Cloudnative with Saiyam - October "I am back" Edition
Welcome to the October edition and thank you all for supporting my work. You people are the best.
If you have loved me and my content then you will love this too <3 . I want this to be like me telling you stuff that I found useful and from where I learnt this month. If you have anything to be included, feel free to reach out on Twitter. This is the October edition - streams are back!!
Streams are back!
Yes, streams are back and a lot more planning going in the store!
October month streams:
Okteto Deep dive with Ramiro
Thanos Deep dive with Wiard
Cloud native chaos paradigms with Karthik and Prithvi
Linkerd Deep dive with Tarun
Upcoming: A lot is planned for November, subscribe to the channel for constant updates. Below are already scheduled at the time of writing this:
Tools of the month
sciuro - Sciuro is a bridge between Alertmanager and Kubernetes to sync alerts as Node Conditions. It is designed to work in tandem with other controllers that observe Node Conditions such as draino or the cluster-api.
sigstore - it is a generic library / framework that is utilized by various other clients and projects including fulcio (webPKI), cosign (container and OCI signing tool) and tektoncd/chains (Supply Chain Security in Tekton Pipelines). It recently released its v1.0.0
APIclarity - APIClarity, an open source cloud native visibility tool for APIs, utilizes a Service Mesh framework to capture and analyze API traffic, and identify potential risks.
kdigger - "Kubernetes digger", is a context discovery tool for Kubernetes penetration testing. This tool is a compilation of various plugins called buckets to facilitate pentesting Kubernetes from inside a pod.
CNCF Landscape - CNCF recently released a nice way to navigate through the landscape which will be good for everyone in cloud native to understand CNCF better.
Workshops and Go book
How to Code in go - PDF free book
Hands-On Workshops: From container basics to Kubernetes and Docker introductions, VMware Tanzu provides developers hands-on, self-paced workshops to strengthen industry skills.
Falco Labs: Learn how to use Falco. Without leaving your browser!
Good October reads
CVE-2021-25742: Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces.
Above CVE solution using Kyverno
PIXIE is an Instant open-source debugging for your applications on Kubernetes. In this article it is explained how pixie uses ebpf.
Understanding how Facebook disappeared from the Internet - This was huge news and this post does a very good job explaining the issue.
Scaling Kubernetes Tenant Management with Hierarchical Namespaces Controller
Multi-Tenant Kubernetes Clusters: Challenges and Useful Tooling
KubeCon 2021 NA
I didn't attend KubeCon as I was on Paternity leave during that time but I see there are great wrapup blogs and videos. All the Kubecon videos also will be up on YouTube anytime soon so watch out for CNCF channel on Youtube.
Kubecon wrap up video
Learn from Tweets!
Sponsored Content
This issue is brought to you by Teleport -> Teleport empowers engineers to quickly and securely access any computing resource anywhere on the planet. The Access Plane allows engineers and security professionals to unify secure access and provide visibility to infrastructure, applications, and data across all environments.
Teleport version v7 came out with mongodb support and other features
https://goteleport.com/blog/securing-mongodb/
https://goteleport.com/blog/what-is-hsm/
https://goteleport.com/blog/preventing-data-exfiltration-with-ebpf/
My supporters
Thank you to the amazing members -> POP, Rawkode, Marky, Noel, Walid, Cedric and Jack
Thanks to Teleport for being a platinum member
Want to be a member and support my work, check out the membership program
Do not forget to subscribe to my YouTube channel
Thank you for reading this edition and hope you like it, let me know if you are doing something great that will benefit the community, I will include that.