Kubernetes Podcast from Google

Live from Google Cloud Next ‘19 the KPfG team presents a fireside chat with Eric Brewer, our first guest with their own Wikipedia page. Eric devised the CAP theorem for distributed systems, based on his work at early search company Inktomi and UC Berkeley. He was the person who announced Kubernetes to the world almost 5 years ago, and has been working on Google’s cluster and compute infrastructure since 2011. How did you like the live show format? Please let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod News of the week Anthos: Everything You Want To Know About Anthos - Google’s Hybrid And Multi-Cloud Platform by Janakiram MSV New Google Cloud Service’s Key Selling Point: It Works Great With AWS and Azure by Jonathan Vanian Google Cloud makes some strong moves to differentiate itself from AWS and Microsoft by Ron Miller Fluentd graduates to top level project in CNCF Speakers for KubeCon China ‘19 announced AKS to South Central, South and Central The Fargate Illusion, by Lee Briggs Fargate and EKS roadmap OpenStack Stein launches with improved Kubernetes support New GKE features from Next session videos: GKE Sandbox Workload Identity GCP Config Connector Process ID limiting for stability improvements in Kubernetes 1.14 Links from the interview Eric Brewer: Wikipedia Twitter UCB Inktomi DEC SRC, working on AltaVista Inktomi’s wild ride: A Personal View of the Internet Bubble - Eric presenting at the Computer History Museum in 2008 CAP theorem Cat theorem Spanner, TrueTime and the CAP theorem Application Modernization and the Decoupling of Infrastructure, Services and Teams Our revised title President Clinton with Eric Eric’s interview on theCUBE at Next

Anthos (previously known as Cloud Services Platform) has just gone GA at Google Cloud Next. One of its new features is Anthos Migrate, a tool for migrating monolithic apps directly to containers. Issy Ben-Shaul is a Director of Software Engineering at Google Cloud and led the team building Anthos Migrate. He talks to Craig and Adam about it. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Adam enjoyed: Umbrella Academy on TV Hearthstone on the computers Jarrod Alonge in his ears Death metal in water wings Craig enjoyed: Saturday 2/3 of “On The Basis Of Sex” News of the week Anthos from Google Cloud Launch announcement Launch keynote What’s in the box? Cloud Run and Cloud Run on GKE Project Eirini updates bring Kubernetes to Cloud Foundry OPA graduates to the CNCF incubator CRI-O joins the CNCF incubator Buildpacks: defense against the Docker arts Local persistent volumes in Kubernetes - PVC pipes! Istio 1.1.2 out for the Envoy CVEs: NUL parsing bug Path normalisation bug Why Rainforest moved from Heroku to GKE Enabling RBAC for Groups in GKE Metalkube 🤘 Krew moves to SIG-CLI New gVisor website Links from the interview Anthos Migrate & Velostrata Next sessions: Anthos Migrate: On-Prem to Cloud-Native on GKE Real World Customer Migration with Cardinal Health and Atos Anthos Issy Ben-Shaul on Twitter

Tekton brings Kubernetes-style resources for declaring CI/CD-style pipelines. Kim Lewandowski is the Google Cloud product manager who recently announced it. She talks to Adam about the project while Craig sneaks in some vacation at the cafes of New Zealand. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Register for the Kubernetes Podcast from Google Cloud Live session! Craig has a lovely afternoon at the Cable Bay Cafe Auckland Kubernetes Meetup - thanks everyone! Adam reads Origin by Dan Brown Renowned Author Dan Brown, one of Craig’s favourite newspaper columns of all time News of the week Minikube releases v1.0.0 Episode 39, with Dan Lorenc Running Kubernetes locally on Linux with Minikube by Ihor Dvoretski Uber open-sources Peloton Square build a service mesh with Envoy and gRPC AWS App Mesh is GA Tetrate Q Star Trek Q The Service Mesh Era: Istio’s role in hybrid and multi-cloud by Megan O’Keefe Merging OpenTracing and OpenCensus kubectl cp vulnerability and CSI portmap vulnerability Brigade 1.0 from Deis & Microsoft Debugging an intermittent connection reset in kube-proxy by Yongkun Gui Register for the Kubernetes 1.14 webinar Meet the Ambassador: Paris Pittman Four key tips on how to do massive scale with Kubernetes by Reda Benzair Links from the interview Tekton Open Source Leadership Summit A tektōn is a Greek artisan or craftsman Formerly known as Knative Pipeline GitHub repo Triggermesh Aktion In Defense of YAML Continuous Delivery Foundation Contributing to Tekton Kim Lewandowski on Twitter

Kubernetes 1.14 is out! Your hosts talk to release manager Aaron Crickenberger of Google Cloud about the release process, working with Kubernetes Enhancement Proposals (KEPs), cat t-shirts, and being bearded on face vs. at heart. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week MySpace “loses” 12 years of music Peel Forest and The Green Man Cafe Kubernetes Podcast from Google Cloud Next Live Eric Brewer DockerCon 2014 keynote Sign up for free tickets to Google Cloud Next! News of the week Kubernetes 1.14 released Maybe you don’t need Kubernetes? (Spoiler: you do.) Gravity 5.5 with Helm chart support How a cryptocurrency miner made its way onto Kubernetes clusters at JW Player A guide to Kubernetes admission controllers Automated testing for Helm charts with Terratest Kubernetes End-to-End Testing for Everyone To Russia with Love: deploying Kubernetes in foreign locations Links from the interview Aaron Crickenberger Co-founder of SIG Testing Member of the Kubernetes steering committee Blackhawk flight simulator but it’s in a container Aaron’s soundcloud page Hugh Pagdham Release lead CI Signal playbook 1.13 release shadow Groundhog Day Aaron’s podcast recording cat t-shirt Episode 10, with Josh Berkus and Tim Pepper New in 1.14: Kubernetes Enhancement Proposals (KEPs) Code slush removed Windows containers GA Runtime gates GA Pod priority and preemption GA Durable local volumes GA LTS Working Group Cryptonomicon by Neal Stephenson: the suit and the beard Aaron Crickenberger on Twitter

SPIFFE is the Secure Production Identity Framework for Everyone. Craig hates the name. Andrew Jessup, co-founder and VP of Product at Scytale (with a C) tells him and Adam why they should look past that and how Jason Bourne fits into the world of Cloud Native. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Victim Support Official Page: Christchurch Shooting Victims’ Fund The Small Screw Phenomenon from The Book of Ultimate Truths by Robert Rankin News of the week Istio 1.1 is out! NGINX acquired by F5 Tetrate raises $12.1 million Buoyant raises less KubeCon EU schedule is live Rancher releases Submariner Takeaways from the Google Cloud Security Summit CNCF hits 375 members CNCF TOC for 2019 Kubernetes: AWS vs GCP vs Azure vs DigitalOcean VS Code updates for Kubernetes NetEase: 30,000 nodes in a cluster Music in Ancient Greece Links from the interview SPIFFE Scytale The scytale Joe Beda’s Gluecon talk Application Layer Transport Security, which Andrew and Joe refer to as “LOAS” The Bourne Identity Istio Citadel Scytale Enterprise Andrew Jessup on Twitter

Today Google and CloudBees, along with 20 other companies, launch the Continuous Delivery Foundation (CDF). Tracy Miranda is the Director of Open Source Community at CloudBees, who coordinated donating Jenkins and Jenkins X to the CDF. She talks to Adam and Craig about why it the CDF been formed, and what to expect in this space in the future. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week John Wilkes’ series of simulations Kubernetes Podcast from Google Cloud Next - live show at Google Cloud Next! News of the week Continuous Delivery Foundation Tekton Red Hat introduces Quarkus Web site and GitHub GraalVM Give-me-Gin-and-Tonic The service mesh era: Using Istio and Stackdriver to build an SRE service How Red Hat are changing deployment topology in OpenShift 4 Quickfire container security news: StackRox won an award for Best Emerging Technology from SC Media Alcide won the Breakout Cloud Security infosec award from Cyber Defense Magazine Capsule8 made it into the RSA innovation sandbox Aqua 4.0 now does function vulnerability scanning Twistlock 19.03 adds host forensics and runtime self-protection functionality for VMs SSH.com extended their tech to manage SSH keys for containers CNCF joins Google Summer of Code Fill out the State of DevOps Report Read last year’s results Links from the interview CloudBees Kohsuke Kawaguchi The population of Greece Jenkins Jenkins X Throwing an X Throwing an axe Tekton Spinnaker Continuous Delivery Summit at KubeCon EU in May CDF members Fastlane, continuous delivery for mobile, is on Tracy’s wishlist Tracy Miranda on Twitter or at tracymiranda.com

Brian Grant joined the Borg team in 2009, and went on to co-found both Omega and Kubernetes. He is co-Technical Lead of Google Kubernetes Engine, co-Chair of Kubernetes SIG Architecture, a Kubernetes API approver, a Kubernetes Steering Committee member, and a CNCF Technical Oversight Committee member, where he’s sponsored 11 CNCF projects. Your hosts talk to him about all those things. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Sunset from Mauao (Mount Maunganui) Russian Doll on Netflix Edge of Tomorrow sequel back on News of the week Rancher introduces k3s Didn’t they launch it 5 months ago? k3s.io VMware launches VMware Essential PKS Istio Operator from BanzaiCloud CVE-2019-1002100 containerd graduates at the CNCF Scytale announces $5m funding and Scytale Enterprise SPIFFE and SPIRE Automate operations on your cluster with OperatorHub.io OperatorHub website RightScale State of the Cloud 2019 Links from the interview Borg, Omega and Kubernetes Borg paper Omega paper Issue 831: implement Image volumes and container volumes in Kubernetes Chubby key-value store paper IP per Pod LMCTFY CNCF TOC Updated 2018 mission for the CNCF SIG and Working Group List Devstats PR 1325: create kubectl Brian Grant on Twitter PR 607

Kubernetes has a number of mechanisms to enforce policy: some built-in, like quota and NetworkPolicy; some extensions or add-ons like OPA. John Murray, a product manager at Google Cloud, joins Craig and Adam to talk about policy and configuration, and introduce the new CSP Config Management tool launched to Beta along with the new Cloud Services Platform. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Adam is in the news! Cat Lady Craig’s Oscar prediction and Rami Malek’s incident News of the week Google brings Cloud Services Platform to Beta Application Modernization and the Decoupling of Infrastructure Services and Teams by Eric Brewer and Jennifer Lin Developer preview of OpenShift v4 Knative v0.4 Update to Azure DevOps Projects support for Azure Kubernetes Service The service mesh era: Securing your environment with Istio by Samrat Ray of Google Cloud Cloud Native DevOps with Kubernetes by John Arundel and Justin Domingus Get it free* from NGINX All new Reddit services run on Kubernetes Breaking Docker via runC by Yuval Avrahami of Twistlock Secure Kubernetes with Vault by Bjorn Wenzel Migrating from Heroku to GKE How to prepare for a Kubernetes interview Adding “containers” to Linux Links from the interview ResourceQuota, PodSecurityPolicy and NetworkPolicy Open Policy Agent Kubernetes integration CSP Config Management Take control of your clusters with CSP Config Management (blog post) John Murray on Twitter

The history of Borg influences the history of Kubernetes in many ways: Google has different teams handle “get traffic to a cluster” and “serve traffic”, so Kubernetes has a conceptual split here too. Tim Hockin, Kubernetes co-founder, Google principal engineer and former Borg/Omega team leader, joins Adam and Craig to explain the history and future of the Ingress API, why it’s taken so long to get to v1, and how it might evolve in the future. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Intelligence Squared: Can an AI change your mind? Robot or Not: Is your AI a robot? News of the Week Arm joins the CNCF Cilium 1.4 is released Installing on GKE Lightboard: week Managed Knative on IBM Kubernetes Service Brendan Burns’ videos for Microsoft Azure New EKS regions New EKS CNI plugin Kubernetes Day India schedule announced Liz Rice on episode 19 The Information on Kubernetes (subscription or e-mail address required) Links from the interview Hello, my name is Tim Hockin, and I pronounce “kubectl” as “kubectl” lmctfy, Google’s open source container tool Episode 22 with Dawn Chen Kubernetes network concepts: Service and Ingress Annotations NGINX ingress Google Cloud BackendConfig Heptio Contour IngressRoute Istio v1alpha3 API KEP to move Ingress to v1 (GA) T-shirt logos Tim’s favourites: Brushstrokes and Pixels Craig’s favourite is the paint splash Tim Hockin on Twitter

The new GKE Usage Metering feature lets you find out how much your tenants or applications cost to run. Your hosts talk to Madhu Yennamani, product manager at Google Cloud, about usage metering, and how new GKE features are implemented. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the Week Weather in Seattle Weather in London News of the week runc vulnerability: Open source disclosure Write up from the patch author GKE bulletin Kubernetes blog post Infoworld names Kubernetes a Technology of the Year Encrypting GKE secrets with Google Cloud KMS Build containers faster with Google Cloud Build and Kaniko Jib 1.0.0 GA Red Hat CodeReady Workspaces Heptio open source project changes Platform9 VMware Kubernetes managed service ClearDATA launches Kubernetes solution for healthcare KubeCon diversity scholarships Poseidon Firmament scheduler Firmanent Links from the interview GKE usage metering: Whose line item is it anyway? Enable GKE usage metering BigQuery Google Data Studio Madhu Yennamani on LinkedIn