Kubernetes Podcast from Google

Red Hat maintains a full set of container tools and libraries, bringing their pedigree in security and operating system engineering. The most notable of those tools, Podman, has had a surge in popularity this month, after Docker announced changes in their subscription model. Daniel Walsh leads the Red Hat containers team, and Brent Baude is the architect and primary maintainer of Podman. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Ira Glass in the wardrobe News of the week Announcing Google Cloud Deploy DORA Accelerate State of DevOps 2021 report Mirantis Flow "reinvents the datacenter" Episode 110, with Adrian Ionel Deis Labs introduces Hippo Accelerating new features in Docker Desktop Distroless builds are now SLSA 2 Episode 155, with Priya Wadhwa CNCF DevSecOps radar Links from the interview Dan Walsh Brent Baude SELinux Stop Disabling SELinux SELinux Sandbox Project Atomic Red Hat patches for container registry rejected by Docker Docker client/server model Red Hat's container suite: Podman CRI-O Buildah containers/storage containers/image Skopeo Open Container Initiative (OCI) Podman features: Drop-in Docker replacement play kube, run a pod from YAML generate kube, make YAML from local containers Running rootless systemd integration Socket activated services podman-compose Podman in Podman Podman in Kubernetes Builder in a Boston accent containerd, CRI-O and Docker in Kubernetes "Podman Desktop" Docker changes desktop subscription model Podman on Mac Podman on Windows with WSL2 Remote client Notes from the recent Podman Cabal meeting Quay GitHub discussion Daniel Walsh on Twitter Brent Baude on Twitter

Prodfiler is a new tool that provides fleet-wide full-system continuous profiling. It is in some ways the second act of its co-creator Thomas Dullien, who is an internationally-renowned reverse engineer and vulnerability researcher under the name Halvar Flake. Thomas joins us to discuss his career, what you should profile in a distributed system, and why you can't sell something with a negative cost. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Container blocakges Container houses News of the week Crossplane moves to incubation in CNCF: CNCF coverage Crossplane coverage Episode 141, with Daniel Mangum Backup for GKE Google Cloud Next session catalog is live Register here Kubernetes multi-cluster panel on October 6 GKE updates: publishing with Private Service Connect, CSI driver for Filestore GA, SSL policies & HTTPS redirects for multi-cluster Ingress Azurescape: attack on Azure Container Instances by Unit 42 at Palo Alto Networks CVE-2021-25741 for subpath mount symlink attack (High) CVE-2020-8561 for webhook response logging (Medium) NCC Group weighs in on NSA guidance Snyk raises $530m Episode 140, with Kamil Potrec Sqlcommenter merges with OpenTelemetry Kubermatic 2.18 and KubeOne 1.3 Episode 109, with Sebastian Scheele Tanzu Kubernetes Grid 1.4 5 years of Envoy OSS Episode 33, with Matt Klein Links from the interview Thomas Dullien/Halvar Flake Mathematik, with a K Stages of life vs. maths ability required, by Pearls of Raw Nerdism Vicky the Viking TV show Assembly Language Masterclass GEOS copy protection by Michael Stiel Time travel debugging "German hacker denied entrance into US for Black Hat training" Zynamics acquired by Google BinDiff BinNavi Project Zero "For whom?", asked R Morris Sr. optimyze.cloud's original business model Introducing Prodfiler Profiling The Datacenter As A Computer: An Introduction to the Design of Warehouse-Scale Machines Google-Wide Profiling: A Continuous Profiling Infrastructure for Data Centers Dapper, a Large-Scale Distributed Systems Tracing Infrastructure and Jaeger The mystery of Kubelet eating CPU and IOPS Fortran Web Framework: it's not irrelevant, really! Halvar Flake on Twitter

The most popular Ingress controller for Kubernetes is ingress-nginx, created in 2015 by Alejandro de Brito Fontes. Alejandro stepped down earlier this year, and the project is now maintained by a team including Ricardo Katz. Learn the history and what's in the new 1.0 release from a pair of South American self-proclaimed sysadmins. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week New Zealand cinema worker left red-faced after voicemail blooper Uncensored version on TikTok News of the week Amazon EKS Anywhere is GA and EKS Connector is in preview CNI 1.0.1 Red Kubes makes Otomi self-service features free of charge Scale down mode and custom policy for Microsoft AKS k8ssandra moves from Helm to operator API server tracing in Kubernetes 1.22 by David Ashpole Episode 113 How Docker Broke In Half, by Scott Carey] Episode 156, with Sebastien Pahl Episode 110, with Adrian Ionel Links from the interview ingress-nginx Early computing IBM PC/XT Windows 95 Pinball Flight simulator easter egg in Excel 97 Slackware Bible Foca Linux History of Ingress Ingress announced in Kubernetes 1.1 CoreOS Fleet Service loadbalancer kube-haproxy-router Kubernetes Ingress proposal issue ingress-gce ingress-nginx: Alejandro's proposal for ingress-nginx Original PR Alejandro's bare metal cluster - then and now Ricardo's early contributions Note that NGINX Inc. have their own Ingress controller, for the open source or commercial versions of NGINX Their comparison of the two versions Supporting open source: Alejandro steps down as ingress-nginx maintainer He actually tried earlier, but no-one else stepped up! Core Infrastructure Initiative fund for supporting the Internet xkcd on internet dependencies Episode 116, with Alex Ellis The future: ingress-nginx 1.0.0 NGINX Inc. commits more to open source Gateway API IngressClass and upgrades to the v1 Ingress API ModSecurity and Curiefense Alejandro de Brito Fontes on Twitter Ricardo Katz on Twitter

Adevinta is an online classified ads company, operating many local brands. Daniel Megyesi is a DevOps engineer at Adevinta and maintainer of their central big data and Machine Learning platform, Unicron. Learn why they wanted to replace Mesos, how they aligned their engineering efforts to do so, and the choices that had to be made to provide an easy experience for their data engineers. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Dolores Park The Garden at Buckingham Palace The fire at Windsor Castle Most currencies featuring the same individual News of the week Docker updates subscription plan Google commits $10 billion to advance cybersecurity Detail blog from previous guests Eric Brewer and Dan Lorenc Episode 155, with Priya Wadhwa ingress-nginx 1.0.0 NGINX Inc. commits to open source OpenTelemetry moves to Incubation phase IBM open sources Tornjak Tornjak dog SUSE Rancher 2.6 VMware announces Tanzu Application Platform Infoworld coverage Rafay Systems raises $25 million Grafana Labs raises $220 million Episode 122, with Torkel Ödegaard Links from the interview April Fools Proxy Adevinta, the world's largest online classifieds group after acquiring eBay's classifieds division Spark, Mesos, Chronos, AWS EMR Introducing Unicron, our big data and Machine Learning platform by Daniel Megyesi Not the logo Gardener GKE Autopilot Argo CD and Argo Workfloads Spark Operator and Luigi 1:8 scale model DeLorean 1:2 scale model Terminator Infrastructure Adventures, Daniel's blog Daniel Megyesi on LinkedIn

KEDA, the Kubernetes Event-Driven Autoscaler, is a project that adds superpowers to the Kubernetes horizontal pod autoscaler, including zero-to-one scaling. Celebrate KEDA reaching Incubation in the CNCF by listening to an interview with maintainer Tom Kerkhove from Codit. But first, learn about Craig's worst concert experience. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Correction to Episode 158: Mike Richards is no longer host of Jeopardy! Troy meets LeVar Burton The Chase (USA) The Chase (UK) The Judds Charlie Watts: Rolling Stones drummer dies at 80 The Rolling Stones: A Bigger Bang tour Moving stage News of the week KEDA moves to CNCF Incubation Kubescape from ARMO Security GKE adds OIDC identity provider and gVNIC support Gloo Mesh 1.1 Istio security announcement Envoy security announcement Cron jobs and timezones in Kubernetes Links from the interview KEDA: Kubernetes Event-Driven Autoscaling Bruges Codit Azure Service Fabric Azure Cloud Services Horizontal pod autoscaler Custom metrics in HPA (added in Kubernetes 1.6) Promitor: bridge between Azure Monitor and Prometheus KEDA announcement from Microsoft Scaling a deployment Scalers Microsoft moves KEDA to the CNCF Sandbox External scalers KEP for adding scale-to-zero to HPA Knative scale to zero CNCF Sandbox announcement Versions 1.0 and 2.0 Users KEDA on GitHub Tom Kerkhove on Twitter and his blog

Kubernetes lets us manage our infrastructure declaratively, so why do we still manage the underlying OS with a myriad of different text files? And why allow shell and SSH access to a machine that should be immutable? So asked Andrew Rynhard before creating Talos, a Linux distribution built for Kubernetes. He's now CTO of Talos Systems, a company founded to take it to market. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week 40 years of the IBM PC 5150 emulator and docs What was it like to use? Twitter thread about the cost of add-ons 41 years ago: the story of the creation of the PC DONKEY.BAS Play it on the 5150 emulator Learn about it Play it on the iPhone or Apple Watch Commodore 64 Wheel of Fortune Little Computer People C64 vs IBM advertising 6502 and derivative CPUs: the C64 used a 6510 Bender News of the week Litmus 2.0.0 Episode 56, with Evan Powell SPIRE security audit Episode 45, with Andrew Jessup Bovine by Nick Gerace Rust Cloud Native Verify GKE services are up with dedicated uptime checks LFX projects open for (Northern) Fall term Links from the interview Talos (the OS) Linux from Scratch Talos (the robot) COSI Comparing k3s to vanilla Kubernetes on Talos Talos announcement on Reddit and Hacker News Talos Systems Launch blog Brazilian jiu-jitsu COSI announcement from KubeCon EU 2021 Andrew Rynhard on Twitter

What is a telecommunications provider, if not a very distributed system? Kubernetes is becoming an important engine for the world's telcos, especially as they roll out 5G. Vuk Gojnic leads the team rolling out Kubernetes across Deutsche Telekom (the parent company of T-Mobile), and he tells us how the worlds of telco and cloud have converged. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week New Jeopardy! hosts The Price Is Right Bob Barker in Happy Gilmore Spay and neuter your pets News of the week eBPF Foundation announcement Episode 91, with Leonardo Di Donato Episode 133, with Thomas Graf Istio 1.11 NSA & CISA release Kubernetes hardening guidance PDF link Google Cloud Service Discovery adds GKE auto-discovery Troubleshoot GKE faster with monitoring data in your logs Sysdig announces new Prometheus integrations Nirmata takes $4m in funding CNCF Survey, part 2 Links from the interview History of Montenegro Balkans region Postal, telegraph and telephone services Cafe del Montenegro "archeological remains" (archeological remains of original Cafe del Montenegro) CdM today Crnogorski Telekom Deutsche Telekom Crossbar switches O-RAN Software Community and source code Network function virtualization Natural selection Mobile base station DSLAM 5G Das blinkenlights Das Schiff Das Boot Cluster API Flux CD OpenStack Ironic mIRC Vuk Gojnic on Twitter

It's Kubernetes release day! The team that launched v1.22 of everyone's favourite cluster management software was led by Savitha Raghunathan, Senior Platform Engineer at MathWorks. Savitha joins host Craig Box to talk contribution, containers and cricket. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Life before smartphones Dark Sky, hyperlocal weather app Karl the Fog Universal Studios Kubeyland 2021 The Simpsons Ride News of the week Kubernetes 1.22 announcement Sign up for the 1.23 release team Linkerd graduates* in the CNCF Cosign 1.0 Episode 152, guest host Dan Lorenc Episode 155, with Priya Wadwha Cloud Native Rejekts CFP Episode 79, with Chris Kühl Introducing Koncrete by the Kalm team Nestybox adds Kubernetes support Curiefense adds NGINX support Replicated announces $50M Series C Episode 143, with Grant Miller Kubernetes platform updates: Deckhouse, by Flant, is GA Red Hat OpenShift 4.8 Rafay adds new features to Kubernetes Management Cloud Carvel Package Manager for Kubernetes Porter and seed funding announcement Links from the interview Chennai Super Kings Stephen Fleming; coach, A/C salesman and Yellow Wiggle Royal Challengers Bangalore MathWorks MATLAB Math vs maths? (Doesn't actually matter; MATLAB is short for Matrix Laboratory) Savitha's first contribution Kubernetes GitHub workflow and pull request guide Kubernetes 1.22 release announcement Release Team Loki and WandaVision Enhancements of note: Seccomp by default Rootless Kubelet Pod admission control Node swap support Windows privileged containers 1.21 release interview with Nabarun Pal Do, Delegate and Defer Release lead for 1.23: Rey Lejano In memoriam: Peeyush Gupta Donate to Peeyush's Family Education Fund Coffee art Amigurumi Savitha's cat Savitha Raghunathan on Twitter

Sebastien Pahl is a pioneer of container technology, building the predecessor to Docker as a co-founder of Dotcloud. After working at some big tech companies, he's back to the startup life as co-founder of Opstrace, a fully open source observability distribution, built on top of the tools you know and love. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Pictograms Korea on Italy Pita Taufatofua, the oily Tongan Olympic drones Inclement weather: Tokyo New York City London News of the week Kubernetes 1.22 release candidates is out Episode 146, with Nabarun Pal Cloud Foundry Foundation releases v5 Episode 105, with Chip Childers Connaisseur 2.0.0 Episode 155, with Priya Wadwha Chaos Mesh 2.0.0 Episode 121, with Ed Huang Spectro Cloud raises $20m Series A Nominate yourself for the 1.23 Release Team Links from the interview EPITECH Solomon Hykes Departure blog Dotcloud Y Combinator $10m funding round Cloudflare Mesosphere HD-DVD and Betamax Operator Framework/Operator SDK Opstrace Prometheus Cortex Grafana Loki Grafana relicensing OpenMetrics and OpenTelemetry Matter, for smart home devices Opstrace on GitHub Sebastien Pahl on Twitter

The idea of software supply chain security rocketed into the public consciousness in the last year, with the news that US government agencies had been breached. Priya Wadhwa is a software engineer at Google working on open source security, including projects to secure and verify container deployments. She outlines what is being done to make sure this doesn't happen to you. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Virgin Galactic launch NBC News BBC News Blue Origin launch NBC News BBC News Rocket scene from Austin Powers: The Spy Who Shagged Me The memes News of the week Google Cloud Container Security webinar Register for Google Cloud Next 2021 Google Cloud IDS Windows Server support for Anthos on-prem Multi-Cluster Ingress for GKE CVE-2021-22555: Kernel code execution through Netfilter bug CVE-2021-25740: Endpoint & EndpointSlice permissions allow cross-Namespace forwarding CVE-2021-32690: Helm repository credentials passed to alternate domain Attacks on Argo Workflows discovered by Intezer Sysdig acquires Apolicy; Apolicy acquired by Sysdig CockroachDB Operator for Kubernetes Automatic remediation of Kubernetes nodes at Cloudflare Sciuro Kured CNCF App Delivery TAG publishes operator whitepaper Links from the interview Software supply chain Know, Prevent, Fix Reproducible builds Debian Project SolarWinds hack US Executive Order on Improving the Nation's Cybersecurity Binary Authorization Provenance, in art and software in-toto "Farm to table" sigstore Announcement blog cosign Announcement blog Dan Lorenc's blog Connaisseur Rekor Fulcio Key signing ceremony: Dan Lorenc on Episode 152 Announcement blog Video Tekton Tekton Chains Announcement blog, by Priya & Dan SBOM (Software Bill of Materials) Open Source Insights Announcement blog Nine Inch Nails' Year Zero ARG Scorecards Announcement blog v2 blog SLSA Announcement blog GitHub SupplyChainSecurityCon sigstore Slack channel Priya Wadhwa on Twitter

Gatekeeper is an open source project which lets you enforce policy in a Kubernetes cluster. It's also the basis for Policy Controller, a hosted and managed version now available for all GKE users. Max Smythe, a senior SWE at Google, is a maintainer of Gatekeeper and the TL of Policy Controller. He joins us to talk constraints, config and Cruise. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week England loses Euro 2020 final It's Coming Ohm: prediction on power usage Half time power spike Top 20 spikes The Thorn Birds The Superbowl Flush - debunked! Tokyo Olympic Games Opening Ceremonies Hedbanz News of the week APIs being removed in Kubernetes 1.22 ContainIQ launches Postgres Operator 5.0 NetworkServiceMesh 1.0.0 Google Cloud Certificate Authority Service GA and cert-manager integration Platform9 Managed KubeVirt InsightCloudSec from Rapid7 Sophos acquires Capsul8 Spring 2021 graduating class from CNCF-sponsored LFX Mentorship program Links from the interview Brian May Edge of Tomorrow The redemption thereof Chubby Riak Gatekeeper Anthos Config Management Config Sync Policy Controller Episode 101, with Tim Hinrichs and Torin Sandall PodSecurityPolicy is not going GA SIG Auth's replacement proposal Using ACM constraints to enforce Pod security OPA Constraint framework Policy Controller: Creating constraints Writing a constraint template Structural schemas Design Patterns for Extendable, Scalable K8s Extensions by Rita Zhang and Max Smythe Max Smythe on Twitter

Debugging Kubernetes often involves correlating what happened just before something went bad. Itiel Shwartz is a co-founder of Komodor, a startup who builds a platform to help with exactly that. We talk Hebrew names, Hungarian dogs and German car crashes. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Jimmy Moore steps out from behind the scenes Conan O'Brien Needs A Friend Revisionist History Letterman reads out Johnny's jokes Mythic Quest News of the week Joint US/UK cybersecurity advisory saying Russia is using Kubernetes CNCF and FinOps Foundation survey Canonical Kubernetes usage survey CNCF End User Radar for multi-cluster tools runc 1.0.0 Buoyant Cloud Public Beta Sloth, by Xabier Larrakoetxea Links from the interview Komodor "Itiel" and "ETL" Rookout Forter Ben Ofiri Komodor team photo The Komondor (and image search) Man Who Looks Like His Dog Jack Tramiel, co-founder of Commodore International The story of the name "Commodore" Man Who Looks Like His Dog Single bit-flip renders certificate transparency log invalid $25 million funding with angel investors Itiel Shwartz and Komodor on Twitter

Steve McGhee worked as an SRE at Google for almost 10 years, then took a job outside the company. He was tasked with recreating "Google Production" and SRE practice from first principals, but with three books, modern cloud providers, and the entire Kubernetes ecosystem to help. How did he do? Learn about that which you can and can't replace. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Dan's recent work has come up in episodes 136, 142, and 151, to name but a few Episode 39, with Dan Lorenc Tekton CD Sigstore Dan's Peter Jackson look Sigstore Root Key Ceremony IANA Key Signing Ceremonies and changes in the time of COVID News of the week GKE news: New Tau VMs on Google Cloud and GKE Committed use discounts for GKE Autopilot Cloud Onboard training for GKE with Kaslin Fields, on June 22 Stackrox/Red Hat State of Kubernetes Security blog post and report etcd 3.5 SLSA: Supply chain Levels for Software Artifacts Ensemble, by Tesera Harbor operator 1.0 Weave GitOps Core Episodes 144 and 145, with Alexis Richardson WSO2 launches Choreo and acquires Platformer KubeCon EU 2021 transparency report COVID vaccine required to attend fall 2021 Linux Foundation events Opinions on Knative positioning by Ahmet Alp Balkan Episode 66 Links from the interview LG Chocolate Phone and the Crazy Frog Good SRE is the inverse of the XKCD comic on Standards "Breaking Prod: More than once, I personally made it impossible to use google search from a phone (for a little bit). Like, for everyone on the planet." San Luis Obispo, California (SLO) GIFEE, coined at CoreOS Rebuilding SRE, from Memory Ben Treynor Sloss Homer Simpson's Car Postcards from the future and the crystal ball It is against the law to have a sleeping donkey in your bathtub after 7pm How To Avoid Huge Ships Prometheus Canary releases Canary deployments with Istio SLO Math, by Steve McGhee (SLOconf 2021) The SRE I Aspire To Be, by Yaniv Aknin (SREcon 2019) RAID. a Redundant Array of Inexpensive/Independent Disks Deployment Archetypes for Cloud Applications, by Brad Calder and Anna Berenberg Steve McGhee on Twitter

NVIDIA and Google have teamed up to bring the new Multi-Instance GPU feature, launched with the NVIDIA A100, to GKE. We speak to Kevin Klues from NVIDIA and Pradeep Venkatachalam from Google Cloud on how and why people use GPUs, optimising instance shapes for machine learning, and why less is often more. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 64, with Sarah D'Angelo and Patrick Flynn Catching up with Patrick in Episode 148 Winthrop, Washington Blackdown Hills, Devon News of the week Azure App Services now available for Azure Arc Azure Arc and App Service blog posts Other new AKS capbilities Virtualization Review coverage ECS Anywhere made GA by press release AWS App Runner Integrating Google Cloud DNS with GKE Istio 1.10 Terraform 1.0 Grafana 8.0 and Tempo 1.0 Argo Rollouts 1.0 Kubesphere 3.1.0 Cilium 1.10 OpenSLO spec launched at SLOConf Episode 147, with Brian Singer and Kit Merker Envoy GA on Windows Chaos Experimentation Framework for Envoy El Carro operator for Oracle Database from Google Cloud Moco operator for MySQL from Kintone PlanetScale GA Episode 81, with Jiten Vaidya and Sugu Sougoumarane FoundationDB paper from ACM SIG MOD DockerCon announcements Coverage of Development Environments from The Register Deps: Open Source Insights project from Google Graph for Kubernetes 1.0.0 Graph for Kubernetes 1.22.0-alpha.2 Verifiable Supply Chain Metadata with Tekton Chains Kubernetes CVEs: CVE-2021-25736 CVE-2021-25737 CVE-2021-25738 runc CVE-2021-30465 VS Code Plugin for Kubernetes CVE-2021-31938 Steve Smith says "GitOps is a placebo" in a blog post and Twitter thread Follow up from Vic Iglesias GitOpsDays Styra raises $40m Series B round Episode 101, with Tim Hinrichs and Torin Sandall Cloud Native community goes live with 10 shows on something called Twitch YouTube playlist for KubeCon EU 2021 Links from the interview Episode 92, with Pramod Ramarao Dogecoin Training and inference 12 things that prove Doom will run on literally anything "It runs Doom" subreddit CUDA vGPUs Multi-Instance GPUs GKE now supports multi-instance GPUs 7 core MacBook Air GPUs A100 GPU 16 A100 GPUs on a Google Cloud VM Running GPUs on GKE Node taints for scheduling NVIDIA Container Toolkit GCP NVIDIA GPU device plugin Kubernetes NVIDIA device plugin GTC 2021 talks: A Deep Dive on Supporting Multi-Instance GPUs in Containers and Kubernetes by Kevin and Pradeep Gain Competitive Advantage using ML Ops: Kubeflow and NVIDIA Merlin and Google Cloud by Andrew Stein and Maulin Patel (Google) and Davide Onofrio (NVIDIA) Kevin's KubeCon talk and slides Kevin Klues on Twitter

Pixie Labs built an observabiity platform for Kubernetes, which uses eBPF to get telemetry without user intervention. They were recently acquired by New Relic, who open sourced the Pixie software. Co-founders Zain Asgar and Ishan Mukherjee join Craig Box to tell the story and talk about what's next. Guest host Alex Ellis tends his garden. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 116, with Alex Ellis GrowLab Announcement blog Alex's talk at the GIFEE Day Monty Don OpenFaaS in the RISC-V keynote New Kubernetes on Edge training course News of the week eBPF for Windows GKE Dataplane V2 is GA Confluent for Kubernetes GA VMware Tanzu SQL, with MySQL, for Kubernetes, 1.0 VMware Modern Apps Connectivity Solution Do the State of DevOps survey! Links from the interview Pixie Labs What is Pixie overview slides presented to CNCF Public beta launch and announcement of Series A funding TechCrunch coverage Pixie Labs acquired by New Relic; New Relic acquires Pixie Labs A day in the life of a Kiva robot Recognition for Google Lens clothing recognition Dog or blueberry muffin? Episode 125, with Ramiro Berrelleza How Pixie Works New Relic goes all-in on OpenTelemetry and Open Source Pixie on GitHub Pixienauts community New Relic upgrades to Platinum member at CNCF Zain Asgar and Ishan Mukherjee on Twitter

A small army of community volunteers is necessary to host a KubeCon, but behind them is a professional events team. Colleen Mickey is Director of Event Services at the Linux Foundation and is responsible for KubeCon + CloudNativeCon, as well as other events like Hyperledger Global Forum and cdCon. She talks to us about hosting, feeding and watering 10,000 people, as well as the change to virtual events. We also bring the round-up of the KubeCon news, including our famous Lightning Round. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 29, with Janet Kuo Looking back at KubeCon Shanghai 2018 News of the week New Relic and Pixie Labs blogs on Pixie being open sourced New Relic joins CNCF as a Platinum Member Red Hat launches the Stackrox community at stackrox.io OpenShift GitOps and OpenShift Pipelines Snyk's State of Cloud Native Application Security report announcement and results OCI Distribution Specification reaches 1.0 Prometheus to launch conformance program New CNCF sandbox projects: Vineyard, an in-memory immutable data manager WasmEdge Runtime, a WebAssembly Virtual Machine for cloud, AI, and blockchain applications ChaosBlade, an open-source version of Alibaba's chaos tools Fluid, a data and storage abstraction for AI and cloud-native applications Submariner, a cross-cluster overlay of overlay networks Antrea, a Kubernetes CNI plugin Episode 128, with Antonin Bas CNCF Edge survey results and free Kubernetes on Edge Training Episode 116, with Alex Ellis Inclusive Naming Initiative receives Honorable Mention at Fast Company's 2021 World Changing Ideas Awards 'Master,' 'Slave' and the Fight Over Offensive Terms in Computing by Kate Conger of the New York Times Episode 130, with Stephen Augustus Spotify wins CNCF Top End User Award Episode 50, with David Xia Episode 136, with Lee Mills and Matt Clarke. Lightning round Accuknox secured $4.6m in seed funding Accurics announced Terrascan integrates with Argo CD Ambassador introduced a Developer Control Plane Armory introduced mini-Spinnaker installation Minnaker, built on k3s Arrikto announced MiniKF 1.3 and Eenterprise Kubeflow for Azure Avesha launched Smart Application Cloud Framework Bridgecrew published security trends from analyzing Helm charts CAST AI announced Amazon EKS cost optimizer Civo launched K3s-as-a service to early adopters Cloudical introduced version 1.8 of VanillaStack DataStax announced that k8ssandra supports all distributions Dynatrace added the ability to ingest OpenTelemetry traces HAProxy launched version 1.6 Kubernetes ingress controller Kasten added ransomware protection with v4.0 of K10 Kubermatic Kubernetes Platform 2.17 Kubernative says that KubeOps is now a full-fledged Managed Kubernetes Framework Netdata has added Kubernetes monitoring features to their Cloud service Nirmata announced Nirmata Policy Manager, based on Kyverno OpenNebula released a new K3s Virtual Appliance for running Edge Clouds Portainer raised $6M in a Series A round to Accelerate their global expansion Portworx pre-announced PX-Backup 2.0 with support for external auth services Rancher launched a new Rancher Desktop tool in Alpha for Windows and Mac Rafay launched new features to its Kubernetes Management Cloud Splunk announced their Observability Cloud is Generally Available StackPulse announced a Kubernetes-centric operations center StorageOS version 2.4 brings encryption at rest and rapid application recovery StormForge introduced automatic scanning of in-cluster resources StreamNative open sourced Function Mesh for running Apache Pulsar functions Sysdig added runtime detection and response for AWS Fargate Tigera released Calico Enterprise 3.5 with Dynamic Service Graph and eBPF data plane Timescale raised $40m Series B for Postgres-based TSDB and Prometheus cloud Trilio announced Kubernetes Backup Monitoring for Velero users Vitess launched version 10, with support for the Ruby on Rails framework Wanclouds launched multi-cloud Disaster Recovery as a Service Weaveworks launched Weave Kubernetes Platform 2.5 with multi cluster observability platform Zebrium now automatically perform Root Cause Analysis with integration into Opsgenie Links from the interview The first KubeCon in 2015 KubeCon donated to the CNCF CNCF presents CloudNativeCon and hosts future KubeCon events (2016) Dreamforce brings in cruise ships KubeCon NA 2017 in Austin, TX Linux Foundation Climate Finance Foundation Diamond sponsor lottery Diversity and inclusion at KubeCon EU Sponsorship open for KubeCon NA 2021 Event platforms: Intrado MeetingPlay KubeCon + CloudNativeCon Europe 2021 KubeCon + CloudNativeCon North America 2021 GopherCon EU 2018 in Iceland Colleen Mickey on LinkedIn

Liqo is short for Liquid Computing. It's a tool for extending Kubernetes onto others clusters, developed at the Polytechnic University of Turin. Research assistant and Liqo co-creator Alex Palesandro is our guest this week. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 64 with Sarah D'Angelo and Patrick Flynn Three years ago today James Strachan, James Rawlings and Dan Lorenc Jib reCAPTCHA News of the week Microsoft to acquire Kinvolk, Kinvolk to be acquired by Microsoft Episode 79 with Chris Kühl Red Hat Virtual Summit announcements Red Hat OpenShift Platform Plus Rackspace and Platform9 announce partnership Episode 88, with Madhura Maskasky Lens 5 Beta HYCU joins the Kubernetes backup party Sysdig joins the cloud security unicorns Episode 91, with Leonardo Di Donato GKE adds multi-instance GPUs and a new Gateway controller Kubernetes moves to three releases per year Links from the interview Alex Palesandro Politecnico di Torino Alex's thesis Episode 141, with Daniel Mangum Episode 142, with Gianluca Arbezzano Fiat and Stellantis DAUIN, Department of Control and Computer Engineering Netgroup Crown Labs Blender Liqo Virtual Kubelet mDNS Kubernetes TLS bootstrapping Vint Cerf at 6UK launch in 2010 kubefed Liqo roadmap Liqo on GitHub Alex Palesandro on Twitter

Brian Singer co-founded Orbitera, which was acquired by Google in 2016. During that process he met Kit Merker, who was a PM on GKE and the GCP Marketplace, and the two are now working togther on relability engineering startup Nobl9. We talk about migrating Orbitera to GKE and Google's SRE platform, and how many 9s are too many. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 94, with Richard Belleville The G in gRPC stands for: Gilded Guadalupe River Park Conservancy The Great British Bake Off? Not grey, just backlit! Much improved here News of the week Grafana relicensing to AGPLv3 Q&A on relicensing Google's public ban on AGPL Amazon introduces OpenSerarch Pulumi v3.0 Episode 76, with Joe Duffy k8ssandra v1.1 Cassandra Kubernetes SIG picks Cass Operator Docker Desktop for Apple Silicon Macs is GA Zerto for Kubernetes Three different multi-tenancy models Loft Labs open sources Vcluster CVE-2021-20291 in CRI-O and Podman Kubernetes blog updates: Volume health monitoring Indexed Jobs Graceful node shutdown Defining Network Policy conformance for CNI providers Evolving Kubernetes networking with the Gateway API Links from the interview Orbitera in 2016 - acquired by Google Why Orbitera was migrated to GKE Site Reliability Engineering Service level objectives Error budgets and risk Being too reliable SLOs, SLAs, SLIs SLOs explained in 90 seconds video by Kit Merker Nobl9 SLO Platform SLOconf Fly to SLO Fly to Oslo Beyond Seattle SRE meetup Slash at Wembley Arena Brian Singer on Twitter Kit Merker on Twitter

Celebrate the release of Kubernetes 1.21 with release team lead Nabarun Pal from VMware. Nabarun talks about choosing between "hardware" and software, additions and removals from Kubernetes 1.21, and how the Kubernetes project has become more welcoming to people outside the USA. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Moscone Center vaccination site Monday morning weather in London Before and after haircut World record barbering News of the week Kubernetes 1.21 CronJobs are GA Local Storage features go Beta Suspended Jobs in Alpha kube-state-metrics v2.0 emissary-ingress joins the CNCF Shell Operator v1 for Kubernetes operators kubesploit, from CyberArk CVE-2021-25735: Validating Admission Webhook does not observe some previous fields on Node objects Kubegres Minio adds Kubernetes operator and console Scaling Kubernetes with assurance at Pinterest by Anson Qian SUSE sponsors 300 scholarships in cloud native education A reprieve for Apache Mesos Links from the interview Nabarun Pal IIT Roorkee Logo ABU Robocon Models and Robotics Section, IIT Roorkee Rorodata/Algoshelf PyCon India Building microservices with Firefly at PyCon India 2017 Conference talks Linux Users' Group of Durgapur (DGPLUG) and FOSS training Kubernetes Bangalore meetup Nabarun's journey in the Kubernetes release team Applications for Kubernetes 1.21 release team are open Episode 130 with Stephen Augustus Kubernetes 1.21 release blog Kubernetes Enhancement Proposals (KEPs) 1.21 release page PodSecurityPolicy deprecation and KEP Making sure features don't languish in Beta Volume health monitoring Command metadata in kubectl headers Tweet from @dims bribing people to test Release Candidate builds Savitha Raghunathan is release lead for 1.21 Lewis Hamilton tied with Michael Schumacher Mick Schumacher joins F1 Nabarun Pal on Twitter

We conclude our two-part conversation with Weaveworks co-founder Alexis Richardson, picking up when the company received Series A investment in December 2014. Since then, they built projects like Scope, Cortex and Flux as well as SaaS offerings based on them. We also look at Alexis's role in the founding of the CNCF. Please be sure to listen to the first part before this one! Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Educational YouTubers: Film Riot Mental Floss Animator Island Infrastructure for Entertainment by Justin Garrison at KubeCon NA 2020 Episode 20, with Justin Garrison News of the week Kubernetes 1.21 PodSecurityPolicy deprecation KubeVela 1.0 Argo Workflows 3.0 and Argo CD 2.0 Cilium launches NetworkPolicy site IBM Cloud Code Engine is GA Tanzu Cloud Native Runtimes public beta New security offerings from Tanzu Cisco Intersight Kubernetes Service is GA Tetrate Service Bridge is also GA Updates to Azure Arc enabled Kubernetes and OpenServiceMesh add-on for Azure in Preview etcd project journey report published Single sign-on guide for Kubernetes by Ben Dixon Apache Mesos moving to the Attic Links from the interview Last week's episode Weaveworks Weaveworks takes a $5m Series A round Weave Scope and its annoucement Cortex Flux CD and its announcement as a service routing layer Weave Cloud Docker Swarm Mode kubernetes-anywhere kubeadm How we made kubeadm Brandon Philips' newsletter Launching eksctl The August 2017 post introducing GitOps Peter Bourgon and Michael Bridgen Kelsey Hightower talk at GitOpsDays Guide to GitOps Steam engine centrifugal governor Flux joins the CNCF Flagger Announcement about Argo and Flux joining forces Weaveworks is a founding member of the CNCF Alexis elected as TOC chair Battlestar Galactica Weave Kubernetes Platform Series C funding Alexis Richardson on Twitter

We're trying something new! In Part 1 of a two-part conversation with Weaveworks co-founder Alexis Richardson, we have a wide ranging conversation about career choices, finance, founding and selling tech companies, and the dangers of being pigeon-holed based on the first project your company releases. Next week we'll finish the conversation by talking about Weave projects like Flux and Cortex, as well as their SaaS offerings, the founding of the CNCF, and whether Weave built the platform they set out to build when they started 7 years ago. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Evergiven Everywhere "Reply all" at the State Department Evergreen truck blocks Chineses highway Little ship stuck in Littlehampton harbour Vote for the name of the Seattle Tunnel Boring Machine Sir Mix-a-Lot News of the week Outdated; a new open source project from Replicated Episode 143, with Grant Miller Kubestr by Kasten by Veeam, by golly The Aerospike Kubernetes Operator Tanzu Kubernetes Grid v1.3 Red Hat OpenShift on AWS is GA Quay.io is changing login methods Container vulnerability scanning from Sophos Kubecost raises $5.5m in funding Episode 124, with Webb Brown Security Updates in Docker by Itamar Turner-Trauring Links from the interview Mathematical logic at Oxford University Stewart Butterfield on philosophy Computer Literacy Project Jeremy Ruston's BBC Micro Revealed and 80s hair Haskell, Orwell and Miranda OCaml and Standard ML 1998 Russian financial crisis Metalogic Oy Cohesive Networks AMQP RabbitMQ NZ Easter Bunny hunt Matthias Radestock Erlang ejabberd Matthew Sackman and Tony Garnock-Jones Open Telecom Platform (OTP) VMware acquires Rabbit Technologies SpringSource previously Interface21 Weaveworks Introductory blog "Zettio introduces Weave" Weave Net Alexis Richardson on Twitter

Grant Miller is the co-founder and CEO of Replicated, which helps operationalize and scale the delivery of Kubernetes-based apps into the enterprise. We look at what it means to be enterprise software in a SaaS world, and we also get some 2021 predictions from guest host Liz Rice. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 19, with Liz Rice Episode 133, with Thomas Graf Cilium talk at DockerCon 2017 Liz's 2021 predictions from KubeCon NA (Virtual) 2020 Cheese exports are down Autonomous driving levels Prince Harry joins a startup Nick Clegg joins Facebook News of the week SoloCon announcements Mesh7 to be acquired by VMware GKE adds runtime configuration of pod subnets and larger Internal Load Balancer support Amazon reduces EKS cluster create time from "glacial" to "slow" NetApp launches Spot Wave CircleCI Server 3.0 Diamanti Spektra 3.2 Sonatype launches Nexus Container Davanum Srinivas elected to the CNCF TOC "Unironically Using Kubernetes for my Personal Blog" Links from the interview SparkPeople Marc Campbell look.io acquired by LivePerson Replicated Open source from Replicated kurl KOTS Troubleshoot SchemaHero Donated to the CNCF EnterpriseReady and the EnterpriseReady Podcast Kubelist and the Kubelist Podcast Replicants, replicators and gremlins Grant Miller and Replicated on Twitter

If you'd like something more tangible than a virtual cloud instance, there's always (still!) bare metal. Tinkerbell is a project from Equinix Metal to manage bare metal servers at scale, and Gianluca Arbezzano is one of its maintainers. We talk stacks, racks and MACs. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 11, with Vic Iglesias Vic lives here, but not here Pokémon Go social distancing News of the week Flux moves to incubation in the CNCF NetApp Astra goes GA; more information Fairwinds introduces Saffire Cosign, by Dan Lorenc Episode 39 Komodor beta and swag offer Announcing Private Clusters on Oracle Cloud Infrastructure (OCI) Container Engine for Kubernetes (OKE) Linkerd 2.10 The Money Section, with thanks to David Pait, guest of Episode 127 Docker takes $23m in Series "B" funding to get ship done Aqua Security takes $135m in Series E at $1b valuation Snyk raises $300m in Series E valuing company at $4.7 billion Tetrate raises $40m Series B Is Crossplane the Infrastructure LLVM? by Daniel Mangum Episode 141 Links from the interview PHP. and PHP in 2020 Turin InfluxData Episode 91, with Leonardo Di Donato Dropbox's exodus from Amazon Equinix Metal Packet acquired by Equinix Tinkerbell OpenCompute and Open19 Server terminology: Next Unit of Computing (NUC) Baseboard management controller (BMC) Preboot Execution Environment (PXE) Floppy disks DIY Board management control for an Intel NUC: power control Tinkerbell services: Tink Boots OSIE Hook Hegel PB&J OVH fire How Tinkerbell Got Its Wings, including joining the CNCF Tinkerbell community Episode 136: Backstage, with Lee Mills and Matt Clarke Gianluca Arbezzano on Twitter and on the web Tinkerbell on Twitter

Crossplane lets you automate creation of infrastructure using Kubernetes APIs. Daniel Mangum is a Crossplane maintainer working at its creator Upbound, a TL of Kubernetes SIG Release, and a YouTube streaming star. He chats about tech with host Craig Box, who is helped this week by returning guest Ken Massada from GKE's Support team. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 18, with Ken Massada Things We Don't Say podcast Glow in the dark sharks Earthquakes and tsunamis News of the week Microsoft Ignite news: Azure Arc for Kubernetes Azure Migrate app containerization service AKS release notes Microsoft Mesh Helm second security audit Meet Brigade v2 Harbor 2.2 and roadmap Google Summer of Code 2021 KubeCon EU 2021 schedule launched and the selection process explained Issue #100000 on kubernetes/kubernetes Links from the interview Visual Basic for Applications NYT article on retro computing Compiler Explorer Rich Code for Tiny Computers by Jason Turner Upbound Episode 36, with Jared Watts Crossplane Crossplane vs Terraform blog by Nic Cope Compositions and XRDs Crossplane vs Cloud Infrastructure Add-ons TBS episode with Matt Moore of Knative Helm provider July 2020: Crossplane joins the CNCF LFX mentorship program Dec 2020: v1.0 Mar 2021: v1.1 Kubernetes SIG Release doc.crds.dev Upcoming KubeCon talk: FPGK8s: Consumer-Grade FPGAs on Kubernetes Cutting GTA loading times by 70% and how YAML parsing can become quadratic Daniel's current hirsuteness The Binding Status Flake-Finder Fridays Daniel Mangum on Twitter and on the web

Kamil Potrec is a Senior Security Engineer at Snyk, working on security around Kubernetes and cloud platforms. He joins the show to discuss how to think about securing your infrastructure, the different arts (and colors) of offensive and defensive security, and what not to lose sleep over. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 23, with Andrew Philips and Lars Wander A pile of mail and a bike News of the week Red Hat OpenShift 4.7 is GA Fairwinds Insights 3.0 Envoy zero-day patched Istio security bulletin Sysdig contributes Falco modules to the CNCF StorageOS raises $10m in Series B Platform9 raises $12.5m in Series D CNCF relaunches Kubernetes Community Day with KCD Africa and Bengaluru Links from the interview Offensive unit in American Football Hand-egg Red and blue teams Unreal Tournament Capture the flag Kubernetes secrets Design document Encrypting secrets at the application layer Antivirus software Tracer-tee SolarWinds attack Reflections on Trusting Trust by Ken Thompson left-pad deleted from NPM Snyk Open Source The open source parts Snyk vulnerability database MITRE CVE database Kubernetes security at Snyk Deploy only trusted containers to GKE Application threat modeling Kubernetes security best practices, including security context, AppArmor, gVisor etc CVE-2020-8554: man-in-the-middle attack using ExternalIP services CVE-2020-14386: packet socket vulnerability with user namespaces enabled Earlier related work: CVE-2017-7308 and CVE-2016-8655 Project Zero writeup Rewrite it in Rust! Kamil Potrec on LinkedIn

Today Google Cloud introduced GKE Autopilot, a new mode of operation where you no longer manage or configure nodes, and you pay per-pod, per-second. Craig talks Autopilot with GKE product manager Yochay Kiriaty. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 86, with Lin Sun Istio boat meetup at KubeCon NA 2019 IstioCon 2021 Craig and Lin's session Jeff from Coupling Separated at birth? News of the week Google Cloud launches GKE Autopilot Dapr 1.0 Calico Cloud Gloo Mesh Enterprise goes GA Distroless FIPS-compliant Istio Red Hat closes acquisition of Stackrox Real load-aware scheduling in Kubernetes with Trimaran Kubernetes overlay networks with IPv6 Links from the interview Last week's Star Wars show A selection of presentations wearing Darth Vader shirts Windows 7 Red Dog Google South Lake Union Seaplanes GKE Autopilot Launch blog Episode 49, wth Eric Brewer Virtual Kubelet Datadog Container Report Episode 137, with Michael Gerstenhaber

This week we talk multi-cluster services with Jeremy Olmsted-Thompson, co-chair of the Kubernetes Multicluster SIG, and tech lead on the Google Kubernetes Engine platform team. Guest host Tim Hockin shows us the way. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 41, with Tim Hockin The Machete Order John Boyega on Star Wars News of the week Istio 1.9 IstioCon 2021 - February 22-26 Mayadata spins out Chaos Native Cilium Network Policy editor Kubernetes network policy explained by Dominik Tornow Trend Micro write-up on container-escaping malware Dynatrace Cloud Automation and native log support Episode 119, with Alois Reitbauer Shipa 1.2 New GKE, EKS and AKS releases Tanzu Build Service 1.1 Kubernetes 101 Retrospective by Jeff Geerling CFP for the eight KubeCon EU pre-days Designing for SaaS on Kubernetes at Teleport by Virag Mody Comparing OPA/Gatekeeper and Kyverno by Chip Zoller Links from the interview Anthos on VMware SIG Multicluster Federation v2 update Multi-Cluster Services KEP Namespace sameness Gateway API (formerly known as Service APIs) Istio RFC Introducing GKE multi-cluster services Multi-cluster Ingress Cluster API Cluster ID KEP Jeremy Olmsted-Thompson on Twitter and GitHub

Michael Gerstenhaber is a Director of Product Management at Datadog, and the curator of their annual Container Report. He joins Craig to discuss why they release it, some recent trends, and how it helps people validate their assumptions about technology. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 103, with Saad Ali New TOC members Episode 62, with Ricardo Rocha, Lukas Heinrch and Clemens Lange Malaysian roti in London Elgin Marbles News of the week OPA graduates in the CNCF Episode 101, with Tim Hinrichs and Torin Sandall Docker Distribution donated to the CNCF Red Hat Quay 3.4 released CNCF proposal Hildegard malware writeup from Unit42 The original TeamTNT Attacking Kubernetes clusters using the Kubelet API by Eduardo Baitello Jetstack Secure Traefik Using Traefik as an ingress controller with Istio Kong Konnect is GA Kong raises $100M at a $1.4b valuation Get your KubeCon EU tickets early Buildpacks vs Dockerfiles by Genevieve L'Esperance Why Helm never felt like it belonged by Luka Skugor Links from the interview iOS and iOS The Happy Cloud Happy Cloud Taps the Cloud to Speed Up Video Game Downloads by Ryan Kim at GigaOM Datadog Live Container monitoring Live Process monitoring Golden signals Work metrics and resource metrics Datadog reports: Docker adoption 2015 2016 2017 2018 Container orchestration 2018 Container Report 2019 2020 KubeCon EU 2019 talk: 10 Ways to Shoot Yourself in the Foot with Kubernetes, #9 Will Surprise You by Laurent Bernaille & Robert Boll Autopilot: Workload Autoscaling at Google Scale Snow in NYC #17 on the all-time list by inches of snowfall Michael Gerstenhaber on Twitter

Backstage is a platform for building developer portals, powered by a centralized service catalog. It was built at Spotify and both open sourced and donated to the CNCF in 2020. A Kubernetes plugin was recently added. We talk to maintainers Lee Mills and Matt Clarke from Spotify. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 106, with John Belamaric Production Readiness Review News of the week Longhorn 1.1 Vitess 9 Sonobuoy adds reliability scanning Rapid7 acquires Alcide; Techcrunch reporting Armo comes out of stealth; VentureBeat reporting Scaling Kubernetes to 7,500 nodes at OpenAI Announcing the Linkerd steering committee The State of Cloud Native Release Orchestration; a report from Vamp Hunting for malware with Falco Episode 39, with Dan Lorenc Upgrading from Kubernetes 1.11 to 1.18 in a month by Jeff Wolski at WeTransfer Debugging CrashLoopBackOff by David Giffin from Release Jeff Brewer has passed Intuit CNCF case study Links from the interview Spotify engineering culture Microservices at Spotify Backstage Open source launch How Spotify uses Backstage GitHub repository Golden Paths Kubernetes plugin announcement Episode 50, with David Xia Donation to CNCF Sandbox Some backstage stories with David Pait in episode 127 Lee Mills and Matt Clarke on Twitter

Josh Bernstein has worked at a number of infrastructure roles before recently landing at Google. He talks about migrating Siri from AWS (pre-acqusition) to VMware to Mesos, and Dell EMC's work building what would become the Container Storage Interface. Guest host Jasmine Jaksic talks with Craig about snowcreatures. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Episode 15, with Dan Ciruli and Jasmine Jaksic Snowpeople and snowthings News of the week Multi-dimensional pod autoscaling in this week's GKE release Hitachi: vacuum cleaners in the 1990s and Kubernetes today Garnet.ai kind 0.10 New Google Cloud Run networking features Don't cross the streams Production Kubernetes from VMware Tanzu. Serverless for Everyone Else from Alex Ellis Episode 116 Chris Aniszczyk's 2021 predictions Episode 134 Priyanka Sharma's 2021 predictions Episode 107 14 LFX interns graduate Kubernetes honey tokens by Brad Geesaman Bad pods: privilege escalation by Seth Art The US Air Force are feeling supersonic Links from the interview Apple acquires Siri Xserve Siri public introduction Apple rebuilds Siri backend with Apache Mesos using the J.A.R.V.I.S. framework Dell EMC {code} community REX-Ray: announcement and docs CNCF Governing Board CI/CD startups to watch: Harness Armory Shipa Josh Bernstein on Twitter

After building the Eclipse IDE and Twitter's Open Source office, Chris Aniszcyzk bootstrapped the CNCF, joining its parent the Linux Foundation in 2015. He's now a VP of DevRel there, as well as CTO at the CNCF and Executive Director of the Open Container Initiative. Chris joins us to share his technology journey and Cloud Native predictions for 2021. And all that is now And all that is gone And all that's to come And everything under the sun is in tune But the sun is eclipsed by the moon Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Adam on LinkedIn News of the week Otomi from RedKubes Nutanix now supports Anthos Tanzu Advanced is GA Pivotal Labs is Tanzu Labs VMware needs a new CEO New CSI driver for Google Kubernetes Engine Slim.ai announces seed funding Grafana Cloud introduces free tier Sysdig container security usage report (PDF) 63 node Kubernetes cluster using Firecracker by Álvaro Hernández The definitive guide to Vertical Pod Autoscaling by Povilas Versockas Links from the interview ZX Spectrum R-Type and Jet Pac GORILLA.BAS Gentoo Linux Java Virtual Machine (JVM) Eclipse Object Technology International Erich Gamma code9, Chris's startup Backstage and Roadie Twitter OSS Pants Mesos twemproxy Linux Foundation, and its sub-projects CNCF and OCI Services for projects Linus Torvalds and Greg Kroah-Hartman Chris's Cloud Native predictions for 2021 Developer experience: Gitpod, GitHub Codespaces or Google Cloud Shell Wasm in Envoy Wasi, the WebAssembly Systems Interface Chris Aniszcyzk on Twitter and on the web Canada Revenue Agency on Twitter

Thomas Graf is the inventor of Cilium and the co-founder of Isovalent. Cilium is a container networking plugin built on top of eBPF, bringing modern SDN technologies to accelerate your pods. Adam and Craig also discuss the many uses of Christmas trees. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Christmas trees: Keep clear (mostly) Culinary uses Discussed in episodes 104 and 111 News of the week Google grants $3m to the CNCF to run the Kubernetes infrastructure AWS Managed Grafana and Prometheus In partnership with Grafana Labs Red Hat acquires Stackrox Windows Containers GA in OpenShift 4.6 CNCF Annual Report KubeCon NA 2020 Transparency Report Rancher announces Harvester I'll give you the key Kubernetes 1.20 feature deep-dives: Pod impersonation an short-lived volumes Third-party device metrics GA More granular control of storage permission Sonobuoy goes beyond conformance Project Contour security audit Pulse: stats from Envoy Mobile Crossplane 1.0 Project Karavi from Dell Technologies Cluster API provider for Microsoft Azure Vitess project journey report Tanzu Gemfire Kubernetes Security Essentials from the CNCF Links from the interview Chains and tables Berkeley Packet Filter eBPF Episode 91: eBPF and Falco, with Leonard Di Donato High level languages for kernel developers eBPF Summit 2020 Cilium Is it DNS? Is it a series of tubes? BGP Hubble Accelerating Envoy and Istio with Cilium Episode 128: Antrea, with Antonin Bas Bringing Cilium to GKE with Dataplane v2 Maglev load balancing connection scheduling Isovalent Notes on A16Z's investment Thomas Graf on Twitter

Akri is a recent open source project launched by Microsoft to manage edge devices. Kate Goldenring is a software engineer in Microsoft's Edge OS team and an Akri maintainer. She joins our final show of 2020 to talk about how to use Kubernetes to manage devices that can't run Kubernetes. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Reventure Kurstin X Grohl Puppy for Hanukkah (and story of) Adam Sandler's Hanukkah Song News of the week Pixie Labs acquired by New Relic; New Relic acquires Pixie Labs Docker Enterprise is now Mirantis Kubernetes Engine Mirantis OpenStack for Kubernetes Lens 4.0 released CVE-2020-8554: Man in the middle using LoadBalancer or ExternalIPs Volume Snapshot moves to GA in Kubernetes 1.20 Weaveworks takes $36.65M in Series C Trilio takes $15M Anthos for Telecom puts Google partners apps on the edge CircleCI Server 3.0 State of Software Delivery report New Microsoft AKS features Flink 1.12 Cross-region replication in AWS ECR Links from the interview Professor Kris Jordan Edge Computing Edge, computing Internet of Things Akri Announcement blog post MCU (Microcontroller unit) Discovery protocols ONVIF (Open Network Video Interface Forum) udev Zeroconf OPC UA TEE (Trusted Execution Environment) DevicePlugin API and deallocate #akri on Slack Akri on GitHub Proposals Moose Protocol Kate Goldrenring on Twitter

The final — and raddest — Kubernetes release of 2020 is 1.20. This week, Craig and Adam talk to its release team lead, Jeremy Rickard from VMware. Jeremy talks about migrating to newer Kubernetes versions, sooner or later; what was added, what was deprecated, and what that really means; and what happens when you Google your own nane. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Ready Player Two News of the week Kubernetes 1.20: Release Don't panic about Docker Dockershim deprecation FAQ Mirantis will support the Dockershim etcd graduates in the CNCF Episode 95, with Xiang Li CNCF launchese Cloud Native Security Whitepaper Istio 1.8 Kuma 1.0 Linkerd doesn't use Envoy AWS re:Invent: ECS Anywhere EKS Distro and EKS Anywhere EKS add-ons, console and spot instance support Lambda containers AWS Proton ECR Public Registry Anthos on bare metal is now GA IBM acquires Instana Opstrace public launch Weaveworks Kubernetes Platform (WKP) 2.4 Spectro Cloud anywhere Improving the Kubernetes API docs by Phillipe Martin Participate in the Chinese Cloud Native survey How David Anderson would reboot Kubernetes Episode 32, with David Anderson Links from the interview Episode 61, with Jeremy Rickard and Ralph Squillace Porter Jeremy's beard Release team for 1.20 1.12, 1.17, 1.18 and 1.19 Enhancements sub-project The Raddest Release Enhancements sheet #1769: NUMA memory manager Up or out: the deprecation clock starts for Alpha/Beta features #1985: Dockershim deprecation KEP Kat Cosgrove's Twitter thread Stephen Augustus's issue in kubernetes/community Sitting this release out: Sidecar containers Not in 1.20: Distroless images 1.21 lead: Nabarun Pal Kubernetes on an F-16 jet Other Rickards: Matt Rickard (our guest on episode 6) Jeremy Rickard the mathematician Jeremy Rickard on Twitter

Join us for all the news from KubeCon NA 2020, and a conversation with conference co-chair Stephen Augustus. Stephen is a Senior Open Source Engineer on the VMware Tanzu team, a chair of Kubernetes' SIG Release, and a leader in many other parts of the project, past and present. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week The kākāpō wins Bird of the Year We're off for 2 weeks. See you on December 8! News of the week Cisco acquires Banzai Cloud CNCF announces Cloud Native Survey 2020 results Red Hat: New edge features, industrial AI/ML blueprint and AWS launch CNCF End User Tech Radar for storage New End User benefits Envoy Mobile joins the CNCF New sandbox projects cert-manager cdk8s Kyverno OpenKruise Pravega SchemaHero Tinkerbell k8ssandra from Datastax Episode 98 with Sam Ramji k0s from Mirantis Solo.io announces Gloo Mesh Enterprise and rebrands products Episode 55, with Idit Levine Pinniped Shipa launches Ketch Kinvolk launches Headlamp The SPIFFE book "Solving The Bottom Turtle" Episode 45, with Andrew Jessup Anthos Developer Sandbox GKE ingress features Ambassador Labs takes in $18m and launches v1.9 Tanzu SQL: Postgres on Kubernetes Lightning round: Accurics extends Terrascan AWS adds containers to Lightsail Arrikto takes $10m in funding Brobridge releases Gravity CircleCI runner is GA Cloud66 for agencies and multiple database support Cloudflare Origin CA cert-manager plugin Cloudical Vanillastack Cloudify version 5.1 Codefresh launches GitOps 2.0 features Commvault backup-as-a-service Diamanti Spektra 3.1 and customer portal Dynatrace PurePath 4 Elastisys Compliant Kubernetes The Fairwinds Kubernetes Maturity Model Garden takes "seed" funding Gremlin adds soundproofing Humio Operator Instana adds observability tools on Kubernetes Intuit runs TurboTax on Kubernetes Kioxia announces a new storage offering Kubecost adds features for monitoring outside a cluster KubeMQ adds automatic network creation Kubermatic updates KubeOne to v1.1 Kubernative SINA Kublr 1.19 Lablup announced Backend.ai 20.09 RC Magalix launches KubeAdvisor 2.0 Mayadata launches Kubera Propel and Kubera Chaos Mirantis adds extensions to Lens Puppet Labs adds Relay to Puppet Enterprise Reblaze announces Curiefense to add WAF to Envoy Replicates wants to help you Troubleshoot Styra adds new editions to DAS Sysdig introduces Kubernetes-native network security (ZTNSK) and partners with IBM Cloud TrilioVault for Kubernetes v2.0 Zerto for Kubernetes Google Open Source Live Kubernetes Links from the interview KubeCon NA 2020 Episode 117, with Constance Caramanolis CNCF Twitch SIG Friday: ping Stephen for the current link Slack CNCF Slack Kubernetes Slack Hallway Track Kubernetes Podcast chat CoreOS CoreOS Tectonic CoreOS acquired by Red Hat Tectonic on Azure SIG Azure SIG Release SIG PM (retired) Kubernetes Enhancement Process Receipts process KEP Sidecar containers - KEP closed! Production readiness review Episode 10, with Josh Berkus and Tim Pepper Release managers Black Lives Matter announcement banner Better announcements Kubernetes Naming working group Inclusive Naming project Dan Kohn memorial Stephen Augustus on Twitter and on the web

Thomas Rampelberg is a software engineer with Buoyant, creators of Linkerd, and a core maintainer of that project. He is also a co-author of the Service Mesh Interface and co-creator of DC/OS. He joins Craig and Adam to talk about the two former, and pour one out for the latter. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week The BBC on Sean Connery Noreen Malone on Alex Trebek Celebrity Jeopardy! highlights from Saturday Night Live Doomscrolling Potion Explosion: analog, or digital (Steam, Android, iOS) KerPlunk!: analog only News of the week Linkerd 2.9 AWS's response to Dockerhub: a new service IBM adds Code Risk Analysis to Cloud CD Helm chart deprecation Episode 11, with Vic Iglesias CyberArk looks at threats to Kubernetes Links from the interview D2iQ retires DC/OS Kubernetes on Mesos in 2015 The monolith Buoyant Linkerd Finagle kube-proxy before iptables Conduit: a new mesh without the JVM, which became Linkerd 2 Linkerd 2-proxy: Under the hood of the Linkerd proxy Rust tokio runtnime and hyper HTTP libraries Heartbleed CNCF audit Architecting for Multicluster Kubernetes blog post Linkerd 2.9 Service Topology Gas station bathrooms Service Mesh Interface (SMI) NGINX Service Mesh Flagger Kiali Spec Istio WebAssembly support Kubernetes is a domain-specific database Tilt and Okteto Burning Man Thomas Rampelberg on Twitter

For pods to talk to each other in Kubernetes, you need a virtual network. Antonin Bas is a staff engineer at VMware and a maintainer of Project Antrea; a CNI plugin which provides such a network. He talks to Adam and Craig about encapsulation, virtualisation, and 10,000 year old Finnish artifacts. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Over the top Halloween light show Bird of the Year Click here to take the Audience Survey: thank you for helping us make a better show for you! News of the week An update on D2IQ's support of Mesos Docker's plan for Year 2 Google Cloud mitigates the impact of Docker's Year 1 changes Quay and Harbor also KubeLinter from StackRox GitHub Hashicorp Nomad 1.0 Beta Vitess 8 GA gRPC in the real world: Container Runtime Interface by Bob Reselman RIP Dan Kohn Links from the interview Visual Basic Professor Nick McKeown, co-founder of Nicira Barefoot Networks P4, in the Open Networking Foundation Software-defined networking Virtual networking VLAN VXLAN The Kubernetes network model Network plugins: Flannel Weave Net Calico Cilium kubenet Antrea The Antrea Net Antrea, Finland; now Kamennogorsk, Russia Container Network Interface (CNI) veth pairs Open vSwitch (OVS) NodeIPAM Controller CNI plugin chaining Installing Antrea with other CNI plugins Antrea features: Network policy IPSEC between nodes Antrea on GitHub Antonin Bas on Twitter and GitHub

David Pait was a touring musician in pop punk band Sparks The Rescue. Now, he's an SRE working on Kubernetes at an ad-tech company. How did he get there? And if you're looking to change careers, how might you? Craig and Adam dig in. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Steam Digital Tabletop Fest Microsoft Surface (since renamed PixelSense) Similo Guess Who? Click here to take the Audience Survey: thank you for helping us make a better show for you! News of the week Cloud Foundry Doubles Down on Kubernetes cf-for-k8s 1.0 Ecosystem updates Episode 105, with Chip Childers Akri, from Microsoft kube-secret-syncer from Contentful Grafana Tempo OpenTelemetry Tracing Spec RC by Morgan McLean AWS Distro for OpenTelemetry AWS Load Balancer Controller Nydus container image service Robin.io Express, free for life Verizon Business adds Kubernetes which is powered by Rafay Links from the interview Netsertive Sparks the Rescue Vans Warped tour David on stage Munki for Mac software deployment A considered purchase Google's SRE books eksctl Velero, fka Heptio Ark Fixing reuse-values in Helm Go listen to Hot Mulligan Or Taylor Swift, totally up to you David Pait on Twitter

Bob Killen is co-chair of Kubernetes' SIG Contributor Experience and was last week elected to the project's Steering Committee. He worked in academia for 15 years, latterly working on research projects using Kubernetes, with a focus on computer security. He's now made the leap to working on Cloud Native full time at Google. Bob joins us to explain why Kubernetes twitter is occasionally full of cartoon geese. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Relive New Zealand's General Election coverage - 57% of the electorate voted early! tl:dr; Jacinda won by a lot One NZ electorate had a 421 vote lead on the night Ballot box in Washington State Click here to take the Audience Survey: thank you for helping us make a better show for you! News of the week VMware Tanzu Kubernetes Grid 1.2 is GA Red Hat integrates Ansible and OpenShift Changes to the KubeCon EU Episode 107, with Priyanka Sharma Cloud Native in China survey results Introducing HA MicroK8s Episode 60, with Mark Shuttleworth Helm turns 5 Episode 102, with Mark Butcher Google Cloud Code adds support for 400+ CRDs A holiday gift from AKS Links from the interview University of Michigan Little Bobby Tables Another Bobby Tables! 2600 Beige boxes Red boxes Steve Jobs, Steve Wozniak and the Blue Box Jeff Sica ARC-TS: Advanced Research Computing — Technology Services Great Lakes, the UMich HPC cluster Kubernetes the New Research Platform - Lindsey Tulloch, Brock University & Bob Killen, University of Michigan kube-batch Volcano Orchestructure meet-up and Mario Loria SIG Contributor Experience Episode 74, with Jorge Castro Episode 100 with Paris Pittman Kubernetes Steering Committee 2020 Election Election results Travel support program HONK Untitled Goose Game /honk Ian Coldwater's goose-themed talk from KubeCon NA 2019 honk.ci Announcement GitHub repo Challenges Walkthrough KubeCon NA events: SIG Honk AMA: Ian Coldwater, Duffie Cooley, Brad Geesaman, Rory McCune Having Cloud Native Fun with HonkCTL: Jeff Sica SIG Beard: see episode 46, with Aaron Crickenberger Bob Killen on Twitter

Ramiro Berrelleza is CEO and co-founder of Okteto, a company making developer tools which simplify development on Kubernetes. He joins Adam and Craig to discuss how the open source project and company came about, going through Y Combinator, and the best filling for a Mission burrito. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Hash browns Corn fritters Survey Click here to take the Audience Survey. Thank you for helping us make a better show for you! News of the week Rook graduates Episode 36 with Jared Watts Wasm is upstreamed in Envoy Helm moves to Artifact Hub DigitalOcean introduces DOAP and Apurva Joshi describes its stack IBM breaks itself in two Kubernetes Steering Committee election results OpenTelemetry Governance Committee election starting Introducing PipeCD by Le Van Nghia Anchore DevSecOps toolkit Rancher 2.5 Red Hat slashes OpenShift prices Kubernetes tested on U2 Dragon Lady aircraft Minecraft as a Kubernetes tool by Eric Jadi Links from the interview Okteto Excitebike Elasticbox, acquired by CenturyLink Y Combinator Okteto at YC W19 demo day Okteto on GitHub The name: Octeto: "byte" in Spanish Cindy Lopez Cindy Lauper El Farolito: cow tongue and Carne Asada Ramiro Berrelleza on Twitter Okteto on Twitter

When your infrastructure is effectively infinite, you may have to keep an eye on your credit card. Webb Brown started a project that does exactly that - Kubecost, which aims to reduce spend and prevent resource-based outages. He talks to Craig and Adam about the project and the company behind it. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Kiwis abroad: please meddle in the election Clarke Gayford tweet Killer Queen Black Killer Queen News of the week VMworld announcements Bryan Liles' promotion Episode 54, with Bryan Liles Pixie Labs TechCrunch coverage Cicada, by Jeremy Herzog Announcing Java support for cdk8s Good: Envoy on Windows Not so good: Envoy CVE-2020-25017 Kubenav 3.0.0 announced Cisco acquires Portshift Veeam acquires Kasten Solo.io acquires $23m Episode 55, with Idit Levine Links from the interview Kubecost Kubecost blog Cluster turndown Cost model Spot instances (AWS) and preemptible VMs (Google Cloud) DeepMind AI Reduces Google Data Centre Cooling Bill by 40% Managing your costs on Kubernetes by Karl Stoney at Autotrader Episode 52, with Russell Warman and Karl Stoney FinOps and the FinOps Foundation Shifting left Stackwatch Glacier National Park and Going-to-the-Sun Road Webb Brown on Twitter

Kubernetes makes it easy to run distributed workloads, but how do you make sure that replicas don't conflict with one another? You elect one as the leader. Mike Danese, chair and TL of Kubernetes SIG Auth, joins a vegan and a carnivore to explain how Kubernetes implements leader election. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week What is a staycation? What is steak? Beefsteak, vegetarian/vegan restaurant Nachos News of the week Chaos Mesh 1.0 Azure news: AKS comes to Azure Stack HCI (Preview) AKS adds stopping/restarting clusters, Kubernetes 1.19, confidential compute nodes (Preview) Bridge to Kubernetes is GA Istio Steering Committee election results OpenServiceMesh joins the CNCF Sandbox Odo 2.0.0 GA Odo from Deep Space 9 Determined AI on Kubernetes Cloud Run for Anthos adds events KubeAcademy Pro from VMware KubeCon EU 2020 transparency report Scholarships for KubeCon NA 2020 are open for application Links from the interview Wet labs and dry labs Threads What is the difference between processes and threads? Mutex or lock What is a mutex? Critical section Compare-and-swap Gas station bathroom keys Futex Lock server: Chubby etcd Optimistic concurrency Resource versions Regional clusters in GKE Leader election Leader election client in Kubernetes' client-go An example of using it by Carlos Becker The new Lease API Paxos and Raft Deadlock Split brain Mike Danese on Twitter and GitHub

Torkel Ödegaard is the creator and project lead of Grafana, and co-founder of Grafana Labs. Learn how Torkel went from modding video games to building a data visualization platform, and co-founding a company that is now offering a complete monitoring service built on Prometheus. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week On The Basis Of Sex RBG Star Trek: Picard News of the week CVE-2020-14386 gVisor: Containing a real vulnerability by Fabricio Voznika Announcing IBM Cloud Code Engine Docker Enterprise Container Cloud Mirantis rethinks Docker Swarm vs Kubernetes by Beth Pariseau Episode 110, with Adrian Ionel KubeEdge approved as CNCF incubating project kubeapply and Kubernetes configuration at Segment Introducing Grafana Metrics Enterprise Pure Storage to acquire Portworx Portworx acquired by Pure Storage Ionir exits stealth and promises instant data mobility NetApp Cloud Volumes Service powered by GKE AKS adds CSI driver for Files and Disks Red Hat OpenShift Container Storage 4.5 VMware Tanzu: Announcing vSphere with Tanzu One of four new editions vSAN Data Persistence Platform Mission Control expands policy management capabilities SentinelOne announce automated applicaiton control for containers 16 CNCF interns graduate from Google Summer of Code Building operators for cluster add-ons by Somtochi Onyekwere CFPs open for ServiceMeshCon and Cloud Native Security Day North America A Year of Kubernetes at GitLab Episode 89, with Marin Jankovski Links from the interview The 2001 dot-com crash Rocket Arena mod for Quake 3 Extreme ironing Tradera IT contracting The Mythical Man Month Graphite Kibana Grafana GitHub The history of Grafana UX Grafana Labs Team Kausal Cortex Loki Crystal Reports Interesting use cases: Beehive monitor Hospital queue visualisation Monitoring Art plugin A $50m Series B funding round Grafana Metrics Enterprise Recommended reading: Chasm City by Alastair Reynolds Torkel Ödegaard on Twitter

Ed Huang is co-founder and CTO of PingCAP, creators of the TiDB distributed database and the TiKV key value store. Ed worked on clustering Redis while at Wandou Labs, creating and open-sourcing a tool called Codis. Deciding to focus on this space, he created TiDB and then TiKV, and founded PingCAP. He shares the story behind the projects, bridging the gap between China and the West with open source, and his Desert Island Disc. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Sippee cup Tippee cup Coffee cup News of the week Lens 3.6.0 Security groups for Pods on AWS EKS CNCF End User Technology Radar for Observability Kotary by CA-GIP OnePanel and its docs WebAssembly OCI spec Episode 55, with Idit Levine Red Hat Marketplace by IBM Stackrox lands $25m in funding Introducing Nutanix Platform Services by Amit Jain Confidential Computing on GCP and GKE New Serverless training course by Alex Ellis Episode 116, with Alex Ellis Jetstack CNI migration notes by Josh Van Leeuwen Links from the interview Wandou Labs Codis clustering for Redis twemproxy Spanner and F1 papers from Google Research TiDB TiKV PingCAP CAP theorem Local Persistent Volumes in Kubernetes and beta launch blog explaining it TiKV's CNCF journey: Sandbox Incubation PingCAP's $50m funding round Graduation Chaos Mesh Wasm and Wasmer Dark Side of the Moon Ed Huang on Twitter

Melanie Cebula is a staff engineer at Airbnb, where she has built a scalable modern architecture on top of cloud native technologies. She regularly shares her knowledge in presentations focusing on cloud efficiency and usability, and today shares the story of Airbnb's Kubernetes migration with hosts Adam and Craig. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Dr Horrible's Sing-Along Blog River Otter River otter News of the week Five days of Kubernetes 1.19: Structured logs API server warning messages EndpointSlices Storage capacity tracking 1 year support TiKV graduates from CNCF incubation cert-manager 1.0 Episode 75, with James Munnelly Tanzu Build Service is GA State of Spring report AWS Bottlerocket is GA on EKS Kalm (keep Kalm and karry on) Developer thread on Reddit CRAFT from Salesforce (and its GitHub repo) Introducing Kubernetes CSI sidecar containers from HPE by long-time listener Michael "Data" Mattsson KubeCon EU Virtual YouTube playlist CNCF to provide another round of CommunityBridge mentorships Faster services: no CPU limits by Eric Khun Hacker News thread How GoJek upgrades Kubernetes on GKE by Tasdik Rahman Links from the interview Melanie Cebula Our second classically trained musician guest Early Airbnb architecture Charon Programming by toggling switches Smartstack Horizontal Pod Autoscaling: minReplicas Melanie's talks: FutureStack 17: From Monolith to Microservices KubeCon NA 2018 keynote: Developing at Scale KubeCon NA 2019: 10 Weird Ways to Blow Up Your Kubernetes Melanie Cebula on Twitter

Keptn, a control plane for continuous delivery, came out of the need to install Dynatrace's software at their customer's environments. Alois Reitbauer is Chief Technical Strategist at Dynatrace, reponsible for open source, and a co-chair of the CNCF App Delivery SIG. He talks to your hosts about Keptn, observability after deployment, and how owning a 40 year old sports car is more "curation" than "operation". Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Loved: Thinking, Fast and Slow Unloved: a pile of Sex and the City News of the week Anthos Attached Clusters New Anthos pricing GKE on The Keyword Cloudian introduces operator Canonical introduces Kubernetes 1.19 Portainer CE 2.0 Kuberntes client comparison by Yolan Vloeberghs and Pieter Vincken Distributed tracing overview by Jonathan Gold Links from the interview Dynatrace OpenTelemetry OpenMetrics Keptn What it is, how it works, and how to get started Blogs by Alois: Micro operations — A new operations model for the micro services age How your delivery pipeline will become your next big legacy-code challenge Related CI/CD tools: Spinnaker Jenkins Argo Flux GitLab CD Foundation SIG Interoperability CNCF SIG App Delivery Alois's car marque of choice Alois Reitbauer on Twitter

Taylor Dolezal is a senior Developer Advocate at Hashicorp and the Kubernetes 1.19 release lead. His desire to give talks and join the CNCF Ambassadors led him to the release team and to his new job. He talks to Adam and Craig about how a TI-83 calculator started him on the path. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week The Moon Disaster deepfake Mayfield Lavender Farm News of the week Kubernetes 1.19 release - deferred 24 hours Istio 1.7 release! New Istio Steering Committee charter k3s to join the CNCF Sandbox New networking features in GKE Anthos announcements from Google Cloud Next Google Cloud Code updates Serverless Framework Knative component VMware vRealize Operations 8.2 Moving forward from Beta in Kubernetes Palinurus, from Mailchannels What's new in Falco 0.25 AWS Controllers for Kubernetes GCP Config Connector Carvel Operator SDK reaches 1.0 Thanos and Cortex are both incubating in the CNCF The Kubernetes Handbook by Farhan Hasin Chowdhury Links from the interview TI-83 Plus Silver Edition Walt Disney Studios "Deployed my blog on Kubernetes" Hashicorp Terraform CNCF Ambassador 1.14 release team 1.18 release team Episode 96, with Jorge Alarcon 1.19 enhancement sheet Ingress goes stable 12 month release support cycle Lauri Apple, PgM for SIG Release Sidecar containers.. still Jeremy Rickard is 1.20 release team lead Episode 61 with Jeremy Rickard and Ralph Squillace Nomad, from Hashicorp Hashicorp joins the CNCF CNCF Cape, as modeled by Lachie Evenson Reading list: Working in Public: The Making and Maintenance of Open Source Software by Nadia Eghbal An Elegant Puzzle: Systems of Engineering Management by Will Larsen The Art of Doing Science and Engineering by Richard Hamming Defending Jacob Taylor Dolezal on Twitter

Constance Caramanolis is the co-chair of this week's virtual KubeCon EU, and a principal software engineer at Splunk. Her introduction to Cloud Native came as an Envoy maintainer working at Lyft; she talks to Craig and Adam about communication: techmical, programmatic, in-person and online. We also summarise all the news from KubeCon. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week KubeCon EU #kubernetes-podcast on CNCF Slack Get an invite to Slack Hamilton (musical) Watch on Disney Plus News of the week Red Hat OpenShift Virtualization is GA Red Hat news summary from SiliconAngle 5 years of Google Kubernetes Engine Announcement post from 2015 GKE Dataplane v2 Docker changes registry pricing and retention Hacker News commentary IBM introduced POWER10 Introducing hierarchical namespaces by Adrian Ludwin OpenEBS 2.0.0 containerd 1.4.0 VMware Tanzu Mission Control integrates VMware Tanzu Observability by Wavefront Mirantis acquires Lens Episode 110, with Adrian Ionel Pulumi adds new Kubernetes features Links from the interview Envoy Omnition, acquired by Splunk Splunk acquires Omnition OpenTelemetry Collector Constance's talks: KubeCon NA 2018: Envoy Intro (with Matt Klein) Velocity 2018: Leveraging Envoy when responding to high-severity incidents SYN-ACK Constance's KubeCon EU keynote The Five Whys KubeCon EU agenda KubeCon NA 2019 puppies Corgis Invite a llama Episode 80, with Vicki Cheung Greek food: Galaktoboureko Loukoumades Stroopwafels Poutine Constance Caramanolis on Twitter

Alex Ellis created serverless framework OpenFaaS while working a day job. It's used by some big companies, but he's resisted the temptation to join one. Instead, he's offering consulting and seeking sponsorships, building a business from the ground up. He explains the pros and cons of independence to Craig and Adam. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod News of the week Microsoft launches OpenServiceMesh Including a bit from Linkerd Kong releases Kong Mesh Tanzu Application Service 2.10, formerly known as Pivotal Cloud Foundry KubeCarrier Cube carrier Episode 109, with Sebastian Scheele Nestybox releaases Sysbox (GitHub) Palo Alto Networks discloses and fixes fault in KataContainers JenkinsX plugin for Octant Backyards gets FIPS compliant StarlingX 4.0 New AKS features etcd security audit Episode 95, with Xiang Li New Code of Conduct Committee Members Links from the interview Alex Ellis ADP Payroll Docker Captains program Lord Birt Lord Ernie DockerCon 2016 Ben Firshman funker funker-dispatch by Alex Ellis FaaS OpenFaaS Moby's Cool Hacks - closing keynote Joining VMware to work on OpenFaaS VMware blog VMware Dispatch Acquisition of Heptio VEBA Leaving VMware and Alex going out on his own OpenFaaS Ltd Alex's 2020 mission The world's first managed k3s service First year accounts and end-of-year party Inlets Inlets PRO k3sup Brown sauce Arkade 5 years of Raspberry Pi and robots Insiders Subscription Treasure Trove archive The Five Pressures of Leadership in OSS A bit of Istio before tea-time Cards Against Containers for Black Girls Code Alex Ellis on Twitter

Since we last spoke about Minikube 18 months ago, the project has gone 1.0, and made large performance and usability improvements. Thomas Strömberg is the manager of the Container DevEx team at Google and a maintainer of Minikube. He talks to Craig and Adam about why system administrators are the best code reviewers, the importance of surveying users, and building bikes made of bamboo. Do you have something cool to share? Some questions? Let us know: web: kubernetespodcast.com mail: [email protected] twitter: @kubernetespod Chatter of the week Baking hot Baking: Mary Berry's Banana Loaf Caramel Slice Washington State Voters Guide Lord Buckethead Monty Python's Election Night Special News of the week OpenSSF launched Nova from Fairwinds: monitor Helm charts for new releases Lifebelt by Gustav Westling Chaos Mesh joins the CNCF Sandbox As does the Serverless Workflow spec Announcing Vitess 7 Spinnaker Operator is GA AKS 2020-07-27 release GKE r25 Server side encryption for ECR Project report: Jaeger Episode 97 with Yuri Shkuro How Dropbox migrated from NGINX to Envoy by Alexey Ivanov and Oleg Guba Links from the interview Thomas Strömberg Minikube Episode 39, with Dan Lorenc DiRT: Disaster Recovery Testing Wheel of Misfortune Timex Sinclair ZX81 Bringing Minikube to the next Billion Users: Thomas's talk at KubeCon China 2019 The mini Minikube Survey Other similar tools: Microk8s k3d kind Knoppix Pausing Minikube Running multiple nodes Triage Party Slow Jam Space Jam Bamboo bicycles A finished example A work in progress Thomas Strömberg on Twitter