Newsletter of Carlos Santana — Issue #34

7 min readApr 19, 2022

Some news around Kubernetes, The Release team 1.24 is working very hard to get a quality build out the door, but due to a bug in golang the final 1.24 release date was moved to May 3rd ⏲

I’m the new release notes lead for 1.25 and the shadow application is open for people to apply. 🚀

News

The Principle of Ephemerality — blog.chainguard.dev
TL;DR: Everything that can be ephemeral, should be ephemeral.

What’s New in Talos 1.0 | Talos Linux

www.talos.dev
List of new and shiny features in Talos Linux.

3 CloudOps Companies That Want You To Destroy Kubernetes in Prod | by Molly Sheets | Apr, 2022 | Medium — medium.com
In the last month, I investigated the portfolios of newer companies in devops and liveops because I had a hunch something interesting was happening in the world of reliability — is chaos engineering…

Kubernetes Removals and Deprecations In 1.24 | Kubernetes — kubernetes.io

Cloud Native Is The New Architecture Mantra For Core Banking Solutions — vedcraft.com
Cloud Native technologies are in mainstream adoption and Cloud native is the new architecture mantra for core banking solutions. Read more.

Achieving SLSA 3 Compliance with GitHub Actions and Sigstore for Go modules | The GitHub Blog — github.blog
Learn how to build packages with SLSA 3 provenance using GitHub Actions.

Measuring Argo Workflow Costs with Kubecost -

blog.kubecost.com
Learn how you can use Argo and Kubecost together to optimize your Kubernetes workflows and gain insights and visibility into your cloud costs.

Security alert: Attack campaign involving stolen OAuth user tokens issued to two third-party integrators — github.blog

On April 12, GitHub Security began an investigation that uncovered evidence that an attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI

Scaling containers on AWS in 2022 :: Vlad Ionescu — www.vladionescu.me
Comparing how fast containers scale up in 2022 using different orchestrators on AWS

My adventure with Helm as GitOps in a distributed architecture | by Axel Gendillard | Feb, 2022 | Medium — medium.com
The “DevOps” community has brought me useful knowledge since I started my career. Now it’s my turn to give back to the community. I would like to share some of my experience about Helm configuration…

An update to Raspberry Pi OS Bullseye — Raspberry Pi — www.raspberrypi.com
Over the years, we have gradually ramped up the security of Raspberry Pi OS. Here’s Simon Long to tell you what has changed.

Announcing Docker SBOM: A step towards more visibility into Docker images — Docker

www.docker.com
Learn from Docker experts to simplify and advance your app development and management with Docker. Stay up to date on Docker events and new version announcements!

Argo CD Best Practices | Container Hub — medium.com
Discover key best practices for Argo CD that allow you to leverage GitOps easily within your deployment workflow.

The differences between Docker, containerd, CRI-O and runc — Tutorial Works — www.tutorialworks.com
Let’s answer the question of Docker vs CRI-O, and other common questions about different container runtimes.

9 reasons you have technical debt and how to reduce it | The Enterprisers Project — enterprisersproject.com
Don’t let technical debt hinder your organization’s digital transformation. Here are nine leading causes and a four-step strategy to overcome technical debt

Google Online Security Blog: Improving software supply chain security with tamper-proof builds — security.googleblog.com
Posted by Asra Ali and Laurent Simon, Google Open Source Security Team (GOSST) Many of the recent high-profile software attacks that have al…

Announcing AWS Lambda Function URLs: Built-in HTTPS Endpoints for Single-Function Microservices — aws.amazon.com

Assets

Using Fio to Tell Whether Your Storage is Fast Enough for Etcd | IBM — www.ibm.com
The short story: fio and etcd

GitHub — kris-nova/kaar — github.com
Kubernetes Application Archive. Contribute to kris-nova/kaar development by creating an account on GitHub.

Build smaller, faster, and more secure desktop applications with a web frontend | Tauri Studio — tauri.studio
Tauri is a framework for building tiny, blazing fast binaries for all major desktop platforms. Developers can integrate any front-end framework that compiles to HTML, JS and CSS for building their user interface.

GitHub — disneystreaming/ssm-helpers — github.com
Help manage AWS systems manager with helpers. Contribute to disneystreaming/ssm-helpers development by creating an account on GitHub.

GitHub — patrickdappollonio/tabloid — github.com
tabloid is a simple command line tool to parse and filter column-based CLI outputs from commands like kubectl or docker — GitHub — patrickdappollonio/tabloid: tabloid is a simple command line tool to parse and filter column-based CLI outputs from commands like kubectl or docker

Functional Web App (FWA)

fwa.dev
The Functional Web App (FWA) is an architectural pattern for building dynamic web applications and APIs.

GitHub — CaravanaCloud/task-tree — github.com
Automating maintenance and troubleshooting tasks for Cloud Computing — GitHub — CaravanaCloud/task-tree: Automating maintenance and troubleshooting tasks for Cloud Computing

Skills

Kubernetes events | Kube Events — kube.events
Curated meetups, conferences, training and webinars on Kubernetes

Automate CI/CD on pull requests with Argo CD ApplicationSets | Red Hat Developer — developers.redhat.com
Use Argo CD’s ApplicationSets and pull request generator with Tekton and Red Hat OpenShift tools to bring GitOps workflows into your CI/CD processes.

New Kube blog site — kubesimplify.com
On a mission to teach cloud native to everyone.

Securing Grafana with Keycloak SSO — medium.com
In this story i will show how to deploy and configure Keycloak in a local Kubernetes cluster, then deploy Grafana and use the Keycloak instance for authentication and authorization. I already wrote…

Load balancing and scaling long-lived connections in Kubernetes — learnk8s.io
Kubernetes doesn’t load balance long-lived connections and some Pods might receive more requests than others. Learn how to fix that.