At KubeCon NA 2023, Kaslin interviewed attendees, discussed the new CPU vulnerability Reptar, and the release of Spring Boot 3.2. Other topics include AI, security, and environmental sustainability in the tech industry, accessibility, WebAssembly, and imposter syndrome. The episode reflects on the overwhelming but exciting experience at KubeCon NA 2023, SIG Boba's success, and proposals for a newbie booth. The hosts discuss their favorite moments, the importance of accessibility, and call for spreading the word about the podcast.

Jesper Larsson, a Freelance PenTester, discusses the importance of security in Kubernetes and infrastructure as code. They cover topics such as access permissions, web application vulnerabilities, pen testing experiences, and common mistakes to avoid. Jesper also shares his background in hacking and penetration testing, emphasizing the significance of networking at meetups. The podcast explores vulnerabilities in third-party software companies and the limitations of using example code. They also discuss an AI tool for analyzing overprivileged accounts in Google Cloud.

Guest Fabian Kammel, Security Architect at ControlPlane, discusses confidential computing, trusted execution environments, and the differences between TPMs and HSMs. The chapter also explores the concept of confidential virtual machines and their use in sensitive industries like defense and healthcare.

Marek Siarkowicz and Wenjia Zhang discuss etcd, its recent change to become a Special Interest Group, and how to learn etcd. They explore the role of etcd as a key value store in Kubernetes, the importance of storage and data, learning about HCD and clusters for the certified Kubernetes administrator exam, contributing to the etcd community, and the functionality and limitations of the queue tool for Kubernetes.

WasmCon took place in BELLEVUE, WASHINGTON on Sept 6-7 2023. Kaslin and Mia from our advocacy team went down there and spoke to some folks at the conference to get their impression of the event. Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Mia Villaseñor: Twitter/X LinkedIn Cilium Graduated Docker AI apps tools Kubernetes steering committee election results CRI-O moved to Kubernetes owned repository CNCF TOC voted to archive the SMI project Links from the interview WasmCon 2023 Guests Dan Wilson Hood Chatham Brendan Irvine-Broque Josh Berkus Kevin Zheng Sid Hussmann Dawn Parzych Daiki Akasaka Radu Matei Dan Mihai Dumitriu Russell Ashi Chris Madison Brooks Townsend Open Policy Agent V8 Gapfruit OS WASI Capabilities Trusted Compute Group Trusted Platform Module (TPM) Jnode Midokura WASM Runtime Cosmonic Cloud CNCF WasmCloud Wasm Components Model WASI WasmTimeSQLite in Wasm talk at WasmCon AI and Wasm talk at WasmCon Envoy and Wasm The WIT format Cloudflare RU workers Wasm and Kubernetes Wasm and Kubernetes case study Doom on Cloudflare workers with Wasm Wasm and bosch by Emily Ruppel Dynamic Linking Python Dynamic Linking in Wasm from Wasm I/O 23 Links from the post-interview chat Podcast episode#208 with Phil estes Podcast episode#203 with Justin Cormack

In this podcast, Istio core maintainers John Howard and Keith Mattix discuss the latest updates on Istio, including the introduction of native sidecar containers and the new ambient service mesh architecture. They also talk about implementing Z Tunnel in Rust, enabling mesh transport with H-bone, and the impact of Istio's graduation within the CNCF.

Learn about the history of containers, Docker, and Kubernetes from expert Phil Estes. They discuss the intertwined relationship between Docker, containerd, and Kubernetes, the importance of open source, and the security differences between containers and micro VMs.

Grace Nguyen, the Kubernetes 1.28 release lead, discusses the challenges and work behind the release, including API awareness of side-car containers and improvements in storage and pod termination policies. The podcast also explores job retry and admission web hooks in Kubernetes 1.28, lack of deprecations in the release, and the move to community-owned package repositories for sidecars in Kubernetes.

Wesley Hales and Max Bruce, co-founders of LeakSignal, discuss layer seven cybersecurity solutions and their use of WebAssembly technology. They delve into the implementation and potential of Proxy WASM, the components of LeakSignal, and the limitations of eBPF for complex scanning.

“The State of Kubernetes Cost Optimization,” is a recent report based on research into best practices for running Kubernetes clusters. If you’re running your workloads as efficiently as possible, your costs will be optimal too. The report reviews the data and offers recommendations on tools and techniques you can use to optimize your Kubernetes clusters. We talk with two of the report’s creators, Fernando Rubbo and Kent Hua, to learn more.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week - CNCF Istio Graduation blog - Istio’s blog about CNCF Graduation - CNCF Blog on Flux v2 GA release - Redhat Blog on Kubevirt 1.0 - Pulumi blog on v4.0 of their Kubernetes Provider - VMware Wasm Labs blog on serverless with wasm - CNCF announcement of over 30 new members  - VMware docs on self-hosted Tanzu Links from the interview - The State of Kubernetes Cost Optimization report - “Sharing the inaugural State of Kubernetes Cost Optimization report” blog - Resource Management for Pods and Containers (Kubernetes Documentation) Links from the post-interview chat - Google Site Reliability Engineering (SRE) books - Google Cloud Managed Service for Prometheus