Kubernetes Podcast from Google

What is configuration as data, how is different from infrastructure as code, and why can't anything just be itself anymore? We posed these questions and more to long-time Kubernetes contributor Justin Santa Barbara at KubeCon EU, and this episode is the result. Justin created the kOps project and now leads the team at Google that makes Kubernetes easier to consume. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week #kubecovid Alhambra La Alhambra Cats of the Alhambra News of the week Cloud Native at Microsoft Build Azure Container Apps are GA AKS updates Docker acquires Tilt Broadcom acquires VMware FT coverage Customer reaction from The Register Istio 1.14 GKE Cost Estimator Goodbye to Katacoda Take the DORA survey or read the 2021 report Links from the interview FathomDB Meteor acquires FathomDB for its development platform Sherlocking OpenStack kOps GitHub Configuration management tools Infrastructure as Code JSON, YAML, Proto and INI Helm values.yaml Kubernetes Resource Model (KRM) kustonize kpt Package management Configuration as Data announcement blog Porch kpt functions Backstage Config Sync and Config Connector Kubernetes component configuration Cluster API Justin Santa Barbara on Twitter

Live from Valencia, it's KubeCon EU! Craig talks to conference co-chair and CERN computer scientist Ricardo Rocha about the event, and what it's like to be in a room full of people again. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week 9am Karaoke News of the week CNCF news from KubeCon EU: SlashData survey 800 members Boeing Coinbase Prometheus Certified Associate Google Cloud improves GitOps usability with Config Sync and Porch kpt Other Google news from KubeCon Tetragon from Isovalent Envoy Gateway Infra Ask HN with the creators Cloud Foundry launches Korifi SUSE NeuVector is open source CloudNativePG from EnterpriseDB All the other options Assured Open Source Software from Google Cloud Recent Guest news: Akuity announces $20m Series A (episode 172) Komodor raises $42 million Series B (episode 153) Deepfence launches Deepfence Cloud (episode 173) Lightning Round Armory announced public early access to their new Continuous Deployment-as-a-Service product Aserto announces its "better together" approach to authorization by bringing together OPA, OCI, and Sigstore Bunnyshell Introduces support for multi-repository Terraform with full-stack drift management and GitOps Calyptia announces the General Availability of Calyptia for Fluent Bit, CAST AI introduces advanced Autoscaler for AKS Clastix launches Kamaji, a new open source tool for Managed Kubernetes Service CloudCasa by Catalogic expands to support Microosft AKS Codenotary combines Community Attestation Service with background vulnerability scanning CodeZero Launches Surf, a new developer tool for observability in pre-production Kubernetes environments CrateDB introduces Logical Replication D2iQ Partners with GitLab DataCore Bolt container-native storage software now GA; built on their acquisition of Mayadata Datadog launches Application Security Monitoring and support for OpenTelemetry Protocol in the Datadog Agent, Deepfactor partners with Synopsys to help developers resolve cloud native supply chain security risks env0 enables full-stack IaC deployment and management with native Kubernetes support Era Software introduces EraStreams Fairwinds Insights unifies DevSecOps with additional shift-left enhancements GitLab free tier adds pull-based Kubernetes deployments Google announced a new low-cost, high-usage pricing tier for Google Cloud Managed Service for Prometheus HCL Technologies launches Kubernetes migration platform Kasten by Veeam launches K10 v5.0 released Runecast adds CI/CD integration and image scanning Lacework introduces new Kubernetes Audit Logs monitoring Loft Labs announces a Cluster API provider for vcluster NetFoundry embeds zero trust into Prometheus New Relic introduces low-overhead Kubernetes monitoring and Pixie plug-in framework Pure Storage's new Database as a Service platform is GA Replicated introduces community licensing and pre-flight checks SphereEx releases DB-Plus Suite Snapt announces security package to run Kubernetes in public cloud SPIRE now runs on Windows Sysdig launches new Advisor and Sysdig Open Source leverages Falco plugins SysEleven unveils MetaKube Operator Timescale announces OpenTelemetry Tracing support for Promscale Vultr Kubernetes Engine now Generally Available Zesty Disk for Kubernetes introduced Links from the interview Episode 62 Lukas Heinrich Clemens Lange CERN LHC Computing Grid Large Hadron Collider Kubeflow Data on Kubernetes Community CNCF Research User Group CNCF TOC Volcano moves to incubation KubeCon EU 2022 Episode 165, with Jasmine James Selection process report for KubeCon EU KubeCon China 2021 Research track Puppies at KubeCon NA 2019 Code, mountains and flying Kubernetes on an F/16 Ricardo Rocha on Twitter and on the web

Docker CEO Scott Johnston joins us to talk about the announcements from this week's DockerCon, the transition from an enterprise to a developer tools company, and the Internet's favourite whale. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Podes and antipodes Side note: Kubernetes needs the concept of an Antipod. BRB, writing a KEP Google Cloud Podcasts News of the week DockerCon 2022 Docker Extensions Docker Desktop for Linux Late breaking news: Docker acquires Nestybox Spot VMs now on GCE and GKE; spot pods now on GKE Autopilot Fully managed Linkerd with Buoyant Cloud Sign up for CDcon and save 40% by using the code CdCon22AMEET40 AWS adds Kubernetes resource view Deploying Kubernetes clusters in absurd languages by Lee Briggs Links from the interview Docker DockerCon '22 DockerCon '14, the announcement of Kubernetes Return or Revenge? Scott's history Four degrees from Stanford, including an MSMSE Sun and Netscape Java Servlets and J2EE Moore's Law and Metcalfe's Law Standard on the Internet Tom Lyon Loudcloud/Opsware and a16z Puppet Scott joins Docker in 2014 The monorepo The Soul of a New Machine Docker Swarm Messages from the future and the Google crystal ball Open Cotainers Initiative Docker Desktop for Apple Silicon Macs virtiofs for Mac $2.1 billion valuation Moby Project Moby Ice Cube The Dockershim saga, as reported throughout the episodes: Don't panic about Docker Dockershim deprecation FAQ Mirantis will support the Dockershim But seriously, don't worry about the Dockershim Dockershim is, like, proper gone The puns and joke section Docker is krilled to see you Billy T James Beached Az. Can't eat chups! Docker Extensions CNCF Landscape or Magic Eye? Docker Desktop for Linux Multi-arch on Docker Hub Docker roadmap Scott Johnston on Twitter

Gaze into the stars with Kubernetes 1.24 release team lead, James Laverack. James is a software engineer turned solutions engineer at Jetstack, and explains the difference between the two roles, as well as how he found his home in SIG Release and what to expect in 1.24. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week IMDB and MusicBrainz SheetOps xlskubectl by Daniele Polencic News of the week Kubernetes 1.24 Metaflow on Kubernetes KubeVela 1.3 SocketCAN X Kubernetes ARMO raises $30m Aqua's 2022 Cloud Native Threat Report CVE-2021-25746 in ingress-nginx About the fix Episode 162, with Alejandro de Brito Fontes and Ricardo Katz Plain Kubernetes Secrets are fine, by Mac Chaffee Links from the interview Bristol Box Life as a Solutions Engineer at Jetstack "I don't think your job is to code anymore, you just talk to people all day." Minecraft operator Improbable's etcd operator Intro to the Kubernetes 1.24 release process Kubernetes 1.24 Full release notes Dockershim is, like, proper gone cri-dockerd containerd CRI-O Beta APIs Off by Default Release artifacts are signed, with experimental support for verifying them Increased supply chain security for Kubernetes SLSA Episode 167, with Rey Lejano Episode 174, with Santiago Torres-Arias Storage Capacity tracking and Volume Expansion Storage plugin migration Azure Disk OpenStack Cinder gRPC liveness and readiness probes Avoiding collisions in IP ranges Release theme and logo 1.25 release team Go 1.18 error delays 1.24 release James Laverack on Twitter

Big week for Istio! Craig talks to Mitch Connors, Istio user experience working group lead and IstioCon program committee co-chair, about the project and the conference. Mitch talks to Craig about the news that Istio has been proposed to the CNCF. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week 40th anniversary of the ZX Spectrum Some soothing YouTube channels: Adrian's Digital Basement Jan Beta RMC - The Cave Mark Fixes Stuff Some conference talks about the Commodore 64: Rich Code for Tiny Computers DevOps for the Commodore 64 DevOps for the ZX Spectrum Manic Miner Play online News of the week Istio has applied to join the CNCF Istio mode in Tanzu Service Mesh KubeVirt moves to Incubation phase in CNCF New sandbox projects: OpenFunction, from Kubesphere Teller, from Spectral Ops Sealer, from Alibaba Chainguard Enforce Episode 47, with Kim Lewandowski EKS Blueprints Unit 42 finds serious vulnerabilities in AWS log4shell hotfix Tanzu State of Kubernetes report Go article in the Communications of the ACM Please support DevOpsDays Kyiv Links from the interview Istio What is Istio? ServiceMeshCon 2019 F5 Networks Merkle tree Merkel tree Sparse Merkle tree When was the last time you implemented a linked list? Envoy proxy istioctl wait Istio working groups Sidecar containers proposal Anthos Service Mesh Managed control and data plane IstioCon 2022 Mitch and Lin's keynote Istio has applied to join the CNCF Pull request to the CNCF TOC Prusa i3 The frankenprinter RepRap Mitch Connors on GitHub Mitch Conner from South Park Mitch Connors on Twitter

Divya Mohan is a Technical Writer with SUSE, a CNCF Ambassador, co-chair of Kubernetes SIG Docs, and a mentor to new contributors. Learn how her love of language and learning led her from production support to the core of the community. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod News of the week Volcano moves to incubation stage in CNCF Nephio Automating cloud native networks Announcement press release Improving secure software supply chain by Asra Ali and Laurent Simon, Google Open Source Security Team Docker SBOM When the moon hits your eye like a big pizza pie, that's Anchore Talos Linux 1.0 What's new in Talos 1.0 Episode 159, with Andrew Rynhard Grafana raises Series D Tanzu Application Platform v1.1 Kubernetes 1.24 delayed But seriously, don't worry about the Dockershim Ever Forward also delayed Links from the interview From zero to WIP: How I transitioned from being a sys admin working on legacy middleware to sailing the cloud native seas Hindi, Marathi, Malayalam; just 3 of the 22 scheduled languages of India IGATE HSBC Middleware Episode 175, with Bruno Andrade SIG Docs Kubernetes Community Days Bengaluru SIG Contributor Experience Kubernetes and Cloud Native Associate (KCNA) Season of Docs Summer of Code How to contribute to Kubernetes docs Arsh Sharma LitmusChaos, founded by Uma Mukkara and Karthik Satchitanand Divya joins SUSE Hayden Barnes The Friday Four Divya's writing on WebAssembly Divya Mohan on Twitter

Bruno Andrade is founder and CEO of Shipa, delivering applications and policy "as code" to Kubernetes with a SaaS model. We discuss founding companies in Canada vs the USA, abstractions for deploying apps, and whether Kubernetes will really ever disappear. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Jimmy Fallon and Jimmy Kimmel One show The other show One behind-the-scenes video Another one Ron Gilbert does not like April Fools Just kidding: Return to Monkey Island "If I ever get to make another Monkey Island, I'm going to announce it on April 1st." News of the week Grafana Mimir FAQ/Interview with the CEO Hacker News discussion Can Grafana run Doom? Open source StackRox is now available GitHub link Dagger Public launch announcement Series A finance round CUE Fermyon introduces Spin Episode 102, with Matt Butcher Google Distributed Cloud Edge IstioCon 2022 program announced PlatformCon 2022 Chainguard: It's all about that base image by John Speed Meyers and Zack Newman Docker raises $105m Series C TechCrunch coverage Garden.io raises $16m Series A VentureBeat coverage The Ever Forward container ship is still not going forward Links from the interview Shipa IBM WebSphere and WebSphere Application Server Juniper acquires HTBASE Shipa launch press release Ketch Announcement blog Why Kubernetes Will Disappear The English way Bernese mountain dog Application CRD Application API for Kubernetes Sidecar containers Bruno Andrade on Twitter

When is it safe to run software? When is it safe to drink orange juice? Are we a better judge of one or the other? Santiago Torres-Arias is an Assistant Professor at Purdue University, the team lead of the in-toto project, and a contributor to The Update Framework. He joins Craig to talk security in both physical and software supply chains. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Don't Forget The Lyrics Gettin' Jiggy Wit It Explained on Genius Will Smith on Top Gear The Oscars thing (CW: violence, cuss words that Will Smith didn't used to have to rap to sell records) He's The Greatest Dancer by Sister Sledge; written by Bernard Edwards and Nile Rodgers of Chic News of the week New Cisco Intersight Kubernetes features Red Hat OpenShift v4.10 ChaosNative acquired by Harness Azure PlayFab launches Thundernetes Episode 26, with Cyril Tovena and Mark Mandel Hacker News commentary Weave GitOps v2022-03 Qumulo for Kubernetes SpectroCloud raises $40m Pinterest: 99% to 99.9% SLO, high performance control plane Uber: Avoiding CPU throttling in a containerized environment Links from the interview in-toto The Update Framework Purdue University Elmore Family School of Electrical and Computer Engineering Purdue Boilermakers Open Source Software Senior Design Projects NYU Tandon School of Engineering Justin Cappos PolyPasswordHasher Episode 155, with Priya Wadhwa apt-secure for Debian packages A keysigning and a signed PGP key Farm to table attestation Potato tracking An example of E. coli in lettuce in-toto record Project Trebuchet: How SolarWinds is Using Open Source to Secure Their Supply Chain in the Wake of the Sunburst Hack by Trevor Rosen, Solarwinds Reflections on Trusting Trust by Ken Thompson Secure Publication of Datadog Agent Integrations with TUF and in-toto US Executive Order on Improving the Nation's Cybersecurity Readout of White House Meeting on Software Security sigstore in-toto is the second most used format for sigstore SPIFFE SLSA in-toto moves to incubation in the CNCF CFSSL Math rock Covet: "falkor" TTNG: +3 Awesomeness Repels Water Bird of the Year The kea Breaking a police car Santiago Torres-Arias on Twitter and at badhomb.re

ThreatMapper is an open source tool that hunts for vulnerabilities in your production Kubernetes environment, and ranks them based on their risk of exploit. It is built by Deepfence, who also sell a commercial product based on it called ThreatStryker. Co-founder/CEO Sandeep Lahane and head of products/community Owen Garrett join Craig to discuss how to decide what to open and what to keep closed, and just how deep his fence needs to be. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Episode 171, with Frederic Branczyk Ahmet Alp Balkan's coffee beans French press Moka pot News of the week Go 1.18 released Go now with Google Cloud Continuous fuzzing in etcd Veritas says Kubernetes is an Achilles Heel in defense against ransomware attacks ARMO's changelog for the NSA/CISA hardening guide KubeScape Cloud Native Developer Bootcamp Use the code K8SPC30 for 30% off, if it's before April 19, 2022 when you read this Plural launches with $6m seed round Launch HN post Speed boost on Docker Desktop for Mac Track the Ever Forward Links from the interview Deepfence ThreatMapper: the open source project ThreatStryker: the commercial product A failed startup story Heartbleed Buffer overflow Address Sanitizer Intel SGX Chrome sandbox Intel MPX Spectre and Meltdown NGINX (the company) eBPF Forward secrecy Deepfence's Series A announcement Shifting left Behind 2 proxies MITRE ATT&CK matrix Cyber Kill Chain ThreatMapper on GitHub What's new in ThreatMapper 1.3.0? Sandeep Lahare and Owen Garrett on Twitter

The Argo project is a set of four tools to help "get stuff done" with Kubernetes: Workflows, CD, Rollouts and Events. Jesse Suen is a creator of the Argo project and co-founder and CTO of Akuity, a company set up to provide commercial support for it. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: kubernetespodcast@google.com twitter: @kubernetespod Chatter of the week Daylight saving time Container ship follow-up News of the week Backstage and in-toto join the CNCF Episode 136, with Lee Mills and Matt Clark Episode 155, with Priya Wadhwa Gloo Mesh 2.0 announced at SoloCon The New Stack coverage Linkerd failover operator cr8escape vulnerability in CRI-O GKE Autopilot vulnerabilities disclosed by Palo Alto Networks Updated Kubernetes hardening guide (PDF) KubeCon EU 2022 schedule Inside the numbers CNCF Observability micro-survey run:AI raises $75m Links from the interview Argo Project Argo (film) Jason and the Argonauts Applatix Pratik Wadher and Rahul Dhide Argo Workflows Applatix acquired by Intuit; Intuit acquired Applatix Marianna Tessel Alex Matyushentsev The archived Argo CI Argo CD Argo Rollouts GitOps Engine: Flux CD Argo and Flux joining forces First release of the GitOps Engine FAQ about why this didn't work out Remote vs Core Argo Events Original BlackRock announcement Argo in the CNCF Akuity The many Aaron Court Motels App of Apps ApplicationSets Join the CNCF Slack Argo Workflows and CD community meetings Jesse Suen on Twitter