introductory blog “Zettio introduces Weave” Weave Net Alexis Richardson on Twitter

Grant Miller is the co-founder and CEO of Replicated, which helps operationalize and scale the delivery of Kubernetes-based apps into the enterprise. We look at what it means to be enterprise software in a SaaS world, and we also get some 2021 predictions from guest host Liz Rice. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 19, with Liz Rice Episode 133, with Thomas Graf Cilium talk at DockerCon 2017 Liz’s 2021 predictions from KubeCon NA (Virtual) 2020 Cheese exports are down Autonomous driving levels Prince Harry joins a startup Nick Clegg joins Facebook News of the week SoloCon announcements Mesh7 to be acquired by VMware GKE adds runtime configuration of pod subnets and larger Internal Load Balancer support Amazon reduces EKS cluster create time from “glacial” to “slow” NetApp launches Spot Wave CircleCI Server 3.0 Diamanti Spektra 3.2 Sonatype launches Nexus Container Davanum Srinivas elected to the CNCF TOC “Unironically Using Kubernetes for my Personal Blog” Links from the interview SparkPeople Marc Campbell look.io acquired by LivePerson Replicated Open source from Replicated kurl KOTS Troubleshoot SchemaHero Donated to the CNCF EnterpriseReady and the EnterpriseReady Podcast Kubelist and the Kubelist Podcast Replicants, replicators and gremlins Grant Miller and Replicated on Twitter

If you’d like something more tangible than a virtual cloud instance, there’s always (still!) bare metal. Tinkerbell is a project from Equinix Metal to manage bare metal servers at scale, and Gianluca Arbezzano is one of its maintainers. We talk stacks, racks and MACs. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 11, with Vic Iglesias Vic lives here, but not here Pokémon Go social distancing News of the week Flux moves to incubation in the CNCF NetApp Astra goes GA; more information Fairwinds introduces Saffire Cosign, by Dan Lorenc Episode 39 Komodor beta and swag offer Announcing Private Clusters on Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) Linkerd 2.10 The Money Section, with thanks to David Pait, guest of Episode 127 Docker takes $23m in Series “B” funding to get ship done Aqua Security takes $135m in Series E at $1b valuation Snyk raises $300m in Series E valuing company at $4.7 billion Tetrate raises $40m Series B Is Crossplane the Infrastructure LLVM? by Daniel Mangum Episode 141 Links from the interview PHP. and PHP in 2020 Turin InfluxData Episode 91, with Leonardo Di Donato Dropbox’s exodus from Amazon Equinix Metal Packet acquired by Equinix Tinkerbell OpenCompute and Open19 Server terminology: Next Unit of Computing (NUC) Baseboard management controller (BMC) Preboot Execution Environment (PXE) Floppy disks DIY Board management control for an Intel NUC: power control Tinkerbell services: Tink Boots OSIE Hook Hegel PB&J OVH fire How Tinkerbell Got Its Wings, including joining the CNCF Tinkerbell community Episode 136: Backstage, with Lee Mills and Matt Clarke Gianluca Arbezzano on Twitter and on the web Tinkerbell on Twitter

Crossplane lets you automate creation of infrastructure using Kubernetes APIs. Daniel Mangum is a Crossplane maintainer working at its creator Upbound, a TL of Kubernetes SIG Release, and a YouTube streaming star. He chats about tech with host Craig Box, who is helped this week by returning guest Ken Massada from GKE’s Support team. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 18, with Ken Massada Things We Don’t Say podcast Glow in the dark sharks Earthquakes and tsunamis News of the week Microsoft Ignite news: Azure Arc for Kubernetes Azure Migrate app containerization service AKS release notes Microsoft Mesh Helm second security audit Meet Brigade v2 Harbor 2.2 and roadmap Google Summer of Code 2021 KubeCon EU 2021 schedule launched and the selection process explained Issue #100000 on kubernetes/kubernetes Links from the interview Visual Basic for Applications NYT article on retro computing Compiler Explorer Rich Code for Tiny Computers by Jason Turner Upbound Episode 36, with Jared Watts Crossplane Crossplane vs Terraform blog by Nic Cope Compositions and XRDs Crossplane vs Cloud Infrastructure Add-ons TBS episode with Matt Moore of Knative Helm provider July 2020: Crossplane joins the CNCF LFX mentorship program Dec 2020: v1.0 Mar 2021: v1.1 Kubernetes SIG Release doc.crds.dev Upcoming KubeCon talk: FPGK8s: Consumer-Grade FPGAs on Kubernetes Cutting GTA loading times by 70% and how YAML parsing can become quadratic Daniel’s current hirsuteness The Binding Status Flake-Finder Fridays Daniel Mangum on Twitter and on the web

Kamil Potrec is a Senior Security Engineer at Snyk, working on security around Kubernetes and cloud platforms. He joins the show to discuss how to think about securing your infrastructure, the different arts (and colors) of offensive and defensive security, and what not to lose sleep over. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 23, with Andrew Philips and Lars Wander A pile of mail and a bike News of the week Red Hat OpenShift 4.7 is GA Fairwinds Insights 3.0 Envoy zero-day patched Istio security bulletin Sysdig contributes Falco modules to the CNCF StorageOS raises $10m in Series B Platform9 raises $12.5m in Series D CNCF relaunches Kubernetes Community Day with KCD Africa and Bengaluru Links from the interview Offensive unit in American Football Hand-egg Red and blue teams Unreal Tournament Capture the flag Kubernetes secrets Design document Encrypting secrets at the application layer Antivirus software Tracer-tee SolarWinds attack Reflections on Trusting Trust by Ken Thompson left-pad deleted from NPM Snyk Open Source The open source parts Snyk vulnerability database MITRE CVE database Kubernetes security at Snyk Deploy only trusted containers to GKE Application threat modeling Kubernetes security best practices, including security context, AppArmor, gVisor etc CVE-2020-8554: man-in-the-middle attack using ExternalIP services CVE-2020-14386: packet socket vulnerability with user namespaces enabled Earlier related work: CVE-2017-7308 and CVE-2016-8655 Project Zero writeup Rewrite it in Rust! Kamil Potrec on LinkedIn

Today Google Cloud introduced GKE Autopilot, a new mode of operation where you no longer manage or configure nodes, and you pay per-pod, per-second. Craig talks Autopilot with GKE product manager Yochay Kiriaty. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 86, with Lin Sun Istio boat meetup at KubeCon NA 2019 IstioCon 2021 Craig and Lin’s session Jeff from Coupling Separated at birth? News of the week Google Cloud launches GKE Autopilot Dapr 1.0 Calico Cloud Gloo Mesh Enterprise goes GA Distroless FIPS-compliant Istio Red Hat closes acquisition of Stackrox Real load-aware scheduling in Kubernetes with Trimaran Kubernetes overlay networks with IPv6 Links from the interview Last week’s Star Wars show A selection of presentations wearing Darth Vader shirts Windows 7 Red Dog Google South Lake Union Seaplanes GKE Autopilot Launch blog Episode 49, wth Eric Brewer Virtual Kubelet Datadog Container Report Episode 137, with Michael Gerstenhaber

This week we talk multi-cluster services with Jeremy Olmsted-Thompson, co-chair of the Kubernetes Multicluster SIG, and tech lead on the Google Kubernetes Engine platform team. Guest host Tim Hockin shows us the way. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 41, with Tim Hockin The Machete Order John Boyega on Star Wars News of the week Istio 1.9 IstioCon 2021 - February 22-26 Mayadata spins out Chaos Native Cilium Network Policy editor Kubernetes network policy explained by Dominik Tornow Trend Micro write-up on container-escaping malware Dynatrace Cloud Automation and native log support Episode 119, with Alois Reitbauer Shipa 1.2 New GKE, EKS and AKS releases Tanzu Build Service 1.1 Kubernetes 101 Retrospective by Jeff Geerling CFP for the eight KubeCon EU pre-days Designing for SaaS on Kubernetes at Teleport by Virag Mody Comparing OPA/Gatekeeper and Kyverno by Chip Zoller Links from the interview Anthos on VMware SIG Multicluster Federation v2 update Multi-Cluster Services KEP Namespace sameness Gateway API (formerly known as Service APIs) Istio RFC Introducing GKE multi-cluster services Multi-cluster Ingress Cluster API Cluster ID KEP Jeremy Olmsted-Thompson on Twitter and GitHub

Michael Gerstenhaber is a Director of Product Management at Datadog, and the curator of their annual Container Report. He joins Craig to discuss why they release it, some recent trends, and how it helps people validate their assumptions about technology. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 103, with Saad Ali New TOC members Episode 62, with Ricardo Rocha, Lukas Heinrch and Clemens Lange Malaysian roti in London Elgin Marbles News of the week OPA graduates in the CNCF Episode 101, with Tim Hinrichs and Torin Sandall Docker Distribution donated to the CNCF Red Hat Quay 3.4 released CNCF proposal Hildegard malware writeup from Unit42 The original TeamTNT Attacking Kubernetes clusters using the Kubelet API by Eduardo Baitello Jetstack Secure Traefik Using Traefik as an ingress controller with Istio Kong Konnect is GA Kong raises $100M at a $1.4b valuation Get your KubeCon EU tickets early Buildpacks vs Dockerfiles by Genevieve L’Esperance Why Helm never felt like it belonged by Luka Skugor Links from the interview iOS and iOS The Happy Cloud Happy Cloud Taps the Cloud to Speed Up Video Game Downloads by Ryan Kim at GigaOM Datadog Live Container monitoring Live Process monitoring Golden signals Work metrics and resource metrics Datadog reports: Docker adoption 2015 2016 2017 2018 Container orchestration 2018 Container Report 2019 2020 KubeCon EU 2019 talk: 10 Ways to Shoot Yourself in the Foot with Kubernetes, #9 Will Surprise You by Laurent Bernaille & Robert Boll Autopilot: Workload Autoscaling at Google Scale Snow in NYC #17 on the all-time list by inches of snowfall Michael Gerstenhaber on Twitter

Backstage is a platform for building developer portals, powered by a centralized service catalog. It was built at Spotify and both open sourced and donated to the CNCF in 2020. A Kubernetes plugin was recently added. We talk to maintainers Lee Mills and Matt Clarke from Spotify. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 106, with John Belamaric Production Readiness Review News of the week Longhorn 1.1 Vitess 9 Sonobuoy adds reliability scanning Rapid7 acquires Alcide; Techcrunch reporting Armo comes out of stealth; VentureBeat reporting Scaling Kubernetes to 7,500 nodes at OpenAI Announcing the Linkerd steering committee The State of Cloud Native Release Orchestration; a report from Vamp Hunting for malware with Falco Episode 39, with Dan Lorenc Upgrading from Kubernetes 1.11 to 1.18 in a month by Jeff Wolski at WeTransfer Debugging CrashLoopBackOff by David Giffin from Release Jeff Brewer has passed Intuit CNCF case study Links from the interview Spotify engineering culture Microservices at Spotify Backstage Open source launch How Spotify uses Backstage GitHub repository Golden Paths Kubernetes plugin announcement Episode 50, with David Xia Donation to CNCF Sandbox Some backstage stories with David Pait in episode 127 Lee Mills and Matt Clarke on Twitter

Josh Bernstein has worked at a number of infrastructure roles before recently landing at Google. He talks about migrating Siri from AWS (pre-acqusition) to VMware to Mesos, and Dell EMC’s work building what would become the Container Storage Interface. Guest host Jasmine Jaksic talks with Craig about snowcreatures. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 15, with Dan Ciruli and Jasmine Jaksic Snowpeople and snowthings News of the week Multi-dimensional pod autoscaling in this week’s GKE release Hitachi: vacuum cleaners in the 1990s and Kubernetes today Garnet.ai kind 0.10 New Google Cloud Run networking features Don’t cross the streams Production Kubernetes from VMware Tanzu. Serverless for Everyone Else from Alex Ellis Episode 116 Chris Aniszczyk’s 2021 predictions Episode 134 Priyanka Sharma’s 2021 predictions Episode 107 14 LFX interns graduate Kubernetes honey tokens by Brad Geesaman Bad pods: privilege escalation by Seth Art The US Air Force are feeling supersonic Links from the interview Apple acquires Siri Xserve Siri public introduction Apple rebuilds Siri backend with Apache Mesos using the J.A.R.V.I.S. framework Dell EMC {code} community REX-Ray: announcement and docs CNCF Governing Board CI/CD startups to watch: Harness Armory Shipa Josh Bernstein on Twitter