KubeCon EU 2024 was the largest KubeCon yet! Explore the trends and learnings from the event through interviews with attendees.   Featuring: Olivia Al-Joundi Tabitha Sable Sreeram Venkitesh Lachlan Evenson James Blair Ian Coldwater Gabriele Bartolini Benjamin Koltermann Benazir Khan   And additional Guest Host, Mofi Rahman.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Go Workspaces in Kubernetes Blog by Tim Hockin Fermyon SpinKube donation announcement Istio Announces the Beta Release of Ambient Mode - Blog KubeCon EU 2024 CNCF Highlights Blog Kubestronaut Program Announcement Blog CNCF Udemy Partnership Announcement Blog Cloud Native Hacks Winners Blog KubeCon NA CFP KubeCon CloudNativeCon NA Cloud Native Glossary — the Japanese version is live! - Blog KuberTENes logo design contest KuberTENes.cncf.io Links from the interview   From Zero to Hero: Scaling Postgres in Kubernetes Using the Power of CloudNativePG - Gabriele Bartolini, EDB This Meeting Is Better Than An Email: A Panel Discussion on Facilitating Great Meetings SIG Security Update: Growing Together Cloud Native Rejekts Links from the post-interview chat WasmCon 2023 Kubernetes Podcast episode Ray on Kubernetes (KubeRay)  

Matt Klein is the CTO of bitdrift which is building a Mobile observability platform. Matt is known for being the creator of Envoy, one of the most popular open source proxies in the cloud space.  Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Cloud Native Rejekts CNCF 2024 Prospectus KubeCon Paris Guide Abdel co-authored KubeCon Paris Recommendations Map Links from the interview Matt Klein: Twitter LinkedIn Envoy Proxy Twitter kicks Android app users out for five hours due to 2015 date bug NGINX HAProxy Matt Klein’s X post about 1 billion pulls for envoy on DockerHub Envoyproxy on DockerHub Envoymobile Rust programming language

Mike Coleman is a developer advocate at Sysdig focused on open source software and spends a lot of time working on the Falco project. We’ll explore how Falco enables runtime security, and celebrate its recent graduation!   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Falco Graduation announcement Google Gemma Open Model GitOps Associate Certification (CGOA) Certified GitOps Associate (CGOA) Exam Linkerd 2.15 announcement Linkerd 2.15 stable release announcement Crossplane 1.15 announcement Open Source Summit North America Schedule Cloud Native Security Con North American Cloud Native Security Con America CFP Links from the interview Mike Coleman LinkedIn Twitter "Docker?!?! But, I’m a sysadmin" - Mike Coleman Mike Colemane and Bill Gates in an Earthquake Falco project LinkedIn Twitter Slack KubeCon NA 2019 CTF Cryptomining Detection Using Falco Navigating Open Source Project Hurdles to Achieve Community Enpowerments Aizhamal Nurmamat kyzy & Bob Killen Wrangle your alerts with open source Falco and the gcpaudit plugin Falcosidekick Practical Cloud Native Security with Falco Certified Kubernetes Security (CKS) exam

Lucas Käldström is a CNCF Ambassador, Kubernetes contributor and expert. Lucas Co-led SIG cluster lifecycle, ported Kubernetes to ARM and shepherded kubeadm from inception to GA. Today Lucas runs three meetup groups in Finland, studies at Aalto University, and, when time allows, contributes to cloud native software as a contractor. We chatted about Kubernetes API machinery, Chaos, Entropy, and Dishwashers. Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Weaveworks shutdown their operations Weavwork CEO Alexis Richardson post on Linkedin kubetrain.io Bytedance KubeAdmiral on GitHub Bytedance KubeAdmiral Announcement on InfoQ Strimzi joins the CNCF Incubator Microsoft new Cost Management tools for Azure Links from the interview Lucas Käldström LinkedIn Twitter/X Kubernetes as a dishwasher Understanding Kubernetes Through Real-World Phenomena and Analogies - Lucas Käldström Lucas research thesis Paper - Large-scale cluster management at Google with Borg API Machinery Dr. Stefan Schimanski KCP - Kubernetes-Like Control Plane Kubernetes API Conventions SIG Architecture Ingress2gateway - Ingress to Gateway Migrator Promise Theory: Principles and Applications (Mark Burgess, Jan Bergstra) In Search of Certainty: The Science of Our Information Infrastructure (Mark Burgess) Sweden Finns Links from the post-interview chat Keynote: Reperforming a Nobel Prize Discovery on Kubernetes - Ricardo Rocha & Lukas Heinrich Why Service Is the Worst API in Kubernetes, & What We’re Doing About It - Tim Hockin Gateway API TCP Routes Community-Powered Kubernetes LTS: Ensuring Stability and Compatibility While Driving Innovation Jeremy Rickard https://github.com/yannh/kubeconform

Madhav Jivrajani is an engineer at VMware, a tech lead in SIG Contributor Experience and a GitHub Admin for the Kubernetes project. He also contributes to the storage layer of Kubernetes, focusing on reliability and scalability. In this episode we talked with Madhav about a recent post on social media about a very interesting stale reads issue in Kubernetes, and what the community is doing about it.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod Chatter of the week Mofi Rahman co-host this episode with Kaslin Twitter/X LinkedIn Kubernetes Podcast episode 211 News of the week Google announced a new partnership with Hugging Face RedHat self-managed offering of Ansible Automation Platform on Microsoft Azure The schedule for KubeCon CloudNativeCon EU 2024 is out CNCF Ambassador applications are open The CNCF Hackathon at KubeCon CloudNativeCon EU 2024 CFP is open now The annual Cloud Native Computing Foundation report for 2023 CNCF's certification expiration period will change to 24 months starting April 1st, 2024. Sysdig 2024 Cloud Native Security and Usage Report Links from the interview Madhav Jivrajani Twitter/X LinkedIn Priyanka Saggu Interview Stale reads Twitter/X thread by Madhav "Kubernetes is vulnerable to stale reads, violating critical pod safety guarantees" - GitHub Issue tracking the stale reads CAP Theorem issue CMU Wasm Research Center "A CAP tradeoff in the wild" blog by Lindsey Kuper "Reasoning about modern datacenter infrastructures using partial histories" research paper The Kubernetes Storage Layer: Peeling the Onion Minus the Tears - Madhav Jivrajani, VMware KEP-3157: allow informers for getting a stream of data instead of chunking. KEP 2340: Consistent Reads from Cache Journey Through Time: Understanding Etcd Revisions and Resource Versions in Kubernetes - Priyanka Saggu, KubeCon NA 2023 Kubernetes API Resource Versions documentation

Guest is Bill Mulligan. Bill is Community Pollinator at Isovalent working on Cilium and eBPF. We learned how to properly pronounce Isovalent and what it actually means. We also spoke in depth about eBPF, Cilium, network function in Kubernetes and more.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week The Kubernetes legacy Linux package repositories are going away in January 2024 Kubernetes 1.29 is now available on GKE in the Rapid Channel The Vmware Tanzu Application Catalog is fully compliant with the SLSA Level 3 AWS extended support for Kubernetes minor versions pricing update The Kubernetes Contributor Summit Paris CFP is Open, closes Feb 4th KubeCon and CloudNativeCon EU 2024 co-located events agenda is live The Cloud Native Glossary is now available in French Blixt a new experimental LoadBalancer based on the Gateway API and eBPF Links from the interview Bill Mulligan: LinkedIn Twitter/X Covalent bonds on Wikipedia Isovalent Hybridization on Wikipedia Isovalent company site BPF - Berkeley Packet Filtering eBPF project site Fast by Friday: Why eBPF is Essential - Brendan Gregg GKE Dataplane V2 Cilium project site Hubble documentation Cilium Service Mesh Cilium annual report Cilium Certified Associate (CCA) CCA Study Guide from Isovalent on GitHub Istio Certified Associate (ICA) Certified Kubernetes Administrator (CKA) Certified Kubernetes Application Developer (CKAD) Kubernetes and Cloud Native Associate (KCNA) Resources to prepare for the CCA certification Isovalent library The World of Cilium Cisco acquired Isovalent Developing eBPF Apps in Java BGP in eBPF

This week’s guests are Johnny Horvi and Frode Sundby from NAVs (Norwegian Labour and Welfare Administration) platform team. We talked about NAIS. A kubernetes-based team centric platform aiming at providing the tools needed to deploy and operate apps easily.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week Kubernetes 1.29 features: https://kubernetes.io/blog/2023/12/14/cloud-provider-integration-changes/ https://kubernetes.io/blog/2023/12/20/contextual-logging-in-kubernetes-1-29/ https://kubernetes.io/blog/2023/12/19/pod-ready-to-start-containers-condition-now-in-beta/ https://kubernetes.io/blog/2023/12/19/kubernetes-1-29-taint-eviction-controller/ https://kubernetes.io/blog/2023/12/18/read-write-once-pod-access-mode-ga/ https://kubernetes.io/blog/2023/12/18/kubernetes-1-29-feature-loadbalancer-ip-mode-alpha/ https://kubernetes.io/blog/2023/12/15/kubernetes-1-29-volume-attributes-class/ https://kubernetes.io/blog/2023/12/15/csi-node-expand-secret-support-ga/ Kubernetes 1.29 release lead Interview Cisco acquired Isovalent Cilium 2023 Annual report KubeCon and CloudNativeCon Paris 2024 Hackathon https://www.cncf.io/blog/2023/12/20/kubecon-cloudnativecon-europe-hackathon-challenges-brought-to-you-by-the-united-nations/  https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/ https://unite.un.org/  https://sdgs.un.org/goals OpenFeature incubated as a CNCF project   Links from the interview Guests: Johnny Horvi Frode Sundby Nais Nais.io Twitter/X Github NAV JBoss IBM Websphere Apache Mesos   Links from the post-interview chat Nais on GitHub  

In this episode we interviewed Priyanka Saggu, Kubernetes v1.29 release lead and SIG ContribEx Tech Lead. We spoke about the release, the new features and enhancements, and more.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week Kyverno completes third-party security audit Google Deepmind Introduction to Gemini Google launches Gemini - The Verge Linux Foundation Newsletter: November 2023 High Performance Software Foundation (HPSF) Founding Announcement App Defense Alliance joins Joint Development Foundation under the Linux Foundation Open Source Summit North America 2023 CFP (closes January 14, 2024) Links from the interview Kubernetes v1.29 release information page on k8s.dev Removals, Deprecations, and Major Changes in Kubernetes 1.29 Release Blog - Kubernetes v1.29: Mandala Breaking changes KEP 2395: Removing In-Tree Cloud Providers (SIG Cloud Provider, Beta) Kubernetes v1.28 on the Kubernetes Podcast from Google - discussion of removal of in-tree storage plug-ins Major Changes KEP 1287: In-Place Update of Pod Resources (SIG Node, Alpha) Support in-place Pod vertical scaling in VPA KEP 753: Sidecar Containers (SIG Node, Beta)   Stable KEP 3299: KMS v2 Improvements OR KMSv2 (SIG Auth) SIG Etcd on the Kubernetes Podcast from Google KEP 2485: ReadWriteOncePod PersistentVolume Access Mode (SIG Storage, SIG Scheduling) KEP 727: Kubelet Resource Metrics Endpoint (SIG Instrumentation) “The Kubelet Summary API is a source of both Resource and Monitoring Metrics. Because of it’s dual purpose, it does a poor job of both.” Beta KEP 2799: Reduction of Secret-based Service Account Tokens (SIG Auth) Alpha KEP 3866: nftables kube-proxy backend (SIG Network) [KCSNA 2023] Iptables the end of an era - Dan Winship, Antonio Ojea   Links from the post-interview chat   Kaslin’s blog about “Out of Tree” Kubernetes In this episode we interviewed Priyanka Saggu, Kubernetes v1.29 release lead and SIG ContribEx Tech Lead. We spoke about the release, the new features and enhancements, and more.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week Kyverno completes third-party security audit Google Deepmind Introduction to Gemini Google launches Gemini - The Verge Linux Foundation Newsletter: November 2023 High Performance Software Foundation (HPSF) Founding Announcement App Defense Alliance joins Joint Development Foundation under the Linux Foundation Open Source Summit North America 2023 CFP (closes January 14, 2024) Links from the interview Kubernetes v1.29 release information page on k8s.dev Removals, Deprecations, and Major Changes in Kubernetes 1.29 Release Blog - Kubernetes v1.29: Mandala Breaking changes KEP 2395: Removing In-Tree Cloud Providers (SIG Cloud Provider, Beta) Kubernetes v1.28 on the Kubernetes Podcast from Google - discussion of removal of in-tree storage plug-ins Major Changes KEP 1287: In-Place Update of Pod Resources (SIG Node, Alpha) Support in-place Pod vertical scaling in VPA KEP 753: Sidecar Containers (SIG Node, Beta)   Stable KEP 3299: KMS v2 Improvements OR KMSv2 (SIG Auth) SIG Etcd on the Kubernetes Podcast from Google KEP 2485: ReadWriteOncePod PersistentVolume Access Mode (SIG Storage, SIG Scheduling) KEP 727: Kubelet Resource Metrics Endpoint (SIG Instrumentation) “The Kubelet Summary API is a source of both Resource and Monitoring Metrics. Because of it’s dual purpose, it does a poor job of both.” Beta KEP 2799: Reduction of Secret-based Service Account Tokens (SIG Auth) Alpha KEP 3866: nftables kube-proxy backend (SIG Network) [KCSNA 2023] Iptables the end of an era - Dan Winship, Antonio Ojea   Links from the post-interview chat Kaslin’s blog about “Out of Tree” Kubernetes

This episode Kaslin went to KubeCon North America In Chicago. She spoke to folks on the ground, asked them about their impressions of the conference, and collected a bunch of cool responses. Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod News of the week Google researchers discover 'Reptar,’ a new CPU vulnerability Reptar by Tavis Ormandy Tim Hockin: Kubernetes Needs a Complexity Budget Kubernetes' Tim Hockin on a decade of dominance and the future of AI in open source  Keynote: A Vision for Vision - Kubernetes in Its Second Decade - Tim Hockin Open and Secure: A Manual for Practicing Thread Modeling to Assess and Fortify Open Source and Security Announcing our latest book release: a comprehensive security guide to assess and fortify open source security Links from the interview CNCF LLM Starter Pack Crossplane Web Assembly Intro to Kubernetes Gateway API Links from the post-interview chat  SIG ContribEx Comms Team Rap by Bart Farrell

Jesper Larsson is a Freelance PenTester. Jesper works with a hacker community called Cure53. Co-organizes SecurityFest in Gothenburg, Sweden. Hosts Säkerhetspodcasten or The Security Podcast. Jesper is also a Star on Hackad, a Swedish TV Series about hacking.   Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod   News of the week Kubernetes Removals, Deprecations, and Major Changes in Kubernetes 1.29 Introducing SIG etcd etcd, with Marek Siarkowicz and Wenjia Zhang (The Kubernetes Podcast from Google) WebAssembly (WASM) and OpenShift: A Powerful Duo for Modern Applications Linux Foundation Events Pass the torch in ContribEx #7603 Links from the interview Cure53 Hacker Community Säkerhetspodcasten Hackad TV Show on IMDB SecurityFest Gothenburg Falco by Sysdig Wolfi by Chainguard The Untold Story of NotPetya, the Most Devastating Cyberattack in History Links from the post-interview chat The Untold Story of NotPetya, the Most Devastating Cyberattack in History