Forwarded from KubeFM
By default, Kubernetes Secrets are not encrypted; values are merely base64 encoded.
And this is fine — at least, this is what Mac argues in this episode of KubeFM.
Mac says it all comes down to thinking strategically about security and where the Secrets could be leaked.
In this episode, you will learn:
- How to define a threat model to inform your security posture and mitigations.
- How Kubernetes Secrets offer sufficient guarantees for most common threat models.
- If you should use Hashicorp Vault or Kubernetes Secrets (and when not to use auto-unsealing).
Mac also covers tips and advice on becoming a security expert.
Watch it here: https://kube.fm/kubernetes-secrets-mac
Listen on:
- Apple Podcast https://kube.fm/apple
- Spotify https://kube.fm/spotify
- Amazon Music https://kube.fm/amazon
- Overcast https://kube.fm/overcast
- Pocket casts https://kube.fm/pocket-casts
- Deezer https://kube.fm/deezer
And this is fine — at least, this is what Mac argues in this episode of KubeFM.
Mac says it all comes down to thinking strategically about security and where the Secrets could be leaked.
In this episode, you will learn:
- How to define a threat model to inform your security posture and mitigations.
- How Kubernetes Secrets offer sufficient guarantees for most common threat models.
- If you should use Hashicorp Vault or Kubernetes Secrets (and when not to use auto-unsealing).
Mac also covers tips and advice on becoming a security expert.
Watch it here: https://kube.fm/kubernetes-secrets-mac
Listen on:
- Apple Podcast https://kube.fm/apple
- Spotify https://kube.fm/spotify
- Amazon Music https://kube.fm/amazon
- Overcast https://kube.fm/overcast
- Pocket casts https://kube.fm/pocket-casts
- Deezer https://kube.fm/deezer
🗓 Kubernetes events starting in the next 24 hours:
28 Nov, 16:00 UTC - Unlocking next-gen networking and security with Cilium service mesh in Kubernetes | Cloud Native and Kubernetes Oslo - 📍 In-person meetup
28 Nov, 16:00 UTC - Mastering Kubernetes resource configuration | Dynatrace - 📍 Online webinar
28 Nov, 16:30 UTC - Kubernetes on bare metal | Göteborg - 📍 In-person meetup
28 Nov, 17:00 UTC - How HanseMerkuer consolidated 16 Kubernetes clusters into 4 with namespace-based microsegmentation | Tigera - 📍 Online webinar
28 Nov, 17:00 UTC - Overcoming the GPU shortage | CNCF Online Programs - 📍 Online meetup
28 Nov, 18:00 UTC - Introducing GKE enterprise: the next evolution of Kubernetes | Google - 📍 Online webinar
29 Nov, 05:30 UTC - GKE: How to better identify and mitigate cost centers? | IsraelClouds - 📍 Online webinar
28 Nov, 17:00 UTC - Optimizing resource usage in Kubernetes | JVM Group Stockholm - 📍 Online webinar
→ See all Kubernetes events
28 Nov, 16:00 UTC - Unlocking next-gen networking and security with Cilium service mesh in Kubernetes | Cloud Native and Kubernetes Oslo - 📍 In-person meetup
28 Nov, 16:00 UTC - Mastering Kubernetes resource configuration | Dynatrace - 📍 Online webinar
28 Nov, 16:30 UTC - Kubernetes on bare metal | Göteborg - 📍 In-person meetup
28 Nov, 17:00 UTC - How HanseMerkuer consolidated 16 Kubernetes clusters into 4 with namespace-based microsegmentation | Tigera - 📍 Online webinar
28 Nov, 17:00 UTC - Overcoming the GPU shortage | CNCF Online Programs - 📍 Online meetup
28 Nov, 18:00 UTC - Introducing GKE enterprise: the next evolution of Kubernetes | Google - 📍 Online webinar
29 Nov, 05:30 UTC - GKE: How to better identify and mitigate cost centers? | IsraelClouds - 📍 Online webinar
28 Nov, 17:00 UTC - Optimizing resource usage in Kubernetes | JVM Group Stockholm - 📍 Online webinar
→ See all Kubernetes events
Starting in two weeks:
🔥 Kubernetes Community Days Spain 2023 (KCD Spain)
📍 Online conference
📅 12 Dec
⏰ 12/12/2023, 15:00 UTC
→ Visit the website
🔥 Kubernetes Community Days Spain 2023 (KCD Spain)
📍 Online conference
📅 12 Dec
⏰ 12/12/2023, 15:00 UTC
→ Visit the website
Starting in two weeks:
🔥 Cassandra Summit (Linux Foundation)
📍 In-person conference
📅 12 Dec
⏰ 12/12/2023, 17:00 UTC
→ Visit the website
🔥 Cassandra Summit (Linux Foundation)
📍 In-person conference
📅 12 Dec
⏰ 12/12/2023, 17:00 UTC
→ Visit the website
Forwarded from LearnKube news
This week on the Learn Kubernetes Weekly:
🏎️ Kubernetes image proxy cache
🏃♀️ Kubernetes workloads to Graviton
📈 Memory settings for Java processes in Kubernetes
🙅 What is GitOps and why is it (almost) useless?
Read it now: https://learnk8s.io/issues/55
🏎️ Kubernetes image proxy cache
🏃♀️ Kubernetes workloads to Graviton
📈 Memory settings for Java processes in Kubernetes
🙅 What is GitOps and why is it (almost) useless?
Read it now: https://learnk8s.io/issues/55
🗓 Kubernetes events starting in the next 24 hours:
29 Nov, 15:30 UTC - How we run and manage Istio in Ovoko infrastructure | Cloud Native Lithuania - 📍 Online webinar
29 Nov, 16:00 UTC - Kubernetes certifications: AMA with Saiyam Pathak | Kubesimplify - 📍 Online webinar
29 Nov, 17:00 UTC - Cloud native application threat modeling and adversary emulation | CNCF Online Programs - 📍 Online webinar
29 Nov, 17:00 UTC - Apache Kafka on Kubernetes with Strimzi | Cloud Native Napoli - 📍 Online meetup
29 Nov, 17:00 UTC - Testing Kubernetes networking with k6 & data privacy and application security through Kubernetes Gateway Policies | Cloud Native Barcelona - 📍 In-person meetup
29 Nov, 18:30 UTC - Deploy SurrealDB to Kubernetes with GitOps | SurrealDB Social London - 📍 In-person meetup
30 Nov, 07:00 UTC - The transformative role of service mesh in legacy architectures | Cloud Native Sydney - 📍 Online meetup
30 Nov, 09:00 UTC - Build cloud native apps | Microsoft - 📍 Online workshop
30 Nov, 10:00 UTC - Implement runtime security in AKS | Tigera - 📍 Online workshop
30 Nov, 12:00 UTC - 🔥 DevSecOps 2023 | Conf42 - 📍 Online conference
→ See all Kubernetes events
29 Nov, 15:30 UTC - How we run and manage Istio in Ovoko infrastructure | Cloud Native Lithuania - 📍 Online webinar
29 Nov, 16:00 UTC - Kubernetes certifications: AMA with Saiyam Pathak | Kubesimplify - 📍 Online webinar
29 Nov, 17:00 UTC - Cloud native application threat modeling and adversary emulation | CNCF Online Programs - 📍 Online webinar
29 Nov, 17:00 UTC - Apache Kafka on Kubernetes with Strimzi | Cloud Native Napoli - 📍 Online meetup
29 Nov, 17:00 UTC - Testing Kubernetes networking with k6 & data privacy and application security through Kubernetes Gateway Policies | Cloud Native Barcelona - 📍 In-person meetup
29 Nov, 18:30 UTC - Deploy SurrealDB to Kubernetes with GitOps | SurrealDB Social London - 📍 In-person meetup
30 Nov, 07:00 UTC - The transformative role of service mesh in legacy architectures | Cloud Native Sydney - 📍 Online meetup
30 Nov, 09:00 UTC - Build cloud native apps | Microsoft - 📍 Online workshop
30 Nov, 10:00 UTC - Implement runtime security in AKS | Tigera - 📍 Online workshop
30 Nov, 12:00 UTC - 🔥 DevSecOps 2023 | Conf42 - 📍 Online conference
→ See all Kubernetes events
Starting in 3 months:
🔥 Open Source Camp on Kubernetes (NETWAYS)
📍 In-person conference
📅 27 Feb
⏰ 27/02/2024, 08:00 UTC
→ Visit the website
🔥 Open Source Camp on Kubernetes (NETWAYS)
📍 In-person conference
📅 27 Feb
⏰ 27/02/2024, 08:00 UTC
→ Visit the website
Starting in less than 24 hours:
🔥 DevSecOps 2023 (Conf42)
📍 Online conference
📅 30 Nov
⏰ 30/11/2023, 12:00 UTC
→ Visit the website
🔥 DevSecOps 2023 (Conf42)
📍 Online conference
📅 30 Nov
⏰ 30/11/2023, 12:00 UTC
→ Visit the website
🗓 Kubernetes events starting in the next 24 hours:
30 Nov, 16:00 UTC - 5 key insights from the 2023 state of production Kubernetes | Spectro Cloud - 📍 Online webinar
30 Nov, 17:00 UTC - Configuring security posture of workloads in AKS clusters | Tigera - 📍 Online workshop
30 Nov, 17:00 UTC - Building high-performance microservices with Go | Golang Athens - 📍 Online meetup
30 Nov, 23:00 UTC - Mutating Kubernetes by writing a webhook & Gateway API going GA | Cloud Native Toronto - 📍 In-person meetup
1 Dec, 10:30 UTC - Understanding Kubernetes services for better deployment | Cognixia - 📍 Online webinar
1 Dec, 14:00 UTC - A tour of the Cilium Helm values | eBPF Virtual User Group - 📍 Online meetup
30 Nov, 18:00 UTC - Achieving cloud maturity with Terraform and dynamic GitOps | Platform Engineers Atlanta - 📍 Online meetup
1 Dec, 07:00 UTC - 🔥 Kubernetes Community Days Utrecht 2023 | KCD Netherlands - 📍 In-person conference
→ See all Kubernetes events
30 Nov, 16:00 UTC - 5 key insights from the 2023 state of production Kubernetes | Spectro Cloud - 📍 Online webinar
30 Nov, 17:00 UTC - Configuring security posture of workloads in AKS clusters | Tigera - 📍 Online workshop
30 Nov, 17:00 UTC - Building high-performance microservices with Go | Golang Athens - 📍 Online meetup
30 Nov, 23:00 UTC - Mutating Kubernetes by writing a webhook & Gateway API going GA | Cloud Native Toronto - 📍 In-person meetup
1 Dec, 10:30 UTC - Understanding Kubernetes services for better deployment | Cognixia - 📍 Online webinar
1 Dec, 14:00 UTC - A tour of the Cilium Helm values | eBPF Virtual User Group - 📍 Online meetup
30 Nov, 18:00 UTC - Achieving cloud maturity with Terraform and dynamic GitOps | Platform Engineers Atlanta - 📍 Online meetup
1 Dec, 07:00 UTC - 🔥 Kubernetes Community Days Utrecht 2023 | KCD Netherlands - 📍 In-person conference
→ See all Kubernetes events
Starting in less than 24 hours:
🔥 Kubernetes Community Days Utrecht 2023 (KCD Netherlands)
📍 In-person conference
📅 1 Dec
⏰ 01/12/2023, 07:00 UTC
→ Visit the website
🔥 Kubernetes Community Days Utrecht 2023 (KCD Netherlands)
📍 In-person conference
📅 1 Dec
⏰ 01/12/2023, 07:00 UTC
→ Visit the website
This February attend the Kubernetes Community Days Brazil 🇧🇷 and extend your stay to enjoy the iconic Brazilian Carnival!
📆 24-24 of Feb
📍 Online and São Paulo, BR
More info: https://kube.events/t/fca77347-2776-4fd6-92aa-d70c0d43e0d8?s=16
📆 24-24 of Feb
📍 Online and São Paulo, BR
More info: https://kube.events/t/fca77347-2776-4fd6-92aa-d70c0d43e0d8?s=16
🗓 Kubernetes events starting in the next 24 hours:
1 Dec, 15:30 UTC - Certified Kubernetes administrator | Sick Leave Tomorrow - 📍 In-person workshop
1 Dec, 18:00 UTC - Running cross-architecture containers on GKE with Tau T2A | Istanbul Coders - 📍 Online meetup
2 Dec, 03:10 UTC - Devopsdays Recife | Devopsdays - 📍 In-person conference
2 Dec, 05:30 UTC - Are you deploying and scaling your Kubernetes workloads right? | Cloud Native Gurugram - 📍 In-person meetup
→ See all Kubernetes events
1 Dec, 15:30 UTC - Certified Kubernetes administrator | Sick Leave Tomorrow - 📍 In-person workshop
1 Dec, 18:00 UTC - Running cross-architecture containers on GKE with Tau T2A | Istanbul Coders - 📍 Online meetup
2 Dec, 03:10 UTC - Devopsdays Recife | Devopsdays - 📍 In-person conference
2 Dec, 05:30 UTC - Are you deploying and scaling your Kubernetes workloads right? | Cloud Native Gurugram - 📍 In-person meetup
→ See all Kubernetes events
Starting in a month:
🔥 90DaysOfDevOps (Michael Cade)
📍 Online conference
📅 1 Jan
⏰ 01/01/2024, 09:00 UTC
→ Visit the website
🔥 90DaysOfDevOps (Michael Cade)
📍 Online conference
📅 1 Jan
⏰ 01/01/2024, 09:00 UTC
→ Visit the website
Starting in two weeks:
🔥 Devopsdays Salvador (Devopsdays)
📍 In-person conference
📅 16 Dec
⏰ 16/12/2023, 12:00 UTC
→ Visit the website
🔥 Devopsdays Salvador (Devopsdays)
📍 In-person conference
📅 16 Dec
⏰ 16/12/2023, 12:00 UTC
→ Visit the website
🗓 Kubernetes events starting in the next 24 hours:
4 Dec, 01:00 UTC - cdCon Japan 2023 | Linux Foundation - 📍 In-person conference
4 Dec, 08:00 UTC - 🔥 European Cloud Summit | Cloud Summit - 📍 In-person conference
4 Dec, 13:00 UTC - DevOps Vision | NFJS Events - 📍 In-person conference
4 Dec, 12:00 UTC - 🔥 DevOpsCon Munich | S&S Media - 📍 Online & in-person conference
→ See all Kubernetes events
4 Dec, 01:00 UTC - cdCon Japan 2023 | Linux Foundation - 📍 In-person conference
4 Dec, 08:00 UTC - 🔥 European Cloud Summit | Cloud Summit - 📍 In-person conference
4 Dec, 13:00 UTC - DevOps Vision | NFJS Events - 📍 In-person conference
4 Dec, 12:00 UTC - 🔥 DevOpsCon Munich | S&S Media - 📍 Online & in-person conference
→ See all Kubernetes events
Starting in about a week:
🔥 DevOpsCon Singapore (S&S Media)
📍 Online & in-person conference
📅 11 Dec
⏰ 11/12/2023, 01:00 UTC
→ Visit the website
🔥 DevOpsCon Singapore (S&S Media)
📍 Online & in-person conference
📅 11 Dec
⏰ 11/12/2023, 01:00 UTC
→ Visit the website
Starting in less than 24 hours:
🔥 European Cloud Summit (Cloud Summit)
📍 In-person conference
📅 4 Dec
⏰ 04/12/2023, 08:00 UTC
→ Visit the website
🔥 European Cloud Summit (Cloud Summit)
📍 In-person conference
📅 4 Dec
⏰ 04/12/2023, 08:00 UTC
→ Visit the website
Starting in less than 24 hours:
🔥 DevOpsCon Munich (S&S Media)
📍 Online & in-person conference
📅 4 Dec
⏰ 04/12/2023, 12:00 UTC
→ Visit the website
🔥 DevOpsCon Munich (S&S Media)
📍 Online & in-person conference
📅 4 Dec
⏰ 04/12/2023, 12:00 UTC
→ Visit the website
🗓 Kubernetes events starting in the next 24 hours:
5 Dec, 04:00 UTC - Open Source Summit | Linux Foundation - 📍 In-person conference
5 Dec, 10:30 UTC - A new e-ra of Google Kubernetes Engine | Google - 📍 Online webinar
5 Dec, 11:30 UTC - Preview Environments: now everyone is part of the software development process | Hyderabad - 📍 In-person meetup
5 Dec, 01:00 UTC - Open Source Summit Japan 2023 | Linux Foundation - 📍 Online & in-person conference
5 Dec, 01:00 UTC - ContainerCon | Linux Foundation - 📍 In-person conference
5 Dec, 12:00 UTC - GitOpsCon Europe | Linux Foundation - 📍 Online conference
→ See all Kubernetes events
5 Dec, 04:00 UTC - Open Source Summit | Linux Foundation - 📍 In-person conference
5 Dec, 10:30 UTC - A new e-ra of Google Kubernetes Engine | Google - 📍 Online webinar
5 Dec, 11:30 UTC - Preview Environments: now everyone is part of the software development process | Hyderabad - 📍 In-person meetup
5 Dec, 01:00 UTC - Open Source Summit Japan 2023 | Linux Foundation - 📍 Online & in-person conference
5 Dec, 01:00 UTC - ContainerCon | Linux Foundation - 📍 In-person conference
5 Dec, 12:00 UTC - GitOpsCon Europe | Linux Foundation - 📍 Online conference
→ See all Kubernetes events
Starting in 2 months:
🔥 Kubernetes Community Days Kerala 2024 (KCD Kerala)
📍 In-person conference
📅 3 Feb
⏰ 03/02/2024, 03:30 UTC
→ Visit the website
🔥 Kubernetes Community Days Kerala 2024 (KCD Kerala)
📍 In-person conference
📅 3 Feb
⏰ 03/02/2024, 03:30 UTC
→ Visit the website
Forwarded from KubeFM
Helm is a popular tool for templating and packaging Kubernetes resources, but does it mean it's the best?
In this episode of KubeFM, Jacco draws a parallel between Helm and PHP and the similarity in which both tools became a success despite their focus on templating strings.
You will also learn:
- Helm's flaws and how you can avoid them.
- Alternative tools that can (partially) replace Helm.
- How to manage third-party packages and templating internal YAML resources.
Jacco shared several examples demonstrating duplication in Helm charts and a lack of structured typing.
Watch it here: https://kube.fm/helm-flawed-jacco
Listen on:
- Apple Podcast https://kube.fm/apple
- Spotify https://kube.fm/spotify
- Amazon Music https://kube.fm/amazon
- Overcast https://kube.fm/overcast
- Pocket casts https://kube.fm/pocket-casts
- Deezer https://kube.fm/deezer
In this episode of KubeFM, Jacco draws a parallel between Helm and PHP and the similarity in which both tools became a success despite their focus on templating strings.
You will also learn:
- Helm's flaws and how you can avoid them.
- Alternative tools that can (partially) replace Helm.
- How to manage third-party packages and templating internal YAML resources.
Jacco shared several examples demonstrating duplication in Helm charts and a lack of structured typing.
Watch it here: https://kube.fm/helm-flawed-jacco
Listen on:
- Apple Podcast https://kube.fm/apple
- Spotify https://kube.fm/spotify
- Amazon Music https://kube.fm/amazon
- Overcast https://kube.fm/overcast
- Pocket casts https://kube.fm/pocket-casts
- Deezer https://kube.fm/deezer