Kubernetes 1.27 is out - What is your favourite feature?

I know everyone is super excited for KubeCon and many of my friends are already in Amsterdam for Rejekts and KubeCon. It is a SOLD OUT event with 10,000 people attending, which is massive! A few pointers if you are attending it for the first time:

• Make sure to pre-plan the talks you want to attend. Check out the schedule and based on your interest level, shortlist some of the talks for each day. Select your talks based on the projects you are involved and technologies you want to learn.

• Give enough time for meeting the sponsors so that you can learn about what is happening in the cloud native space and also do networking. Do ask them if they have any job openings, very good chance of getting jobs at KubeCon.

• Make time for the Hallway track, great way to make new friends and meet new people and get involved in conversations.

• After parties are also a great way to network so make sure you RSVP and choose them beforehand.

• If you are already there then do not forget to attend Rejekts and then you have Kubernetes contributor summit(for which registration is mandatory) and the Co-located events that are technology specific like WASM etc.

Hope you all have a great KubeCon!

Coming to Kubernetes 1.27, I usually keep trying the dev builds and once the major release is out, I create a playground on Killercoda so that you all can try it very quickly right in your browser. This time is no different, I already have this Killercoda playground for Kubernetes 1.27.1 created for you to try out the new shiny features.

This edition features 60 enhancements. 18 - Alpha , 29 - Beta, and 13 - Stable. Some major highlights are:

• Kubernetes v1.27 release will not be published to the k8s.gcr.io registry.

• Pod scheduling readiness graduates to beta - you can specify when the pod is ready to be considered for scheduling.

• In place pod upgrades - This is allows you to change the resource, request limits without needing to restart it.

• CEL Match conditions and enhancements to Validating Admission policy, don’t know what it is? Watch my video here .

• Node Log access - helps the cluster administrators to get logs form the node to troubleshoot issues faster.

  example

  kubectl get --raw "/api/v1/nodes/node-1/proxy/logs/?query=kubelet"

• New VolumeGroupSnapshot - Helps to you take multiple volume snapshots together for better consistency.

• New volume mode ReadWriteOncePod that allows only a single pod to write to a volume.

• Faster SELinux volume relabeling - helps in speeding up the container start times.

• You can now fetch the CVE’s programatically.

What is your Kubernetes 1.27 feature? Comment or tweet ;)

Upcoming talks:

• Kubecon - If the VISA Gods are with me then I will be giving a session on Chaos mesh at KubeCon EU

• CD Con and GitOps Con - Navigating the Continuous Delivery Landscape, the Right Way - Again depends on Visa if this will be in person or virtual.

I am creating Youtube content, due to my health issues things have been delayed, thank you for your patience and support <3

Kubesimplify Updates

We have revamped our discord server, special thanks to Kunal Verma for doing that. Many new initiatives are starting, so do join our discord and get involved in the best cloud native discussions.

We did publish some cool blogs worth reading, btw we crossed 200k+ reads :) some of them are featured on hashnode too!

• How get started with Hashicorp Vault🛡️ by Dipankar Das

• Implementing Kubernetes Network Policies: A Comprehensive Guide by Srinivas Karnati

Follow Kubesimplify on Hashnode, Twitter and Linkedin. Join our Discord server to learn with us.

Videos

Sponsored content

• Instruqt - How to Improve the User Experience of Your Virtual IT Labs by Paul Thelen

• Komodor - Sessions You Shouldn’t Miss at KubeCon + CloudNativeCon Europe 2023 by Udi Hofesh

• Sysdig - Proxyjacking has Entered the Chat by CRYSTAL MORIN

• SlimAI - BigID Automates Container Security to Reduce Vulnerabilities and Maximize Security Posture by Pieter Van Noordennen

Awesome Reads

• Kubernetes 1.27 – What’s new? by VÍCTOR JIMÉNEZ CERRADA - Sysdig always nails down with awesome highlights to the new Kubernetes release. By now, you already know the major highlights as I mentioned them at the beginning of my newsletter.

• Announcing eBPF 2.0: excelBPF™ by Bill Mulligan- excelBFP is the next version of eBPF that brings eBPF benefits to spreadsheets. This will help the community to a large extent.

• Observability Made Easy: Building a RESTful API with Actix Web and OpenTelemetry by Engin- Very neat blog with introduction to Observability, OpenTelemetry, how to do OpenTelemetry in application and then expose metric endpoint.

• How WebAssembly is accelerating new web functionality by Thomas Nattestad- how WebAssembly is accelerating new web functionality by offering portability plus performant access to the CPU. This allows for faster iteration speed, immediate support across browsers, and improved security. However, a few disadvantages and limitations are also mentioned.

• Keeping Kubernetes Secure with Updated Go Versions by Jordan Liggitt - Kube community has worked with the Go community to address the difficulties of adopting new Go versions, which allows Kubernetes to update release branches to supported Go versions without exposing users to behavior changes. The Kubernetes maintainers remain committed to making Kubernetes patch releases safe and non-disruptive.

• Announcing WCGI: WebAssembly + CGI by Michael Bryan - Wasmer has announced the release of WCGI. WASM + CGI a powerful combo, allowing developers to reuse their existing CGI applications by compiling them to WASI.

• Let Spin lift your key-value store by Thorsten Hans - Spin has Key value support since version 0.9 and this article discuss how to use that feature to build a serverless application(a simple URL shortener)

• Kubernetes: Container Network Interface(CNI) by Claire Lee - Short concise read on Kubernetes CNI.

• vcluster + Dapr Cost Optimizations by Mauricio Salatino - A great use case using vcluster and Dapr.

• Unexpectedly Useful: A Real World Use Case For WebAssembly System Interface (WASI)

Learning resources/repositories

• s3cme - Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko generative SBOM, cosign attestation, and SLSA build provenance.

• credentials-operator - Automatically register and generate credentials for Kubernetes pods using SPIRE or Otterize Cloud

• Burn - A Flexible and Comprehensive Deep Learning Framework in Rust

• Fleek - Fleek is an all-in-one management system for everything you need to be productive on your computer.

Learn from Twitter

https://twitter.com/danielepolencic/status/1645398015736414210?s=20

https://twitter.com/PulumiCorp/status/1646530231639867392

Sponsors info

This issue is brought to you by, Komodor, Instruqt, Sysdig and SlimAI ->

Instruqt solves the critical onboarding challenge every enterprise faces. It’s the fastest way to ramp up developers to your unique tech stacks at scale. With Instruqt, you can create hands-on learning customized to your software environments and workflow.

Komodor is a Kubernetes reliability platform with automatic troubleshooting playbooks for every K8s resource and static-prevention monitors that enrich live & historical data with contextual insights to help enforce best practices and stop incidents in their tracks.

Sysdig is driving the standard for cloud and container security. The company pioneered cloud-native runtime threat detection and response by creating Falco and Sysdig as open source standards and key building blocks of the Sysdig platform

SlimAI - giving developers the power to build better cloud-native applications with less friction, complexity, and waste.

Comments

[Alex Rozdolskyi]

Any expectations of big announcements during KubeCon EU?

[Srinivasula reddy Karnati]

I always love the awesome reads section 🔥🔥