We conducted a Kubernetes Release Shadow program on Twitter Spaces where you can listen to the recording of what each area of the release team is composed of and how you can become a shadow.

I will be leading up Release Notes v1.25 and we are still accepting shadow applications until May 6th.

This newsletter edition is heavier on assets than news since I suspect a lot of projects and companies are holding their announcements for KubeConEU the week of May 16th.

If you are using Knative in your company I'm conducting user interviews for the User Experience Working Group, please reach out by volunteering your time for a short and simple interview.

News

Chainguard Enforce: Software Supply Chain Security for K8s – The New Stack — thenewstack.io

Zero-trust security company Chainguard has shipped the beta release of Chainguard Enforce, its first product

Kubernetes Release Shadow Program Twitter Space — twitter.com

Listen to the recording of the Twitter Space with members of the Kubernetes Release Team v1.25 https://twitter.com/i/spaces/1dRKZleNdzVJB

New GraalVM 22.1: Developer experience improvements, Apple Silicon builds, and more — medium.com

Today we’re releasing GraalVM 22.1! This release brings new features and lots of improvements —

Addressing latency and data transfer costs on EKS using Istio — aws.amazon.com

Data transfer charges are often overlooked when operating Amazon Elastic Kubernetes Service (Amazon EKS) clusters; understanding these charges would help reduce cost

Installing an Apache Kafka cluster on Kubernetes using Strimzi and GitOps – Civo.com — www.civo.com Strimzi is a Kubernetes operator which acts as a dedicated SRE for running Apache Kafka on Kubernetes

servicemesh.es | Service Mesh Comparison — servicemesh.es Service Mesh Feature Comparison — including Istio, Linkerd 2, AWS App Mesh, Consul, Maesh, Kuma, Open Service Mesh (OSM)

Exploring container security: Vulnerability management in open-source Kubernetes — cloud.google.com The Kubernetes Privacy Security Committee follows these steps when a vulnerability is reported.

Prevent Kubernetes misconfigurations during development with this open source tool — opensource.com Explore how the principles behind open source--collaboration, transparency, and rapid prototyping--are proven catalysts for innovation.

Assets

GitHub - The Kubernetes Security Profiles Operator — github.com The Kubernetes Security Profiles Operator. Contribute to kubernetes-sigs/security-profiles-operator development by creating an account on GitHub.

GitHub - SocketCAN Kubernetes device plugin — github.com SocketCAN Kubernetes device plugin. Contribute to collabora/k8s-socketcan development by creating an account on GitHub.

GitHub - Collection of gadgets for debugging and introspecting Kubernetes applications using BPF — github.com Collection of gadgets for debugging and introspecting Kubernetes applications using BPF - GitHub - kinvolk/inspektor-gadget: Collection of gadgets for debugging and introspecting Kubernetes applications using BPF

GitHub - OCI hook to trace syscalls and generate a seccomp profile — github.com OCI hook to trace syscalls and generate a seccomp profile - GitHub - containers/oci-seccomp-bpf-hook: OCI hook to trace syscalls and generate a seccomp profile

GitHub - Kernels for testing ebpf — github.com Kernels for testing tracee CO-RE feature. Contribute to aquasecurity/tracee-test-kernels development by creating an account on GitHub.

Skills

Self-Care is Not the Solution for Burnout — The Beautiful Truth — thebeautifultruth.org Psychologist Justin D. Henderson makes the case that we need to address the systemic and cultural dimensions of burnout.

TAG Observability Whitepaper — github.com

This paper aims to get you quickly started with different kinds of observability you might need to work within the cloud-native world.

CKAD Scenarios Kubectl-Contexts | Pod-Resources | ConfigMap Access — wuestkamp.medium.com In the CKAD exam you need to breath kubectl. Kubectl is a client for the Kubernetes Apiserver and allows you to perform all kinds of operations. A kubectl context contains connection information to a…

You Don't Need an Image To Run a Container — iximiuz.com How to run container without an image? Why do you need container images? What problems container images solve?