Kubernetes Podcast from Google

Martin Mao and Rob Skillington are co-founders of Chronosphere; CEO and CTO respectively. They both worked on the monitoring team at Uber, where they created M3: a metrics platform with an open source time-series database built for scale. They join Craig and Adam to talk about monitoring, metrics and M3 on the last episode of 2019. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Test message from Delta Airlines News of the week CSI migration and CSI volume snapshots AKS Private Clusters in preview GKE maintenance Windows and exclusions is GA Google Cloud E2 VMs: introduction and understanding dynamic resource management New features in Cloud Run for Anthos Best practices for performing forensics on containers Infrastructure at Cliqz, and introducing Hydra Envoy CVEs Istio security bulletin The Top 3 Service Mesh Developments in 2019 by Zack Jory Istio Service Mesh Explained in 5 Minutes by Ram Vennam Ambassador Edge Stack Solo.io WebAssembly Hub Episode 55, with Idit Levine Kafka Envoy Protocol Filter Talos 0.3 beta AutoTiKV tuning OpenPolicyAgent’s KubeCon recap Episode 42, with John Murray A first look at Antrea from Alex Brand TODO: read this article by Patrick DeVivo Does Testing Kubernetes Conformance Leave You in the Dark? Get Progress Updates as Tests Run by John Schnake Demystifying Kubernetes as a Service – How Alibaba Cloud Manages 10,000s of Kubernetes Clusters How Jaeger Helped Grafana Labs Improve Query Performance and Root Out Tough Bugs Adopting Kubernetes at Quora by Taylor Barrella, CNCF announces schedule for Bengaluru/Delhi Forums Links from the interview M3 website M3: Uber’s Open Source, Large-scale Metrics Platform for Prometheus Before: Graphite and its Whisper database Prometheus Why pull rather than push? AlertManager PromQL RRDtool M3 on GitHub: open source from the start Chronosphere Rob’s 2019 KubeCon’s talks: EU: M3 and Prometheus, Monitoring at Planet Scale for Everyone NA: Deep Linking Metrics and Traces with OpenTelemetry, OpenMetrics and M3 Twitter: Rob Skillington Martin Mao M3 Chronosphere

Hop on the release train for the fourth and final Kubernetes release for 2019. Release manager Guinevere Saenger joins Adam and Craig. to discuss how a classically trained pianist has a second act as a Kubernetes release team lead. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Craig plays the Oculus Quest: Superhot Epic Roller Coasters Beat Saber Keep Talking and Nobody Explodes Adam sees a play Six News of the week Kubernetes 1.17 is out! Volume snapshot in Beta EKS on Fargate now generally available Tech thread from Onur Filiz Interview with AWS CEO Andy Jassy CNCF DevStats Azure Application Gateway ingress controller launched CloudBees CI/CD SaaS in preview Anthos is CRN’s Hybrid Cloud product of the year Troubleshooting Deployments by Daniele Polencic UNIVAC schematics Building large Kubernetes clusters at LINE CNCF TOC structure and elections uSwitch case study Making audit logging a viable practice again by Nitzan Niv Links from the interview Collaborative piano Ada Developers Academy (The LSAT is the Law School Admission Test) Ruby on Rails Samsung SDS Cloud Native Computing Team Kubernetes at GitHub GitHub Metal Cloud #hugops SIG Contributor Experience Episode 46, with Aaron Crickenberger Guinevere speaking at KubeCon about new contributions “Complaning about how hard it was to contribute” led to the Contributors Guide Episode 10, with Josh Berkus and Tim Pepper Kubernetes 1.17 enhancement tracking sheet Dual-stack IPv4 and IPv6 What happened to IPv5? Poor old sidecar containers slipped again KubeCon 2019 NA Contributors’ Summit Hats 1.17 release team 1.18 leads have been announced Release team shadow program Release engineering Guinevere Saenger on Twitter

Chaos Engineering is the discipline of experimenting in identifying potential areas of failure before they express themselves in outages. Ana Margarita Medina is a Chaos Engineer and Developer Advocate at Gremlin, a chaos-as-a-service vendor that recently added Kubernetes support. She talks to Adam and Craig about the discipline, and her journey to it. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Shopify’s Black Friday Craig’s Black Friday News of the week AWS announcements: Managed node groups EventBridge support in ECR Sagemaker operators for Kubernetes Eirini 1.0 is here Security considerations for GKE by Maya Kaczorowski Episode 8. with Maya Kaczorowski Managing a multi-site Cassandra cluster on multiple Kubernetes with CassKop / MultiCassKop by Seb Allamand Run Ansible Tower or AWX in Kubernetes or OpenShift with the Tower Operator by Jeff Geerling Everything I know about Kubernetes I learned from a cluster of Raspberry Pis by Jeff Geerling Prometheus OpenMetrics Integration Develop a Kubernetes controller in Java by Min Kim and Tony Ado Running Kubernetes locally on Linux with Microk8s by Ihor Dvoretskyi and Carmine Rimi Episode 21, with Ihor Dvoretski Episode 60, with Mark Shuttleworth Linux Foundation Cyber Monday sale Barrons says Kubernetes is the future of computing by Tae Kim Links from the interview Chaos Engineering Chaos Engineering: the history, principles, and practice Chaos Monkey Netflix Simian Army Fuzzing Site reliability engineering Google DiRT testing Video: 10 years of crashing Google by Kripa Krishnan Ana’s re:Invent talk Reggaetón #hugops Chaos Engineering Slack Gremlin Gremlin Free What is a Gremlin? The Gremlins (Roald Dahl book) Gremlins (1984 film) Ana Margarita Medina on Twitter

Vitess is a cloud native database clustering system for horizontal scaling of MySQL. It was built for YouTube, open sourced, and has recently graduated from the CNCF. Two members of the team who wrote and ran Vitess at YouTube, Jiten Vaidya and Sugu Sougoumarane, are CEO and CTO of PlanetScale; a company they founded to support Vitess commercially. They join Craig and Adam to talk databases. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Our meetup at KubeCon The WeWork booth at KubeCon You Must Build A Boat You Have To Win The Game News of the week Anthos news from Next UK Multi-cluster management with Anthos GitLab Serverless with Cloud Run for Anthos Project Antrea from VMware Managed Istio GA on IBM Kubernetes Service IBM open sources developer tools Kui and iter8 Episode 47 with Kim Lewandowski Solo.io introduces Autopilot Hubble, from Cilium ByteBuilders introduces Kubeform Cloudbees adds Jenkins X UI to their community distribution Juniper updates Contrail Slack Vitess case study Debugging network stalls on Kubernetes by Theo Julienne at GitHub Volterra’s control plane for distributed PaaS Gravitational takes $25m investment Datadog’s 2019 container report Aqua Security acquires Cloudsploit CNCF 2019 award winners Episode 72 with Lachlan Evenson Episode 77 with Katharine Berry Links from the interview Vitess About Jiten and Sugu Graduated from the CNCF Database shards Vitess history YouTube acquired by Google in 2006 Go; 10 years old Google storage systems: Bigtable Colossus Scaling MySQL in the cloud with Vitess and Kubernetes and Cloud Native MySQL Sharding with Vitess and Kubernetes by Anthony Yeh, Google Cloud Case studies: Stich Labs, Hubspot, JD.com Vitess at KubeCon: Vitess: Stateless Storage in the Cloud by Sugu Sougoumarane Geo-partitioning with Vitess by Deepthi Sigireddi and Jiten Vaidya How to Migrate a MySQL Database to Vitess by Sugu Sougoumarane & Morgan Tocker Gone in 60 Minutes: Migrating 20 TB from AKS to GKE in an Hour with Vitess by Derek Perkins from Nozzle Postgres support PlanetScale Announcing PlanetScale’s CNDb The name Voltron Strong Bad’s advice on naming things Jiten Vaidya and Sugu Sougoumarane on Twitter

Catch all the news (and there is a lot of it!) from KubeCon NA 2019 in this week’s show. We then talk to Vicki Cheung, the conference co-chair, and an Engineering Manager running Kubernetes infrastructure at Lyft. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod News of the week Docker sells its enterprise business: Mirantis press release Docker press release New Google Kubernetes Engine features: Preemptible VMs support is GA Node auto-provisioning is GA Vertical Pod Autoscaling is GA Batch on GKE is in Beta Surge upgrades are in Beta Google Cloud Run is GA Microsoft news: Secure enclave support in AKS Engine Azure Container Registry adds repository scoped permissions Kubernetes Event-Driven Autoscaling (KEDA) is 1.0 GitHub Actions for CNAB bundles & CNAB controller for Kubernetes Episode 61, with Jeremy Rickard and Ralph Squillace Helm 3 released, for real! Istio 1.4 released GitHub Octoverse Top and Trending Projects Kubernetes Security Announcement: CSI sidecar vulnerability Red Hat open-sources Quay and launches CodeReady Workspaces v2 VMware launches Crash Recovery and Enterprise PKS v1.6 CNCF announcements: 500 members New Platinum members: Arm, NetApp and Palo Alto Networks New Gold members: Equinix and Fidelity Investments Over 100 certified Kubernetes distributions Announcement of CNCF jobs board Datadog: Introducing Network Performance Monitoring 2019 Container Report What’s next for monitoring in Kubernetes? Gremlin launches chaos engineering for Kubernetes O’Reilly acquires Katacoda Kubernetes.io interactive training Mayadata adds Mayastor engine to OpenEBS PlanetScale launches CNDb Rancher announces k3s GA and Rio is in Beta Episode 57, with Darren Shepherd Cloud Native Security Hub from Sysdig Pipeline 2.0 Tech Preview from Banzai Cloud Episode 59, with Janos Matyas Clustered Microk8s from Ubuntu Episode 60, with Mark Shuttleworth Weave Flux and Argo CD join forces Portworx launches PX-Backup and PX-Autopilot Pulumi launches Crosswalk for Kubernetes, kx and .NET Core support Episode 76, with Joe Duffy Snyk Container Gloo 1.0 from Solo.io Episode 55, with Idit Levine Clusterman from Yelp adds Kubernetes Building Secure Reliable Systems book, new from Google Cloud A-Z Round: A10 Networks announced a Blueprint for automation of the Polynimbus secure application service Agile Stacks announced KubeFlex to aid in deploying and managing Kubernetes clusters in data centers and at the edge Alibaba Cloud released version alpha2 of the Open App Model Altinity announced their production-ready Kubernetes operator for ClickHouse data warehouses Aporeto launched new identity federation capabilities for Kubernetes and Istio Arrikto announced that MiniKF is now available on the GCP Marketplace Amazon has published a cost optimization guide for Kubernetes on AWS Buoyant launched Dive, a SaaS “team control plane” for Kubernetes clusters Chronosphere added tracing capabilities Containous launched a new Ambassador Program to reward and support Traefik community members Datawire announced a tool for automatic HTTPS for Kubernetes Ingress in Ambassador DeployHub announced the release of version 9.0 of their publishing and configuration offering DigitalOcean announced a Container Registry and a Kubernetes section in their 1-click apps market Fairwinds launched a new open source-as-a-service platform Insights, and Astro, a product for managing monitors in a dynamic environment Hammerspace announced a persistent data protection offering for Kubernetes Humio added streaming log management capabilities to their IBM Cloud Pak Hyscale has announced the open-sourcing of their app deployment tool Instana added support for Rancher Kublr announced Multi-Site Orchestration in Kublr 2.0 is now in Private Preview LINBIT announced Piraeus Datastore, a Software-Defined Storage offering for Kubernetes Maestro, from Cloud66, released a Kubernetes management tool for multi-cluster management Mattermost introduced ChatOps, an open source projects for real-time DevOps NetFoundry announced a programmable networking platform for apps at the edge NeuVector announced a Security Policy as Code tool for Kubernetes NS1 expanded their suite of integrations Opsani AI announced precision tuning for autoscalers Oracle announced Oracle API Gateway, Oracle Logging, and Kafka Compatibility for Oracle Streaming Redis Labs introduced RedisInsight Rookout announced a hybrid Kubernetes debugger for DevOps teams SignalFX announced Kubernetes Navigator to provide AI-driven insights StorageOS announced the release of version 1.5 Styra announced new features for their Compliance for Kubernetes tool Trilio announced support for TrilioVault on OpenShift Turbonomic announced Lemur, a New, Free, Observability Tool for developers Wallarm launched support for Envoy proxy and Envoy API protection with their SaaS Security product WhiteSource announced native integrations for top container registries Yugabyte announced YugabyteDB will be available as a self-managed database service on Crossplane Kubernetes clusters Zebrium announced that no-touch log monitoring for Kubernetes is now in private beta Links from the interview Duolingo OpenAI Lyft Engineering Episode 33: Envoy, with Matt Klein KubeCon NA 2019 Program co-chairs Episode 54: Tech, Life and KubeCon EU, with Bryan Liles Vicki Cheung on Twitter

Due to overwhelming submission numbers, 85% of talks proposed to KubeCon are rejected. Cloud Native Rejekts, a two-day community conference immediately before KubeCon, gives a second chance to some of those talks. Chris Kühl is CEO and co-founder of Kinvolk, a Berlin-based Linux company, who organise events including Cloud Native Rejekts. Hosts Adam and Craig ask him about this, and somehow the discussion includes both Pearl Jam and Mötley Crüe. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Listener meetup at KubeCon: 1.30pm at the Google Cloud Lounge Pineapple Lumps and Jaffas Adam’s TV recommendation of the week: The Expanse News of the week Skaffold is now GA Episode 6 with Matt Rickard VMware Tanzu updates from VMworld Europe Chronosphere founded with $11m investment to commercialise M3 Vitess graduates CNCF and releases v4.0 Azure Monitor Prometheus integration is now GA Quarkus 1.0rc Knative v0.10 Pachyderm Hub: ‘Kubernetes as a Service’ as a Service D2iQ Kommander Cruise releases security tool k-rail Kasten K10 v2.0 Helm security audit results Kubernetes: Grokkin’ the Docs Rancher releases container industry survey results Prometheus: CNCF project journey report Tim Hockin draws the kube-proxy iptables stack (direct link) Episode 41, with Tim Hockin Monzo builds network isolation for 1,500 services CFP for Google Cloud Next Links from the interview GNOME Planet GNOME gnome-system-monitor Kinvolk rkt CoreOS Container Linux Flatcar Container Linux Kinvolk announcement CoreOS acquired by Red Hat Kinvolk offer support for Flatcar Container Linux Omaha and Nebraska CoreRoller Cloud Native Rejekts B-side conferences Rejects.JS A- and B-side Yellow Ledbetter A look back at the first Cloud Native Rejekts in Barcelona All Systems Go conference 40 talks at this week’s Cloud Native Rejekts Get a ticket See Tim Hockin’s talk: “We’ve Made Quite a Mesh” Rock dots Chris Kühl on Twitter

KUDO is the Kubernetes Universal Declarative Operator, a toolkit for writing operators for Kubernetes. Gerred Dillon works on KUDO at D2IQ, formerly Mesosphere, and joins Craig and Adam to discuss KUDO, how Mesos frameworks relate to Kubernetes operators, and taking care of chickens. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Little Free Libraries Top moments of 50 years of the Internet by Vint Cert Television network news in NZ 50 years old History of TV in NZ News of the week Sysdig container usage report Longhorn donates to the CNCF Crossplane 0.4 Helm v3.0.0-rc.2 Episode 11 with Vic Iglesias CloudEvents reaches 1.0 Data Center Knowledge: What service meshes are, and why Istio is leading the pack Backyards 1.0 Contour 1.0 Envoy 1.12 New encryption options for Google Kubernetes Engine Azure services now run anywhere with new hybrid capabilities: Announcing Azure Arc ZDNet and TechCrunch coverage Brendan Burns’ explainer videos CNCF news: AlphaSense case study TiKV on building a distributed storage system CNCF meetup program SIG Docs survey results Better Kubernetes networking with Knative by Ahmet Alp Balkan Episode 66, with Luk Burchard and Ahmet Alp Balkan Why you don’t have to be afraid of Kubernetes by Scott McCarty Brad Childs has passed away Links from the interview D2IQ (formerly Mesosphere) Apache Mesos Mesos frameworks Marathon DC/OS DC/OS Commons KUDO Controllers Operator pattern Kubebuilder Operator SDK Omakase: Japanese for “I will leave that up to you” Tasks Getting started with KUDO Metacontroller Proposal to move under Kubebuilder Vitess operator Tekton Helm D2IQ’s Konvoy distribution of Kubernetes Operators using KUDO: Kafka Cassandra Spark OpenEBS operator Lightbend templates for Akka KUDO proposed to the CNCF CNCF SIG Application Delivery Gerred’s KUDO webinar for the CNCF Contributing to KUDO KUDO Slack Gerred’s bio Dry brining a chicken Gerred Dillon on GitHub

Katharine Berry works in the Engineering Productivity team at Google Cloud, and works in SIG Testing on the Kubernetes project. She joins Adam and Craig to discuss Prow, Pebble and ponies. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week SkyCity Convention Centre Fire A nice dinner out after a conference England knock NZ out of the Rugby World Cup Cards Against Humanity to open a restaurant The Holiday Hole News of the week GKE Release Channels are in Beta GKE usage metering is GA: use it to combat over-provisioning Episode 40 with Madhu Yennamani A new guide for PCI-DSS compliance on GKE Exploring container security: Vulnerability management in open-source Kubernetes Episode 34 with Jordan Liggitt Episode 17 with Jon Pulsifer HPE are set to deliver a Kubernetes platform for data analytics and ML How to bulid a kubectl plugin by Jonas-Taha El Sesiy Episode 66, with Luk Burchard and Ahmet Alp Balkan NVIDIA Aerial framework Red Hat partnership GPU Operator Red Hat releases OpenShift Container Storage 4.2 Kontena Lens 2.3 released New Octant.dev website and v0.8.0 Zoho Catalyst and coverage from Container Journal Links from the interview Pebble smartwatch Original $10m Kickstarter Sold to Fitbit Rebble Web Services and the Rebble Alliance What Rebble replaces How Pebble Users Are Keeping the Smartwatch Alive 3 Years After It Supposedly Died Google Engineering Productivity Kubernetes SIG Testing Prow The Machines Can Do the Work, a Story of Kubernetes Testing, CI, and Automating the Contributor Experience by Aaron Crickenberger and Ben Elder Prow: Keeping Kubernetes CI/CD Above Water Now in Jenkins-X Tests are moving to kind Episode 69 with Ben Elder The Kubernetes Prow instance Spyglass Flaky tests Automating away the test-infra role Episode 72 with Lachlan Evenson Testgrid Automating Slack Episode 74 with Jorge Castro Closed due to attacks Tempelis SIG Testing on Slack The pink pony Generative adversarial network AI generated ponies Katharine Berry on Twitter Katharine’s web site

Joe Duffy is the founder and CEO of Pulumi, an open-source cloud development platform. He joins Adam and Craig to explain why a general purpose programming language is a better tool for cloud infrastructure than a domain-specific language (or YAML), and how you can use Pulumi to provision cloud infrastructure and Kubernetes resources alike. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week DevOpsDays Auckland Craig’s talk In which 32 bit apps don’t work on macOS Catalina News of the week Dapr, OAM and Rudr Announcing Dapr, the Distributed Application Runtime Dapr homepage Announcing the Open Application Model Open App Model Ship without a Rudr’s like a ship without a Rudr’s like a ship without a Rudr Red Hat introduces OpenShift 4.2 Goldilocks from Fairwinds Ubuntu 19.10 Episode 60 with Mark Shuttleworth Introducing SPIRE 0.8.2 Episode 45 with Andrew Jessup Istio performance improvements noted by Pablo Moncada Isla Graboid: first cryptojacking worm for Docker found by Unit42 Analysis of two Kubernetes vulnerabiltiies by Palo Alto Networks Harbor 1.9 CNCF announces schedules for Forums in Seoul and Sydney Container Platform Networking at Cruise by Karl Isenberg and Buck Wallander Sugarkube and cattle clusters Links from the interview Pulumi Joe Duffy’s blog: Hello, Pulumi! Journey to Pulumi 1.0 WPF (Avalon) and WCF 10 Years of DevOpsDays Comparisons of Pulumi vs other platforms TypeScript Dark programming language Three business models of Open Source by Peter Levine and Jennifer Li $ for enterprises and free community edition AWS and Elasticsearch Inc. Pulumi on GitHub Joe Duffy and Pulumi on Twitter

cert-manager is a certificate management toolkit for Kubernetes, commonly used to get TLS certificates from Let’s Encrypt. Project founder James Munnelly of Jetstack joins hosts Craig and Adam to explain how how certificates are issued and managed, and how cert-manager automates it all. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Fast food-themed entertainment: Wendy’s Feast of Legends role-playing game KFC dating simulator Burger King Games M.C. Kids Taco Bell’s Tasty Temple Challenge The McDonalds board game KFC virtual escape room training Soda-themed entertainment: Cool Spot Pepsi Invaders Mad Mix: The Pepsi Challenge Stranger Things 3: The Game News of the week Rancher 2.3 released Episode 57, with Darren Shepherd Windows container support and Rancher 2.3 Amazon EKS now has Windows containers generally available Episode 70, with Patrick Lang New on DigitalOcean Kubernetes Service: cluster autoscaling Elastic Cloud on Kubernetes v1.0.0-beta1 released MuleSoft releases AnyPoint Service Mesh Container Journal interview Linkerd 2.6 A guide to distributed tracing with Linkerd Trackman, open source step-workflow tool from Cloud 66 Puppet announces public beta of Project Nebula KubeCon NA 2019 contributor summit schedule announced Kubernetes patterns for capacity planning by Mohamed Ahmed How Booz Allen Hamilton is helping modernize the Federal Government with Kubernetes Flant.com compares 11 ingress controllers for Kubernetes How Zalando manages over 140 Kubernetes clusters by Henning Jacobs Cluster API Simplifies Execution and Powers Projet Pacific at VMware Grant Shipley moves from Red Hat/IBM to VMware Kubernetes Wild West video game SUSE moves on from OpenStack and doubles down on Kubernetes SAP to make HANA database available on Kubernetes Links from the interview Jetstack The two Matts: founders Matt Bates and Matt Barker James’s Jetstack bio cert-manager Docs Co-evolved with kube-lego by Christian Simon How TLS encryption works: x509 for public key certificates Chains of trust Certificate authorities and root certificates Episode 60, with Mark Shuttleworth, founder of Thawte LetsEncrypt How it works ACME protocol HTTP-01 and DNS-01 validation cert-manager concepts: Issuers and Certificates Self-signing issuers Kubernetes and webhooks: Validating webhooks require TLS Kubebuilder supports cert-manager Chicken-and-egg problem for validating webhooks Conversion webhooks Mirror/static pods Kubernetes ingress quick-start tutorial Different solver types The ingress-shim controller Other issuer options: Vault, internal CA, CertificateRequests Lets Encrypt is blocking old cert-manager versions Edge cases where retry looping would start v0.11 release notes Upgrading to v0.11 Getting involved: cert-manager and cert-manager-dev Slack channel Bi-weekly community call cert-manager on GitHub James Munnelly on Twitter