Kubernetes Podcast from Google

Docker CEO Scott Johnston joins us to talk about the announcements from this week’s DockerCon, the transition from an enterprise to a developer tools company, and the Internet’s favourite whale. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Podes and antipodes Side note: Kubernetes needs the concept of an Antipod. BRB, writing a KEP Google Cloud Podcasts News of the week DockerCon 2022 Docker Extensions Docker Desktop for Linux Late breaking news: Docker acquires Nestybox Spot VMs now on GCE and GKE; spot pods now on GKE Autopilot Fully managed Linkerd with Buoyant Cloud Sign up for CDcon and save 40% by using the code CdCon22AMEET40 AWS adds Kubernetes resource view Deploying Kubernetes clusters in absurd languages by Lee Briggs Links from the interview Docker DockerCon ‘22 DockerCon ‘14, the announcement of Kubernetes Return or Revenge? Scott’s history Four degrees from Stanford, including an MSMSE Sun and Netscape Java Servlets and J2EE Moore’s Law and Metcalfe’s Law Standard on the Internet Tom Lyon Loudcloud/Opsware and a16z Puppet Scott joins Docker in 2014 The monorepo The Soul of a New Machine Docker Swarm Messages from the future and the Google crystal ball Open Cotainers Initiative Docker Desktop for Apple Silicon Macs virtiofs for Mac $2.1 billion valuation Moby Project Moby Ice Cube The Dockershim saga, as reported throughout the episodes: Don’t panic about Docker Dockershim deprecation FAQ Mirantis will support the Dockershim But seriously, don’t worry about the Dockershim Dockershim is, like, proper gone The puns and joke section Docker is krilled to see you Billy T James Beached Az. Can’t eat chups! Docker Extensions CNCF Landscape or Magic Eye? Docker Desktop for Linux Multi-arch on Docker Hub Docker roadmap Scott Johnston on Twitter

Gaze into the stars with Kubernetes 1.24 release team lead, James Laverack. James is a software engineer turned solutions engineer at Jetstack, and explains the difference between the two roles, as well as how he found his home in SIG Release and what to expect in 1.24. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week IMDB and MusicBrainz SheetOps xlskubectl by Daniele Polencic News of the week Kubernetes 1.24 Metaflow on Kubernetes KubeVela 1.3 SocketCAN X Kubernetes ARMO raises $30m Aqua’s 2022 Cloud Native Threat Report CVE-2021-25746 in ingress-nginx About the fix Episode 162, with Alejandro de Brito Fontes and Ricardo Katz Plain Kubernetes Secrets are fine, by Mac Chaffee Links from the interview Bristol Box Life as a Solutions Engineer at Jetstack “I don’t think your job is to code anymore, you just talk to people all day.” Minecraft operator Improbable’s etcd operator Intro to the Kubernetes 1.24 release process Kubernetes 1.24 Full release notes Dockershim is, like, proper gone cri-dockerd containerd CRI-O Beta APIs Off by Default Release artifacts are signed, with experimental support for verifying them Increased supply chain security for Kubernetes SLSA Episode 167, with Rey Lejano Episode 174, with Santiago Torres-Arias Storage Capacity tracking and Volume Expansion Storage plugin migration Azure Disk OpenStack Cinder gRPC liveness and readiness probes Avoiding collisions in IP ranges Release theme and logo 1.25 release team Go 1.18 error delays 1.24 release James Laverack on Twitter

Big week for Istio! Craig talks to Mitch Connors, Istio user experience working group lead and IstioCon program committee co-chair, about the project and the conference. Mitch talks to Craig about the news that Istio has been proposed to the CNCF. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week 40th anniversary of the ZX Spectrum Some soothing YouTube channels: Adrian’s Digital Basement Jan Beta RMC - The Cave Mark Fixes Stuff Some conference talks about the Commodore 64: Rich Code for Tiny Computers DevOps for the Commodore 64 DevOps for the ZX Spectrum Manic Miner Play online News of the week Istio has applied to join the CNCF Istio mode in Tanzu Service Mesh KubeVirt moves to Incubation phase in CNCF New sandbox projects: OpenFunction, from Kubesphere Teller, from Spectral Ops Sealer, from Alibaba Chainguard Enforce Episode 47, with Kim Lewandowski EKS Blueprints Unit 42 finds serious vulnerabilities in AWS log4shell hotfix Tanzu State of Kubernetes report Go article in the Communications of the ACM Please support DevOpsDays Kyiv Links from the interview Istio What is Istio? ServiceMeshCon 2019 F5 Networks Merkle tree Merkel tree Sparse Merkle tree When was the last time you implemented a linked list? Envoy proxy istioctl wait Istio working groups Sidecar containers proposal Anthos Service Mesh Managed control and data plane IstioCon 2022 Mitch and Lin’s keynote Istio has applied to join the CNCF Pull request to the CNCF TOC Prusa i3 The frankenprinter RepRap Mitch Connors on GitHub Mitch Conner from South Park Mitch Connors on Twitter

Divya Mohan is a Technical Writer with SUSE, a CNCF Ambassador, co-chair of Kubernetes SIG Docs, and a mentor to new contributors. Learn how her love of language and learning led her from production support to the core of the community. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod News of the week Volcano moves to incubation stage in CNCF Nephio Automating cloud native networks Announcement press release Improving secure software supply chain by Asra Ali and Laurent Simon, Google Open Source Security Team Docker SBOM When the moon hits your eye like a big pizza pie, that’s Anchore Talos Linux 1.0 What’s new in Talos 1.0 Episode 159, with Andrew Rynhard Grafana raises Series D Tanzu Application Platform v1.1 Kubernetes 1.24 delayed But seriously, don’t worry about the Dockershim Ever Forward also delayed Links from the interview From zero to WIP: How I transitioned from being a sys admin working on legacy middleware to sailing the cloud native seas Hindi, Marathi, Malayalam; just 3 of the 22 scheduled languages of India IGATE HSBC Middleware Episode 175, with Bruno Andrade SIG Docs Kubernetes Community Days Bengaluru SIG Contributor Experience Kubernetes and Cloud Native Associate (KCNA) Season of Docs Summer of Code How to contribute to Kubernetes docs Arsh Sharma LitmusChaos, founded by Uma Mukkara and Karthik Satchitanand Divya joins SUSE Hayden Barnes The Friday Four Divya’s writing on WebAssembly Divya Mohan on Twitter

Bruno Andrade is founder and CEO of Shipa, delivering applications and policy “as code” to Kubernetes with a SaaS model. We discuss founding companies in Canada vs the USA, abstractions for deploying apps, and whether Kubernetes will really ever disappear. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Jimmy Fallon and Jimmy Kimmel One show The other show One behind-the-scenes video Another one Ron Gilbert does not like April Fools Just kidding: Return to Monkey Island “If I ever get to make another Monkey Island, I’m going to announce it on April 1st.” News of the week Grafana Mimir FAQ/Interview with the CEO Hacker News discussion Can Grafana run Doom? Open source StackRox is now available GitHub link Dagger Public launch announcement Series A finance round CUE Fermyon introduces Spin Episode 102, with Matt Butcher Google Distributed Cloud Edge IstioCon 2022 program announced PlatformCon 2022 Chainguard: It’s all about that base image by John Speed Meyers and Zack Newman Docker raises $105m Series C TechCrunch coverage Garden.io raises $16m Series A VentureBeat coverage The Ever Forward container ship is still not going forward Links from the interview Shipa IBM WebSphere and WebSphere Application Server Juniper acquires HTBASE Shipa launch press release Ketch Announcement blog Why Kubernetes Will Disappear The English way Bernese mountain dog Application CRD Application API for Kubernetes Sidecar containers Bruno Andrade on Twitter

When is it safe to run software? When is it safe to drink orange juice? Are we a better judge of one or the other? Santiago Torres-Arias is an Assistant Professor at Purdue University, the team lead of the in-toto project, and a contributor to The Update Framework. He joins Craig to talk security in both physical and software supply chains. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Don’t Forget The Lyrics Gettin’ Jiggy Wit It Explained on Genius Will Smith on Top Gear The Oscars thing (CW: violence, cuss words that Will Smith didn’t used to have to rap to sell records) He’s The Greatest Dancer by Sister Sledge; written by Bernard Edwards and Nile Rodgers of Chic News of the week New Cisco Intersight Kubernetes features Red Hat OpenShift v4.10 ChaosNative acquired by Harness Azure PlayFab launches Thundernetes Episode 26, with Cyril Tovena and Mark Mandel Hacker News commentary Weave GitOps v2022-03 Qumulo for Kubernetes SpectroCloud raises $40m Pinterest: 99% to 99.9% SLO, high performance control plane Uber: Avoiding CPU throttling in a containerized environment Links from the interview in-toto The Update Framework Purdue University Elmore Family School of Electrical and Computer Engineering Purdue Boilermakers Open Source Software Senior Design Projects NYU Tandon School of Engineering Justin Cappos PolyPasswordHasher Episode 155, with Priya Wadhwa apt-secure for Debian packages A keysigning and a signed PGP key Farm to table attestation Potato tracking An example of E. coli in lettuce in-toto record Project Trebuchet: How SolarWinds is Using Open Source to Secure Their Supply Chain in the Wake of the Sunburst Hack by Trevor Rosen, Solarwinds Reflections on Trusting Trust by Ken Thompson Secure Publication of Datadog Agent Integrations with TUF and in-toto US Executive Order on Improving the Nation’s Cybersecurity Readout of White House Meeting on Software Security sigstore in-toto is the second most used format for sigstore SPIFFE SLSA in-toto moves to incubation in the CNCF CFSSL Math rock Covet: “falkor” TTNG: +3 Awesomeness Repels Water Bird of the Year The kea Breaking a police car Santiago Torres-Arias on Twitter and at badhomb.re

ThreatMapper is an open source tool that hunts for vulnerabilities in your production Kubernetes environment, and ranks them based on their risk of exploit. It is built by Deepfence, who also sell a commercial product based on it called ThreatStryker. Co-founder/CEO Sandeep Lahane and head of products/community Owen Garrett join Craig to discuss how to decide what to open and what to keep closed, and just how deep his fence needs to be. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 171, with Frederic Branczyk Ahmet Alp Balkan’s coffee beans French press Moka pot News of the week Go 1.18 released Go now with Google Cloud Continuous fuzzing in etcd Veritas says Kubernetes is an Achilles Heel in defense against ransomware attacks ARMO’s changelog for the NSA/CISA hardening guide KubeScape Cloud Native Developer Bootcamp Use the code K8SPC30 for 30% off, if it’s before April 19, 2022 when you read this Plural launches with $6m seed round Launch HN post Speed boost on Docker Desktop for Mac Track the Ever Forward Links from the interview Deepfence ThreatMapper: the open source project ThreatStryker: the commercial product A failed startup story Heartbleed Buffer overflow Address Sanitizer Intel SGX Chrome sandbox Intel MPX Spectre and Meltdown NGINX (the company) eBPF Forward secrecy Deepfence’s Series A announcement Shifting left Behind 2 proxies MITRE ATT&CK matrix Cyber Kill Chain ThreatMapper on GitHub What’s new in ThreatMapper 1.3.0? Sandeep Lahare and Owen Garrett on Twitter

The Argo project is a set of four tools to help “get stuff done” with Kubernetes: Workflows, CD, Rollouts and Events. Jesse Suen is a creator of the Argo project and co-founder and CTO of Akuity, a company set up to provide commercial support for it. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Daylight saving time Container ship follow-up News of the week Backstage and in-toto join the CNCF Episode 136, with Lee Mills and Matt Clark Episode 155, with Priya Wadhwa Gloo Mesh 2.0 announced at SoloCon The New Stack coverage Linkerd failover operator cr8escape vulnerability in CRI-O GKE Autopilot vulnerabilities disclosed by Palo Alto Networks Updated Kubernetes hardening guide (PDF) KubeCon EU 2022 schedule Inside the numbers CNCF Observability micro-survey run:AI raises $75m Links from the interview Argo Project Argo (film) Jason and the Argonauts Applatix Pratik Wadher and Rahul Dhide Argo Workflows Applatix acquired by Intuit; Intuit acquired Applatix Marianna Tessel Alex Matyushentsev The archived Argo CI Argo CD Argo Rollouts GitOps Engine: Flux CD Argo and Flux joining forces First release of the GitOps Engine FAQ about why this didn’t work out Remote vs Core Argo Events Original BlackRock announcement Argo in the CNCF Akuity The many Aaron Court Motels App of Apps ApplicationSets Join the CNCF Slack Argo Workflows and CD community meetings Jesse Suen on Twitter

The fourth horseman of the apocalypse observability, according to Frederic Branczyk, is continuous profiling. Frederic is founder and CEO of Polar Signals and creator of the Parca open source project. He and Craig talk all things Cloud Native observability. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Bad news from Australia: Shane Warne died National emergency called over flooding Strange news Photoshopped fridge magnets Cookery books News of the week Knative accepted as a CNCF incubating project Google Cloud Managed Service for Prometheus is GA k8ssandra 2.0: operator boogaloo Merbridge: eBPF for Istio by DaoCloud New Kubernetes experience in New Relic CVE-2022-0492 coverage: Unit 42 by Palo Alto Networks Jordy Zomer Links from the interview Frederic Branczyk Over-engineering coffee: Niche Zero grinder Decent Espresso Prometheus Creation at SoundCloud Observing the Kubernetes stack: SIG Instrumentation kube-state-metrics Prometheus Operator Thanos Grafana Loki Google-Wide Profiling: A Continuous Profiling Infrastructure for Data Centers Shades of blue are no joke when they make you $200m KubeCon EU 2019 Keynote: …What Does the Future Hold for Observability? - Tom Wilkie & Frederic Branczyk Polar Signals Parca Introducing Parca and getting funded Parca on GitHub Episode 163, with Thomas Dullien Flame graphs and icicle graphs PARCA: Program for Arctic Regional Climate Assessment Pyrra by Matthias Loibl Frederic Branczyk on Twitter

Six years after its creation, Kubernetes is the subject of its very own documentary film. Job platform Honeypot has released. Josiah McGarvie was Honeypot’s head of video, and the lead filmmaker for Kubernetes: The Documentary. Join us for the director’s commentary. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 21, with Ihor Dvoretski Ihor joins the army Donate to: Come Back Alive Ukrainian National Bank The International Committee of the Red Cross Red Cross Red Crescent News of the week Podman 4.0.0 Episode 164, with Daniel Walsh and Brent Baude Signadot announces public beta Okteto raises $15m Series A Episode 125, with Ramiro Berrelleza Platform9’s Enterprise Trends in Cloud Native report. Robin.io acquired by Rakuten Symphony TechCrunch coverage Superbowl ad Links from the interview Kubernetes: The Documentary Part 1 and Part 2 Honeypot What is Honeypot? Honeypot documentaries Elixir Ember GraphQL Vue.js Chad Torbin at Speakeasy Strategies Guillermo López Explaining Kubernetes to a child Bohemian Rhapsody (film) Docker’s 1-year anniversary Netflix Kanye West documentary Aspect ratios Some PHP source code Tim Hockin’s t-shirts A wild Kubernetes Podcast sticker Recommended on LinkedIn The Simpsons go to Australia Brisbane Documentary Company Josiah McGarvie on Twitter