Newsletter #15


Software releases, news articles and other new stuff

Kubernetes 1.19: Accentuate the Paw-sitive | Kubernetes
#kubernetes, #release

Finally, we have arrived with Kubernetes 1.19, the second release for 2020, and by far the longest release cycle lasting 20 weeks in total. It consists of 33 enhancements: 12 enhancements are moving to stable, 18 enhancements in beta, and 13 enhancements in alpha. The 1.19 release was quite different from a regular release due to COVID-19, the George Floyd protests, and several other global events that we experienced as a release team.

It never gets boring in the land of Kubernetes. Another great release which I'm looking forward to get on to my server(s) (looking at you k3s and OpenShift!). The most important part of this release is the extended support period to one year. From personal experience Kubernetes upgrades take time, mostly depending on change policies. On the technical side my favorite clearly are in the storage area, which I still see that there is a long way to go.

Announcing the Contributor Website | Kubernetes Contributors
#kubernetes, #contribution, #maintainer

Welcome to, the Kubernetes Contributor website; built to become the one stop shop for Kubernetes contributor content and news. It brings important documentation scattered throughout the project into one central location.

Becoming a Kubernetes contributor just got a bit easier with this great Website. Sadly I didn't manage to actively participate in the project, but who knows, maybe one day I get the chance.


Interesting articles and blog posts

August 2020 - 20 Years in IT
#tobru, #anniversary

Shameless self-marketing. A bit of history how I came so far.

How NAT traversal works · Tailscale Blog
#firewall, #nat, #vpn, #wireguard, #tailscale

In this post, we'll talk about how to establish a peer-to-peer connection between two machines, in spite of all the obstacles in the way.

A huuuge article describing all the inner details of NAT traversal. Very good to read with many fantastic network diagrams. One of these blog posts where my networkers heart jumped around.

[German] CCC | CCC hackt digitale "Corona-Listen"
#story, #corona, #privacy

Guess what, the digital lists for tracking who visited a restaurant aren't safe. That's not something I was shocked, that clearly was to be expected.

degoogle | A huge list of alternatives to Google products. Privacy tips, tricks, and links.
#google, #alternative

A huge list of alternatives to Google products. Privacy tips, tricks, and links.

As my intention is to use as few Google services as possible, or even no Google services, I can highly recommend this list. My replacements so far:

Self-hosted either with k3s or Cloudron.


Open Source tools newly discovered

GitHub - openshift-scale/cerberus: Guardian of Kubernetes and OpenShift Clusters
#kubernetes, #monitoring

Cerberus watches the Kubernetes/OpenShift clusters for dead nodes, system component failures/health and exposes a go or no-go signal which can be consumed by other workload generators or applications in the cluster and act accordingly.

GitHub - clastix/capsule: Kubernetes multi-tenant Operator
#kubernetes, #multitenancy

This project provides a custom operator for implementing a strong multi-tenant environment in Kubernetes. Capsule is not intended to be yet another PaaS, instead, it has been designed as a lightweight tool with a minimalist approach leveraging only the standard features of upstream Kubernetes.

GitHub - beefsack/script-httpd: Turn a command line script into a web service
#scripting, #http, #cli

script-httpd is essentially a very basic CGI server which forwards all requests to a single script. A design goal is to be as close to zero-config as possible.

GitHub - borchero/switchboard: Kubernetes controller for provider-agnostic DNS record CRDs.
#kubernetes, #dns, #controller

Switchboard is a tool that manages DNS zones and their A/CNAME records for arbitrary backends. It runs as Kubernetes controller and watches for custom resources DNSZone and DNSRecord.

GitHub - aquasecurity/tracee: Container and system event tracing using eBPF
#debugging, #kernel, #syscalls

Tracee is a lightweight and easy to use container and system tracing tool. It allows you to observe system calls and other system events in real time.

GitHub - hyscale/hyscale: HyScale is an Application Centric Abstraction Framework over K8s.
#kubernetes, #abstraction

This project is aimed at building an abstraction framework over K8s (for app deployments) in the same vein as jQuery over Javascript or Spring over servlets

GitHub - opstree/dynamic-pv-scaler: A golang based Kubernetes application which can scale volume dynamically
#kubernetes, #scaling, #persistent, #volume

A golang based Kubernetes application which has been created to overcome the scaling issue of Persistent Volume in Kubernetes. This can scale the Persistent Volume on the basis of threshold which you have set.

GitOps Toolkit
#gitops, #kubernetes, #flux

A toolkit for assembling GitOps pipelines on Kubernetes

GitHub - authelia/authelia: The Single Sign-On Multi-Factor portal for web apps
#authentication, #sso, #reverseproxy

Authelia is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion of reverse proxies like nginx, Traefik or HAProxy to let them know whether queries should pass through. Unauthenticated user are redirected to Authelia Sign-in portal instead.

GitHub - futurewei-cloud/arktos: Arktos for large-scale cloud platform
#kubernetes, #multitenancy, #largescale

Arktos is an open source project designed for large scale cloud compute infrastructure. It is evolved from the open source project Kubernetes codebase with core design changes.

You've successfully subscribed to Tobias Brunner aka tobru
Great! Next, complete checkout to get full access to all premium content.
Error! Could not sign up. invalid link.
Welcome back! You've successfully signed in.
Error! Could not sign in. Please try again.
Success! Your account is fully activated, you now have access to all content.
Error! Stripe checkout failed.
Success! Your billing info is updated.
Error! Billing info update failed.