Kubernetes Podcast from Google

Dan Stein is an engineering manager at General Bioinformatics. Dan Stein is also DJ Fresh, a multi-million selling artist with two UK number one records. Learn about the surprising overlap between these two careers. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod and @craigbox Chatter of the week Trevor Noah stepping down as host of Daily Show Follow @craigbox to learn what’s next News of the week Google Cloud adds GPU support to Autopilot Pricing CVE-2021-36782 in Rancher State of DevOps Report for 2022 Congratulations to the 27 Summer LFX Program CNCF interns Reviewing the 2019 Kubernetes security audit Links from the interview DJ Fresh Atari 800 and Atari ST Pong Atari BASIC Commodore Amiga OctaMED Fatboy Slim and the Atari ST Dogs on Acid music forum Taylor Hawkins Tribute Concerts Abolishing the high tax rate in the UK, or not Breakbeat Kaos Hold Your Colour by Pendulum Kryptonite by DJ Fresh Gold Dust Subsequent hits: Louder Hot Right Now Kyma (sound design language) and Max/MSP We Got Coders General Bioinformatics NGS gene sequencing Ensembl Hasura GraphQL Playground NCBI - National Center for Biotechnology Information Max Martin How Music Works by John Powell Learning: Treehouse Udemy 3Blue1Brown Codeacademy DJ Fresh’s new single, Higher DJ Fresh on Facebook Dan Stein on Twitter

Betty Junod, VP of Product Marketing at VMware Tanzu, kindly took up Craig’s challenge to explain the various parts of the Tanzu ecosystem, and how the traditional IT buyer and the modern cloud native really aren’t that different. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod and @craigbox Chatter of the week NASA DART mission Deep Impact Armageddon Apparent retrograde motion Planets beyond Neptune News of the week Istio sails into the CNCF SPIFFE and SPIRE graduate Episode 45, with Andrew Jessup Brigade archived Sysdig 2022 Cloud Native threat report The nice TeamTNT Episode 188, with Kateryna Ivashchenko Episode 169, with Anna Belak Chainguard introduces Wolfi workerd, from Cloudflare Introducing Palaemon Custom org policy for GKE in preview Leveraging Kubernetes for an elastic platform at Blablacar by Sebastien Doido Links from the interview VMware History Docker Solo.io VMware Tanzu introduction blog VMware acquires Heptio VMware acquires Pivotal Tanzu Mission Control Tanzu for Kubernetes Operations Tanzu Application Platform Tanzu Kubernetes Grid Bring your own host to TKG Project Pacific introduction TKG 2.0 VMware Aria Operations for Applications Tanzu Application Service Cloud Foundry Open source projects: Velero Antrea Carvel Cartographer Michigan cider Detroit-style pizza Betty Junod on Twitter

When you think of a service mesh, you probably think of “sidecar containers running with each pod”. The Istio team has come up with a new approach, introduced recently as an experimental preview. Google Cloud software engineers Justin Pettit and Ethan Jackson join Craig to explore ambient mesh. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Listening immediately and listening on a 1 year delay Death and state funeral of Queen Elizabeth II The Queue What the queue says about our relationship with royalty News of the week Cloud Custodian becomes an incubating project Anthos VM support GKE control plane metrics CVE-2022-3172: Aggregated API server can cause clients to be redirected CVE-2021-25749: runAsNonRoot logic bypass for Windows containers Akuity Platform Episode 172, with Jesse Suen Weave GitOps 2022.09 Coroot Community Edition Constellation, by Edgeless Systems Register for Google Cloud Next Dell and Red Hat expand strategic collaboration Links from the interview Nicira Open vSwitch Introucing Ambient Mesh Service mesh First mention of Ambient in 2018 No first class support for sidecars in Kubernetes Istio working group meeting, August 2021 Remote proxy proposal HBONE: HTTP/2-based overlay network environment mTLS HTTP Connect GIF MASQUE and QUIC Get started with Ambient Mesh Ambient Mesh Security Deep Dive Justin Pettit and Ethan Jackson on Twitter

Kateryna Ivashchenko is a Senior Demand Generation Manager at Teleport, an organizer of community events, and a supporter of the developer community in her home country of Ukraine. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod News of the week Introducing Ambient Mesh in Istio Istio 1.15 Linkerd 2.12 Linkerd and the Gateway API Symbiosis Cuber nay-tace Reddit discussion VMware Tanzu announcments from VMware Explore Isovalent raises $40m Series B Kubernetes Blog: PodSecurityPolicy: The Historical Context Pod Security Admission Controller in Stable CSI Inline Volumes have graduated to GA cgroup v2 graduates to GA Kubernetes was never designed for batch jobs by Kurt Schelfthout 7 years of GKE General Availability Links from the interview Portworx Teleport 24 February 2022: Russia invades Ukraine BeyondCorp Teleport open source hunter2 Okta breach Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers by Andy Greenberg War in Ukraine Kateryna’s sister’s T-shirt Independence Day Chris Lentricchia and Operation Dvoretskyi CNCF crowdfunding DevOpsDays Kyiv International Snack Exchange Kateryna Ivashchenko on Twitter

It’s release day! We discuss today’s Kubernetes 1.25 with release team lead Cici Huang, Software Engineer at Google Cloud. What’s in, what’s out, and what is it like to lead a release you are also promoting a feature in? Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Nelson underwater England underwater A picture of a sheep Follow Craig on Twitter for more like that News of the week Kubernetes 1.25 release Introducing Acorn Acorn Labs: Rancher Co-Founders’ New Kubernetes Startup by Christine Hall Episode 57, with Darren Shepherd GKE updates: New observability metrics GKE Autopilot now default 256 pods per node KubeCon schedule published Cloud Native Rejekts Scaling Kubernetes to thousands of CRDs by Nic Cope Links from the interview IBM Watson Kubernetes Community Awards SIG API Machinery Chair & Cici’s hiring manager: Fede Bongiovanni Kubernetes 1.25 release team Release blog Highlights: PodSecurityPolicy is removed; Pod Security Admission is stable cgroups v2 KMS v2alpha1 CRD valdation experession language Registry change Kubernetes 1.24 delay Theme and logo Envelopes: 1.24 lead: Episode 178, with James Laverack 1.26 lead: Leonard Pahlke Cici Huang on GitHub

Three years after they were first proposed, the new Kubernetes Gateway APIs - the evolution of the Ingress API - are in Beta. Rob Scott is a software engineer at Google and a lead on the SIG Network Gateway API project. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Hot hot hot Stevenson screen Heathrow Airport Kew Gardens RAF Coningsby News of the week Argo security audit: Argo blog ADA Logics blog Episode 172, with Jesse Suen Kubernetes Cluster API integrates continuous fuzzing The report OSS Fuzz Cilium 1.12 GKE Cluster Autoscaler location policy The quest for neutrinos Ray traced Quake II Links from the interview Gateway API Spire Labs Fairwinds rbac-manager Polaris Episode 104, with Bowei Du Ingress Gateway API concepts and role-orientation Roles and resource model GatewayClass GKE implementation of GatewayClass Conformance tests Policy attachment Gateway Routes Gateway API goes to Beta GRPCRoute Gateway Enhancement Proposal (GEP) Istio APIs that influenced the Gateway API GAMMA Initiative Istio support for Gateway API SMI community joining Gateway API on GitHub Santa Cruz Moutains Rob Scott on Twitter and LinkedIn

Ian Miell, partner at consultancy Container Solutions, talks about the benefits of writing for learning and team effectiveness. Other topics include online gambling politics, building software for startups and enterprises, the benefits of being a tech consultant, and exploring finance topologies for technology transformation.

Why does a car manufacturer own an IT company? How did that IT company end up running 900 Kubernetes clusters, starting at version 0.9? Craig asks these questions and more of Sabine Wolz, Product Manager at Mercedes-Benz Tech Innovation. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Live UK political coverage on the day of recording. As predicted, news happened slightly faster than publication, and at the time of release, Boris Johnson is expected to resign as Conservative Party leader today. Shibboleth Lord of the Rings TV show moved to UK News of the week GKE Cost Allocation CubeFS accepted as CNCF incubating project Bare metal deployments for EKS Anywhere Episode 142, with Gianluca Arbezzano Cubernetes Episode 20, with Justin Garrison OpenShift Service Mesh 2.2 Tanzu Mission Control adds FluxCD Pixie plugins What GKE users need to know about Kubernetes’ new service account tokens, by Taahir Ahmed Kubernetes is a red flag signalling premature optimisation, by Jeremy Brown Hacker News discussion eBPF Summit 2022 Links from the interview Mercedes-Benz Tech Innovation Mercedes-Benz and Daimler Truck How should electric vehicles sound? Ulm and its church Sabine’s KubeCon keynote How to Migrate 700 Kubernetes Clusters to Cluster API with Zero Downtime: Tobias Giese & Sean Schneeweiss Game theory FOSS Manifesto Inner source CNCF End User Community The promise of flying cars Sabine Wolz on LinkedIn

Gone are the days of working at the same company for 50 years. Consultants and contractors bring specialised experience to many companies in short bursts. Steve Wade is an independent Kubernetes consultant and trainer, and he tells us how that became the life for him. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Queen Bourton-on-the-Water, fire in the sky Model village Model village inception News of the week New GKE features: eBPF and IP masquerading in GKE Autopilot Dual stack networking Time-shared GPUs Confidential GKE nodes Paralus (by Rafay) Furiko (by Shopee) New CNCF Sandbox projects: Clusterpedia OpenCost Aeraki Mesh Curve OpenFeature Kubewarden DevStream Traefik Hub Cyble’s exposed Kubernetes clusters Bitnami index FAQ Links from the interview Premier League Tesco Consultants and IR35 KSOC Indian food Steve Wade (1987) on Twitter

As we move further up the stack, we rely on many foundations – including storage. Alex Chircop is co-chair of the CNCF Storage Technical Advisory Group (TAG), as well as founder and CEO of Ondat (formerly StorageOS). Join us to learn why no app is truly stateless, and how data is the new storage. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Crowded House snippets: Distant Sun Sister Madly Don’t Dream It’s Over (you know this one) Weather With You Something So Strong How Will You Go News of the week Kubernetes 2021 annual report and blog post discussing it SUSECon news SLSA Level 4 The State of CD 2022 report Introducing OpenCost Spec Episode 124, with Webb Brown OSTIF and ADA Logics posts discussing the CRI-O project audit Bitnami Helm chart pruning and Reddit discussion Upcoming Code of Conduct changes at the CNCF Links from the interview Goldman Sachs on Google Cloud Episode 181, with Justin Santa Barbara KubeCon EU 2016 CNCF TAG Storage Data on Kubernetes community CNCF TAGs CNCF Storage WG talk at KubeCon EU 2019 CNCF TAG Storage talk at KubeCon EU 2022 Kubernetes SIG Storage Xing Yang CSI and COSI Quinton Hoole Federation, aka “Ubernetes” Whitepapers: Storage Disaster Recovery Ondat Updog Alex Chircop on Twitter