Episoder
-
Chaos Tests in K8s Part II
ChaosMesh (https://chaos-mesh.org/)LitmusChaos(https://litmuschaos.io/)AWS CDK für EKS
https://docs.aws.amazon.com/cdk/api/v1/docs/aws-eks-readme.html
## Cluster:
const cluster = eks.Cluster.fromClusterAttributes(this, 'MyCluster', { clusterName: 'Cluster', openIdConnectProvider: provider,kubectlRoleArn: 'arn:aws:iam::123456:role/service-role/k8sservicerole',});## Service Account
const serviceAccount = cluster.addServiceAccount('MyServiceAccount');## Bucket
const bucket = new s3.Bucket(this, 'Bucket');## Lese und Schreibrechte
bucket.grantReadWrite(serviceAccount);
ChatGPT
https://openai.com/blog/chatgpt/
Usecases:
Artificial Infrastructure as Code: https://github.com/gofireflyio/aiacGPT-3 Is the Best Journal I’ve Ever Used: https://every.to/chain-of-thought/gpt-3-is-the-best-journal-you-ve-ever-usedGPT-3 as bot for Grafana Alerts: https://github.com/robusta-dev/kubernetes-chatgpt-bot -
Manglende episoder?
-
NEWS:
AWS Lambda - Node.js 18.x
https://aws.amazon.com/blogs/compute/node-js-18-x-runtime-now-available-in-aws-lambda/
Aktuelle Regions von AWS
https://aws.amazon.com/about-aws/global-infrastructure/regions_az/
Neue Lokal Zone in Wien
https://www.aboutamazon.de/news/amazon-in-oesterreich/erste-local-zone-in-oesterreich-aws-investiert-in-fortschritt
Terraform Blogpost "1 Billion AWS Provider downloads":
https://www.hashicorp.com/blog/aws-and-hashicorp-s-journey-to-1-billion-terraform-aws-provider-downloads
EKS supports Kubernetes 1.24
https://aws.amazon.com/blogs/containers/amazon-eks-now-supports-kubernetes-version-1-24/
Topology Aware Hints in EKS
https://kubernetes.io/docs/concepts/services-networking/topology-aware-hints/
Github code Topology Aware Hints :
https://github.com/kubernetes/kubernetes/blob/v1.24.7/pkg/controller/endpointslice/topologycache/topologycache.go#L226
Dashboard (Karpenter):
sum(karpenter_nodes_allocatable{resource_type="$resource_type", arch=~"$arch", capacity_type=~"$capacity_type", instance_type=~"$instance_type", provisioner=~"$provisioner", zone=~"$zone"}) by (zone)
Flux GitOps - Signieren von OCI IMmges mit CoSign?
https://www.cncf.io/blog/2022/11/24/verify-the-integrity-of-the-helm-charts-stored-in-oci-compliant-registries-as-oci-artifacts/
GoldiLocks, VerticalPodAutoScaler. Kosten von Pod auslesen
https://www.cncf.io/blog/2022/11/28/kubernetes-resource-usage-estimate-workload-cost-with-goldilocks-open-source/
WASM in K8s
https://www.cncf.io/blog/2022/11/17/better-together-a-kubernetes-and-wasm-case-study/
Grafana Loki 2.7 Release Notes / Change Logs Link.
https://grafana.com/blog/2022/12/01/grafana-loki-2.7-release/
https://github.com/grafana/loki/releases/tag/v2.7.0
AWS NitroEnclaves in K8s announcement:
https://aws.amazon.com/about-aws/whats-new/2022/11/aws-nitro-enclaves-supports-amazoneks-kubernetes/
AWS AddOns für EKS
https://docs.aws.amazon.com/eks/latest/userguide/eks-add-ons.html
AWS ReInvent Blog Link:
https://aws.amazon.com/blogs/aws/category/events/reinvent/
https://aws.amazon.com/blogs/aws/top-announcements-of-aws-reinvent-2022/
AWS multiple 2FA devices:
https://aws.amazon.com/about-aws/whats-new/2022/11/aws-identity-access-management-multi-factor-authentication-devices/
AWS CloudWatch Logs Personal Identifyable Information:
https://aws.amazon.com/blogs/aws/protect-sensitive-data-with-amazon-cloudwatch-logs/
Chaos Testing / Monkey Testing:
* ChaosMesh (https://chaos-mesh.org/)
* Litmus (https://litmuschaos.io/)
Blog von Martin Fowler: "Using the cloud to scale Etsy"
https://martinfowler.com/articles/bottlenecks-of-scaleups/etsy-cloud-scale.html
Feedback gerne an [email protected] -
Terraform 1.3 Release Notes
optionale Objekt-Attribute mit Default werten verbesserter move block für refactoringshttps://github.com/hashicorp/terraform/releases/tag/v1.3.0
alle Programmiersprachen bietet einen Editor Mode und einen Smart Mode kann getrennt vom Backend betrieben werden (in Kombination mit Jetbrains Space) noch keine VIM Emulation
JetBrains Fleet Public Previewhttps://blog.jetbrains.com/fleet/2022/10/introducing-the-fleet-public-preview/
Analyze EKS Inter-AZ Pod-to-Pod traffic
Aufgrund vieler Supportanfragen zur Analyse von inter AZ Traffic bei Kubernetes hat AWS einen Blogpost zu dem Thema erstellt:
Analyze EKS Inter-AZ Pod-to-Pod traffic -
Newsy News
Ausgewählte News aus dem Cloud / DevOps / K8s / IT Bereich
-AWS Cloudscape Design System
Mimimimi und anderes
-Istio metrics können SEHR viel traffic (-→ Kosten) verursachen
-gzip compression mit EnvoyFiltern
-EnvoyFilter sind einfach nur PAIN
-Bottlerocket for EKS rockt!
LGTM Stack
-Prometheus Operator
-Grafana Agent (und Grafana Agent Operator Beta)
-Grafana Mimir
-Grafana Tempo
-Jaeger ist schon nice aber ElasticSearch suckt hart für Logs
-Exemplars
-derivedFields: Link logs -→ Traces und Traces -→ Logs
-Hochverfügbarkeit & Skalierung
-
Im Podcast diesesmal die AWS CDK und andere CDKs (cdktf und cdk8s) als neue lösung für Infrastructure as Code.
* vorteile gegenüber Terraform, CloudFormation oder Helm
* wann lohnt sich CDK?
* Erfahrungen, Tipps und Tricks
* AWS CDK
* CDK for Terraform
* CDK for Terraform & AWS CDK: Technical Preview von interoperability layer
* cdk8s
* constructs.dev
Wenn ihr Fragen zu dem Thema oder Themenwünsche habt, schreibt uns einfach eine Mail an [email protected] -
Themen
Makefile for DevOps / Kubernetes EngineersLoki for Logging (do NOT use ElasticSearch for LOGS DUDES!!!! it's like ass pain but even fuckin' worse!)GitHub Codespaces (https://github.com/features/codespaces)Datadog / erste Eindrückehttps://www.cncf.io/news/2022/02/16/rcr-wireless-kubernetes-crossed-the-chasm-in-2021-survey/Terraform AWS Provider Version 4 Upgradehttps://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md Terraform Cloud Module registry (Design Configuration)https://cloud.redhat.com/blog/enhancing-gitops-with-the-patch-operatorNotes
https://devopstales.github.io/cloud/aws-eks-amp-monitoring/
https://helm.sh/blog/storing-charts-in-oci/
https://www.cncf.io/blog/2022/02/28/argo-security-automation-with-oss-fuzz/ -
Themen:
* AWS Managed Prometheus
* knative versionen pain
* log4j vulnerability
* K8s optimales resource sizing goldilocks + VPA
* Docker Desktop License change
* m1 macbook als devops engineer