CNW #6: Future of Kubernetes and NSA Kubernetes Hardening Guide
What is beyond Kubernetes in 2022.
I hope you are doing well. In this letter, you will see some of the interesting articles and resources that I find useful. We have reached 82 subscribers today on this newsletter and I hope the growth will continue. I plan to keep my content free of cost for my readers. The only help I need from you is to share this newsletter with your social network.
This covers the evolution in Kubernetes resources, NSA Kubernetes hardening guide and Daniele’s thread on SQL Injection and XSS attack - example and prevention using Kubernetes Ingress Controller.
🚀 The future of Kubernetes - beyond Kubernetes in 2022
As a cloud-native developer, where should you focus after Kubernetes in 2022? Michael has shared his views on various paradigms and projects such as KEDA, knative, CloudEvents, Tekton, and many more. Thought provoking article, you should read to understand what next you should focus on if you are building on Kubernetes platform.
NSA/CISA Kubernetes Hardening Guide
NSA and CISA have updated their jointly written Kubernetes Hardening Guide [PDF]. I would suggest going through this guide thoroughly and then utilize tools such as steampipe or Kubescape to automate the benchmarking. I have covered steampipe in my previous post.
steampipe check benchmark.nsa_cisa_v1_network_hardening_cpu_limit
Docker has released 4.6 version of Docker Desktop which is introducing an important experimental feature that improves IO by up to 98%. It is going to improve developer productivity by faster operations. This is particularly useful if you are doing frequent docker operations such as builds on your Mac. It also fixes linux dirty pipe critical vulnerability. By default, virtiofs is not enabled so need do additional few steps to enable it after the upgrade.
📆 KCD Chennai 2022 [3-4 June 2022, Virtual] - Kubernetes Community Days organized by Chennai chapter with prominent speakers such as Liz Rice (Isovalent) and Uma M (ChaosNative). If you are interested in submitting a CFP, the last date is 20th March.
Subscribe if you are new to this newsletter to receive updates.
Tweet of the Week
Daniele shared an interesting view on how to protect from SQL injection and XSS attacks in Kubernetes using ingress controllers and gateways.
CloudYuga Hands-On Labs
CloudYuga has taken a different approach as compared to Katacoda to create labs that stitch content with the code similar to Jupyter notebooks. There is a lot of learning material on their platform which you can use (free at the moment). Suggest you try their eBPF lab.
Book I am Reading
I enjoy Will Larson’s content - books and his blog where he shares valuable insight and first-hand learning on engineering leadership.