Operations | Monitoring | ITSM | DevOps | Cloud

Kubernetes 1.23 - What's new?

Kubernetes 1.23 is about to be released, and it comes packed with novelties! Where do we begin? This release brings 45 enhancements, on par with the 56 in Kubernetes 1.22 and the 50 in Kubernetes 1.21. Of those 45 enhancements, 11 are graduating to Stable, a whopping 15 are existing features that keep improving, and 19 are completely new. The new features included in this version are generally small, but really welcomed. Like the kubectl events command, support for OpenAPI v3, or gRPC probes.

New Ideas On How To Install Epinio

Epinio, the application development engine for Kubernetes, is meant to take you from app to URL in one step. It does that by either applying buildpacks to your app or using a pre-built docker image. Epinio installs into any Kubernetes cluster to bring your application from source code to deployment and allow for developers and operators to work better together.

A Developer focused CI/CD pipeline for Kubernetes

As Kubernetes becomes the key target environment across many organizations, it automatically becomes an essential topic for developers. However, Kubernetes was created for operations and, unless you spend a considerable amount of time learning and specializing yourself, it is still challenging to use. Developers should rather focus on delivering applications instead, and a developer or application-focused platform is needed to enable that.

Introduction to Kubernetes

From Raspberry Pis to satellites in space, Kubernetes continues to be the lifeblood of the cloud-native landscape and is a fast-moving train increasing in both popularity and demand, among businesses and developers. As a result, K8s has experienced rapid adoption and progressive development as an ecosystem. But what exactly is Kubernetes and why is it so popular? Even more, what are the necessary basics for someone to get started with K8s?

How Qovery Community plan works

Since we launched Qovery in January 2020, we offered free hosting ("Community" plan) for every developer. Providing free hosting was the perfect way to get product feedback and iterate with our users without the cost constraint. As our hosting infrastructure costs have drastically grown within the last 18 months, we had to reinvent our free offer. In a nutshell, we will continue to offer free hosting to involved community members only. Keep reading to know more 👇

Kubernetes Master Class GitOps and Fleet Multi Cluster CD with EKS, GKE and AKS

GitOps is a relatively new model with a fast adoption rate because of how it enhances the continuous delivery workflow in the Kubernetes context. GitOps requires you to describe and observe systems with declarative configurations that will form the basis of continuous integration, continuous delivery and continuous deployment of your infrastructure. In this session, we will focus on making use of Fleet to manage deployments to multiple downstream clusters at scale.

5 Things Developers Need to Know About Kubernetes Management

Kubernetes management can be daunting for developers who don’t have specialized understanding of the orchestration technology. Learning Kubernetes takes practice and time, a precious commodity for devs who are under pressure to deliver new applications. This post provides direction on what you need to know and what you can skip to take advantage of Kubernetes. Let’s start with five things you need to know.

Kubernetes Master Class Security & Observability feat. Tigera

In this RKE-focused workshop for networking, security, and observability on containers, Kubernetes, and Calico, you will work with a Calico and RKE expert to learn how to design, deploy, and observe security and networking policies in an RKE environment. This 90-minute hands-on lab comes with your own provisioned Calico Cloud environment, designed to provide more complete knowledge on how to implement:– Workload access controls– Compliance and reporting– Run-time visualization of traffic flow and security policies– Service-level observability– Anomaly detection and live troubleshooting You will come away from this workshop with an understanding of how others in your industry are doing Kubernetes, container and cloud security, and observability in RKE, and how you can implement it in your own organization.

Kubernetes Master Class Managing Cluster Security at Scale

A Kubernetes cluster has various attack surfaces, from the API server to application traffic. It's important to understand what these potential areas of attack are, and from there, work out the best ways to mitigate the risks. This is especially important when managing multiple clusters. You want to ensure that you are following the right methods, and then standardizing those security approaches to be applied to all your clusters. In this session, we will cover some of the Kubernetes attack vectors and detail how to secure your clusters.

Kubernetes 1.23 rc testing with MicroK8s

Today, Kubernetes 1.23 release candidate was made available upstream for testing and experimentation. General availability is planned for December 7th, so now is the time to report back any issues or bugs. Developers, DevOps and open source software enthusiasts can try out the latest features using MicroK8s. MicroK8s is a lightweight, CNCF-certified Kubernetes distribution with a streamlined UX.

What's new in Sysdig - November 2021

Welcome to a new update of “What’s new in Sysdig.” Happy All Saints’/Souls’ Day! Happy International Pianist Day! Happy Thanksgiving! Happy Diwali! Glad alla helgons dag. The “What’s new in Sysdig” blog has been rotated to a new team, and this month, Peter Andersson is responsible for the publishing. Thanks to Chris Kranz for an excellent job compiling these articles earlier.

Turbocharging AKS networking with Calico eBPF

A single Kubernetes cluster expends a small percentage of its total available assigned resources on delivering in-cluster networking. We don’t have to be satisfied with this, though—achieving the lowest possible overhead can provide significant cost savings and performance improvements if you are running network-intensive workloads.

Crossplane and Shipa 101 - Your First Crossplane Abstraction

Kubernetes is viewed as one of the great equalizers between development and operations teams. Simply write a manifest and the declarative power of Kubernetes is off to fulfill your desired state. Kubernetes is certainly pluggable and has the ability to be extended / opinions being swapped internally. As any IT organization can tell you, even with Kubernetes there is a lot of integration work, and several parts of the stack such as IaC have been left outside of Kubernetes.

Kubernetes Security: 9 Best Practices for Keeping It Safe

Kubernetes dominates the container orchestration market in every way. According to the latest State of Kubernetes and Container Security study, 88% of enterprises utilise Kubernetes to manage a portion of their container workloads. Kubernetes and other orchestration systems have given software deployment and management a new level of robustness and customization. They also brought attention to the current security landscape's shortcomings.

A 3-step guide to troubleshooting and visualizing Kubernetes with Grafana Cloud

Back in May, we announced the Kubernetes integration to help users easily monitor and alert on core Kubernetes cluster metrics using the Grafana Agent, our lightweight observability data collector optimized for sending metric, log, and trace data to Grafana Cloud. Since then, we’ve made some improvements to help our customers go even further.

Challenges maintaining Prometheus LTS

In this article, we’ll cover the three main challenges you may face when maintaining your own Prometheus LTS solution. In the beginning, Prometheus claimed that it wasn’t a long-term metrics storage, the expected outcome was that somebody would eventually create that long-term storage (LTS) for Prometheus metrics. Currently, there are several open-source projects to provide long-term storage (Prometheus LTS). These community projects are ahead of the rest: Cortex, Thanos, and M3.

Deploying to production in <5m with our hosted container builder

Fast build times are great, which is why we aim for less than 5m between merging a PR and getting it into production. Not only is waiting on builds a waste of developer time — and an annoying concentration breaker — the speed at which you can deploy new changes has an impact on your shipping velocity. Put simply, you can ship faster and with more confidence when deploying a follow-up fix is a simple, quick change.

Real-time threat response for Kubernetes workloads, using threat intelligence feeds and deep packet inspection

Cloud-native transformations come with many security and troubleshooting challenges. Real-time intrusion detection and the prevention of continuously evolving threats is challenging for cloud-native applications in Kubernetes. Due to the ephemeral nature of pods, it is difficult to determine source or destination endpoints and limit their blast radius. Traditional perimeter-based firewalls are not ideal fit for Kubernetes and containers.

A Simple Guide to Taming the Beast That Is Kubernetes

Containers are amazing. But when you start to orchestrate them in a complex environment, they can become quite the beast. Kubernetes is one of the best tools to tame that beast, but few resources exist to help you manage your big data workloads on Kubernetes. If you want to learn how you can optimize your big data workloads on Kubernetes, this is for you.

Terraform and Shipa 101 - Your First Terraform and Shipa Cloud Integration

Leveraging Terraform, which is an infrastructure-as-code platform, is a great match. Using both technologies together is becoming more mature and there have been some great pieces around the art of the possible between the two platforms. Though if you are unfamiliar with both, this guide will get you up and started with both Terraform and Shipa together. In this example will be using Terraform to create all of the necessary Shipa resources to deploy to a Kubernetes cluster.

[Webinar] 5 Things to Consider When Migrating Databases to Kubernetes with Komodor & Ondat

Kubernetes is eating the world...at least the world of modern software engineering. Besides their applications, most businesses consider their data as the holy grail. It is key to the value they deliver. As they progress through application modernization, Kubernetes is the natural foundation to support their effort. But where should the data go? Is Kubernetes safe enough to take care of it? How to prepare for DB related incidents in an everchanging environment?

Sysdig & SUSE: Security & Visibility for SUSE Rancher

Securing a cloud-native environment, such as SUSE Rancher, requires unique considerations. New abstractions like containers, plus the dynamic nature of a Kubernetes orchestrated environment can hamper visibility, especially for legacy tools that aren’t designed for containers and cloud. To help, Sysdig and SUSE have launched a SUSE One Partner Solution Stack designed to not only showcase our joint solution, but also to provide easy ways for you to get started.

Kubernetes and the Enterprise

As more organizations transition to cloud-native applications in the enterprise, Kubernetes and its APIs are laying the foundation for a next era of distributed computing. But despite its growing adoption in the enterprise, Kubernetes remains complex to implement and manage effectively. This topic spotlight highlights the most common challenges of Kubernetes in the enterprise and offers up some recommendations on how to make Kubernetes adoption smooth and effective to drive productivity and business value.

Why and how to monitor AWS EKS

Amazon Elastic Kubernetes Service, or EKS, is a managed Kubernetes service. That means that Amazon Web Services (AWS) handles some of the deployment and management tasks for users. But the fact that EKS is a managed service doesn’t mean that AWS manages all administrative tasks. One key management task that isn’t fully covered as part of EKS is monitoring.

Ketch Now in the Civo Cloud Marketplace - Getting Started

Just behind the Ketch 0.6 Release, Ketch is now available for the first time in the Civo Marketplace. If you are unfamiliar with Civo, Civo is a Kubernetes based cloud provider allowing for the rapid creation of Kubernetes clusters. No matter where you are in the Kubernetes journey, the pairing of Civo and Ketch can allow you to fast-track your Kubernetes learnings or further your developer experience and guardrails with Kubernetes.

Kubernetes Application-Level API

The Kubernetes API is the front end of the Kubernetes control plane and is how users can interact with their clusters. In essence, it’s the interface used to manage, create, and configure the cluster and the state of objects. Using a standard API, Kubernetes allowed teams to focus on constructs and consume infrastructure across different providers.

Infrastructure as Code, part 1: create a Kubernetes cluster with Terraform

This series shows you how to get started with infrastructure as code (IaC). The goal is to help developers build a strong understanding of IaC through tutorials and code examples. Infrastructure as Code (IaC) is an integral part of modern continuous integration pipelines. It is the process of managing and provisioning cloud and IT resources using machine readable definition files.

What is Kubernetes Lens?

As a DevOps Engineer, one day you’re performing magic in the terminal, settling clusters, and feeling like a god. On some other days, you feel like a total fraud and scam. Errors and bugs appear from everywhere, you don’t know where to start, and you don’t know where to look. Sadly, days like this come far too often. To be more specific, what often causes these bad days is none other than Kubernetes itself.

Civo update - November 2021

In case you missed the big news, after almost two years in beta and early access phases, Civo is now general availability! Find out what this means for Civo and the future of the platform over at our blog. We've also launched the first-ever Civo Hackathon! This is an initiative to bring together developers, architects, experts, and students from across the globe to develop innovative Kubernetes projects on Civo.

Five Kubernetes Deployment Best Practices (Part 2)

In our previous post , we focused on tips for making the transition and migration to Kubernetes a smoother, and less painful process. In this post, we’d like to now provide some tips from the operational trenches for future-proofing your Kubernetes operation, after making the move. Kubernetes, as a software-driven system, has many benefits for engineers and DevOps teams to take advantage of.

Four Best Practices to Migrate to Kubernetes (Part 1)

Kubernetes has evolved into the leading platform to build your microservices systems. Given its increased maturity over the past few years as well as the robust ecosystem which has been built around its technology, Kubernetes has become more production-ready than ever. Nevertheless, it still has its own unique set of challenges. In particular, it brings a lot of complexity into play with its adoption.

Fast and simple troubleshooting with GUI-based Dynamic Packet Capture

With the Calico 3.10 release, Dynamic Packet Capture is available in Dynamic Service Graph. This means users who require self-service, live troubleshooting for microservices and Kubernetes workloads can capture and evaluate traffic packets on endpoints without writing a single line of code or using any 3rd-party troubleshooting tools. Users don’t need to learn about or have knowledge of kubectl or YAML to troubleshoot their microservices and Kubernetes cluster.

Open Source for Better Observability

Monitoring cloud-native systems is hard. You’ve got highly distributed apps spanning tens and hundreds of nodes, services and instances. You’ve got additional layers and dimensions—not just bare metal and OS, but also node, pod, namespace, deployment version, Kubernetes’ control plane and more. To make things more interesting, any typical system these days uses many third-party frameworks, whether open source or cloud services.

Learn How to Simplify Kubernetes Performance Management | Pepperdata

Complex applications running on Kubernetes scale super fast, but this can create visibility gaps that can make detecting and troubleshooting Kubernetes issues as difficult as finding a needle in a haystack. Although Docker and Kubernetes are now becoming standard components when building and orchestrating applications, you’re still responsible for managing the performance of applications built atop this new stack.

Label standard and best practices for Kubernetes security

In this blog post, I will be talking about label standard and best practices for Kubernetes security. This is a common area where I see organizations struggle to define the set of labels required to meet their security requirements. My advice is to always start with a hierarchical security design that is capable of achieving your enterprise security and compliance requirements, then define your label standard in alignment with your design.

Kubernetes Fully Managed: Overcoming CIOs challenges

Kubernetes is everywhere! In the public and private cloud, and from the enterprise to startups, the majority of IT executives around the world have explored Kubernetes, and how it has evolved the way many organisations are developing and deploying their applications. But what is scary about it, and how can organisations better leverage one of the greatest tools in the field while overcoming the biggest challenges facing CIOs when adopting Kubernetes?

KubeCon North America 2021 roundup

KubeCon/CloudNativeCon North America 2021 was a whirlwind of sessions, talks, panels, bonding, and learning. As it was a hybrid event, Civo was represented both in person at a booth that featured Sophia and David from our North American team, as well as virtually through our online booth and talks. Plus, we made an announcement of the General Availability of Civo Kubernetes at the event!