This is Infra Weekly Newsletter, a newsletter about infrastructure, cloud, DevOps, automation, servers, Linux and related subjects.
Please subscribe now. I am back after a vacation of two weeks.
The Soul of a New Command: Adding ‘Events’ to kubectl
Introduced as an alpha feature in the Kubernetes 1.23 release, the ‘kubectl alpha events’ command resolves some issues that could not be fixed within the generic ‘kubectl get’ command. Join us to re-live and explore: * How the need for ‘kubectl events’ came about.
Kilo is a multi-cloud network overlay built on WireGuard and designed for Kubernetes
Kilo connects nodes in a cluster by providing an encrypted layer 3 network that can span across data centers and public clouds. The Pod network created by Kilo is always fully connected, even when the nodes are in different networks or behind NAT. By allowing pools of nodes in different locations to communicate securely, Kilo enables the operation of multi-cloud clusters. Kilo's design allows clients to VPN to a cluster in order to securely access services running on the cluster. In addition to creating multi-cloud clusters, Kilo enables the creation of multi-cluster services, i.e. services that span across different Kubernetes clusters.
An introductory video about Kilo from KubeCon EU 2019 can be found on youtube.
Submariner: cross-cluster L3 connectivity for Kubernetes
Submariner enables direct networking between Pods and Services in different Kubernetes clusters, either on-premises or in the cloud.
https://submariner.io/
https://github.com/submariner-io/
Kubernetes Everywhere: Lessons Learned From Going Multi-Cloud
Many companies are interested in deploying their products across multiple cloud providers, but few actually see it through. While benefits like avoiding provider lock-in and increased uptime during provider outages are attractive, several factors are important to consider. Grafana Labs successfully deployed across AWS, Azure, DigitalOcean, GCP, and Linode in more than 30 regions; that includes inter-cloud network connections. This talk will explore some of the large and subtle differences in networking and managed Kubernetes services between said providers. We’ll discuss the approaches we took while scaling our infrastructure across multiple environments, the challenges we faced, and what worked in the end.
Effective PostgreSQL Cluster Configuration & Management Using PGO v5.1
PGO is a Postgres operator for Kubernetes that handles cluster management and much more.
https://www.crunchydata.com/blog/effective-postgres-cluster-config-and-management-using-pgo-v5.1
MongoDB announces the ability for Atlas to separate nodes
This week, at MongoDB World 2022, Atlas gained a new set of capabilities that simplifies the large-scale data analysis and query needs of modern data-intensive application builders.
How Kubernetes over bare metal infrastructure improves TCO
Deploying cloud-native applications using Kubernetes over a bare-metal infrastructure is more cost-efficient than using the virtualized infrastructure. Compared to virtualized infrastructure, it’s less complex, resulting in easier operations and maintenance, lower power consumption and fewer costs related to software licenses and hardware – a TCO reduction of 28 per cent is possible. Find out how.
DNS TOYS, useful utilities and services over DNS
Years ago, I realised that DNS could be used for more than resolving IPs and mail servers, after seeing Consul doing service resolution with DNS.
https://github.com/knadh/dns.toys
Prometheus intro and deep dive
Grafana Labs Engineer Björn “Beorn” Rabenstein joined his fellow Prometheus project maintainers to provide an introduction to Prometheus, followed by a deep dive into the exciting new features that have been released recently or are in the pipeline. You will learn about the many opportunities to use Prometheus — and perhaps be tempted to contribute to the project yourself.
Alerting in the Prometheus Ecosystem: The Past, Present and Future
One of the most important functionalities of Prometheus is being able to alert based on your metrics. The Prometheus Alertmanager is a critical piece of cloud-native observability, and in this talk, Josue wants to share a bit more of its past, present and future.
What Is SLSA? SLSA Explained In 5 Minutes
SLSA (Supply-chain Levels for Software Artifacts), is a security framework and a common language for improving software security and supply chain integrity. It is a cross-industry collaboration, maintained as part of the OpenSSF, that is based on concepts Google has been using internally since 2013 for all of their production software.
Psycopg3: Powerful Tech Preview with SQLAlchemy 2.0
https://realcode.space/2022/05/10/psycopg3-powerful-tech-preview-with-sqlalchemy-2/
terraform-provider-hydra
A Terraform provider for declaratively managing Hydra projects and jobsets, Determinate Systems' first open-source release. Hydra is the CI server built for nix.
https://determinate.systems/posts/terraform-provider-hydra/
HCP Consul on Azure is Now in Public Beta
HCP Consul on Microsoft Azure is now available in public beta. Get started today with a secure, resilient service mesh for connecting applications running in Azure.
Amazon EMR Serverless Now Generally Available
AWS has made GA Amazon EMR Serverless.
Haskell in Production: Haskoin
Serokell interviews Jean-Pierre Rupp about using Haskell in production. Jean-Pierre mentions quickcheck and STM as some very important features of Haskell. Jean-Pierre works for blockchain.com.
https://serokell.io/blog/haskell-in-production-haskoin
Building faster rsync from scratch in GO
https://hackaday.com/2022/06/01/building-faster-rsync-from-scratch-in-go/
Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
Interesting malware that can hook up to BPF.
https://blogs.blackberry.com/en/2022/06/symbiote-a-new-nearly-impossible-to-detect-linux-threat
That’s all for this week.