cncn | Coffee and Cloud Native

Coffee and Cloud Native - E125

Mar 5, 2021 operations security

Using Encrypted OCI Artifacts for Kubernetes Secrets

Join Shipwreck as he explores how to use encrypted OCI artifacts as an alternative Kubernetes secrets store. It’s a solution that doesn’t involve the cloud, isn’t overly complex, and uses resources that you already have available.

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.
Coffee and Cloud Native - E122

Feb 26, 2021 gitops automation operations security

Here at CNCN Headquarters we want to make Kubernetes easier for you to use. Jason Skrzypek is working on an environment that uses GitOps (via Rancher Fleet), Loft, Rancher, and Kubernetes to create isolated environments that behave like full clusters. The goal is to enable CNCN community members to participate in the Friday episodes with your own virtual cluster that you can use to follow along.

In today’s episode, he shows off some of what he’s built, and while there are still some bits to finalize, the progress is amazing.

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Coffee and Cloud Native - E121

Feb 25, 2021 operations education community rancher security development observability

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
14:26	Who can remember everything that cURL can do? Here’s a cheat sheet for the low low price of an email address.	☕️☕️☕️
17:19	Kubernetes makes it easy to do host upgrades with minimal downtime. salesforce took it a step further and wired ASG events into Lambda to handle draining nodes before termination.	☕️☕️☕️☕️
21:24	Free scenario-based Kubernetes training from freeCodeCamp.	☕️☕️☕️☕️
23:55	Anyone from the Rancher community want to help praqma update their KVM scripts to use Helm v3 and the latest cert-manager?	☕️☕️☕️☕️
27:02	Did you know that you can reclaim lost access to an EKS cluster by creating an IAM user with the same name as the one that launched it?	☕️☕️☕️☕️
29:50	A foray into the world of MS Dynamics365, Azure DevOps, and source control.	☕️☕️☕️
32:54	Tool of the Day: Convert Kyverno PolicyReportResults to Grafana dashboards via Prometheus and Loki, from FrankJogeleit	☕️☕️☕️☕️☕️

Coffee and Cloud Native - E120

Feb 23, 2021 pwny pwny operations automation education security development orchestration

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
6:18	Endgame takes a privileged AWS account and pwns all accessible resources. Hopefully this gets AWS to step up their game for reporting of over-privileged accounts.	☕️☕️☕️☕️
12:28	An interesting use of Helm to take laborious Kubernetes tasks and make them easier. By doing so they’re more likely to actually get done.	☕️☕️☕️☕️
16:10	Crio.Do wants to help developers grow their skills while keeping learning fun.	☕️☕️☕️
18:55	localstack mocks all AWS services locally for development. The free tier is generous, and the paid tier is comprehensive.	☕️☕️☕️☕️
20:35	A quick-and-dirty guide for using kube-bench with EKS, with a lead into AWS Security Hub and the Tool of the Day	☕️☕️☕️☕️
23:09	Terrible combines Terraform with ansible to create IaC for KVM/QEMU environments. This is a great demonstration of using the right tool for the right job.	☕️☕️☕️☕️
25:19	It’s easy to mock PHP for not being Go or Python or Rust, but that’s not why it was created. For those who have invested in PHP, Laravel has a library for managing Kubernetes resources.	☕️☕️
26:57	Tool of the Day: Cloud Custodian is like Kyverno for public cloud infrastructure.	☕️☕️☕️

Coffee and Cloud Native - E119

Feb 19, 2021 operations orchestration

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

In today’s episode of Shipwreck’s Sunken Treasure, Jason introduces us to Nixery.

Coffee and Cloud Native - E118

Feb 18, 2021 random orchestration security virtualization operations ci/cd

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
4:51	The utility known as z is a great complement to command frecency available in the fish shell.	☕️☕️☕️☕️
7:52	Another great article from learnk8s, this time on how to use multi-container Pods to extend app functionality in Kubernetes.	☕️☕️☕️☕️☕️
11:52	Some companies thank early adopters by supporting them. LastPass did it by crippling functionality to force users to pay. Drop LastPass and use BitWarden instead.	☕️☕️
15:27	At last, pfsense 2.5 arrives with support for WireguardVPN and other great features. Yummy!	☕️☕️☕️☕️
17:48	A fantastic article on both the WHY and the HOW of deploying Falco on Kubernetes.	☕️☕️☕️☕️
20:37	Utilities to easily control the virtualization framework on macOS.	☕️☕️
22:11	Using websocket connections as the custom metric for HPA in Kubernetes.	☕️☕️☕️☕️
23:24	Using GitHub Actions for canary deployments in Azure Kubernetes	☕️☕️☕️☕️
27:01	Tool of the Day: Hydra is a complete, open, powerful auth engine, written in Go, with libraries for any other language.	☕️☕️☕️☕️

Coffee and Cloud Native - E117

Feb 16, 2021 operations infrastructure development education CI/CD

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
3:11	This operator manages low-prio workloads to speed up cluster autoscaling in Kubernetes	☕️☕️☕️
5:03	IntoVPS now has a managed Kubernetes offering and could be a good low-cost home for private clusters.	☕️☕️☕️
7:26	An intro into combining ‘and’ with ‘or’ in shell scripts for more-powerful one-liners.	☕️☕️☕️☕️
9:57	Check out this new Terraform course from Techworld With Nana. 30% off for early registrants!	☕️☕️☕️☕️
11:16	I’m a huge fan of Aurelie Vache and her sketchnotes. She has books of them available now!	☕️☕️☕️☕️
12:49	Digger makes it easy for developers to deploy apps to AWS, with integrated Terraform, CI, and sandbox environments for rapid feedback.	☕️☕️☕️☕️
17:04	Pushing GitHub Actions beyond their limits and returning unscathed:	☕️☕️☕️
21:54	Here’s an article showing how to think about recursive problems. When you solve the simple part, the hard part solves itself.	☕️☕️☕️☕️
24:41	Multiple ways to create Python virtual environments. Pipenv looks like a winner for my use cases.	☕️☕️☕️
27:14	Tool of the Day: ksync combines syncthing with Kubernetes for real-time feedback as you build your apps.	☕️☕️☕️☕️

Coffee and Cloud Native - E116

Feb 12, 2021 development operations

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

In today’s episode of Shipwreck’s Sunken Treasure, Jason Skrzypek discusses the basic components of the Kubevela PaaS framework and performs a small demonstration to reveal the hidden potential in the service mesh realm.

Coffee and Cloud Native - E115

Feb 11, 2021 networking security operations education random

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
5:47	meshrr is a new utility for creating BGP route reflectors within Kubernetes using JuniperNetworks containerized routing protocol daemon	☕️☕️☕️☕️
9:52	never suffer with Kubernetes NetworkPolicy objects again. ZOMG thank you ciliumproject!	☕️☕️☕️☕️☕️
14:16	Registration opens today for the DevSlop CTF event to learn how to deploy microservices with Kubernetes	☕️☕️☕️
15:45	Docker donated the project behind Docker Hub to the CNCF. Did they do it to be altruistic or to save money? Who cares - we all benefit. Thanks, Docker!	☕️☕️☕️
18:39	iPerf is your own personal inter-host SpeedTest. Use it to find Wifi dead zones or to test throughput over VPNs or in virtualized networks.	☕️☕️☕️☕️
21:02	Whenever I read about researchers working in quantum computing, I feel like I know nothing about anything.	☕️☕️☕️
23:49	We’re all still remote, and whiteboards are still essential. Here’s a breakdown of the available options.	☕️☕️
24:57	Seventh article of an exploratory series describing Kubernetes and its usage, focusing on access control.	☕️☕️☕️☕️☕️
26:55	Tool of the Day: NoRouter is a multi-tool for multi-host and multi-cloud networking that requires no special privileges.	☕️☕️☕️☕️

Coffee and Cloud Native - E114

Feb 9, 2021 storage orchestration pwny pwny security operations networking development observability

For same-day access to replays and links to the referenced content, please join the free CNCN Community site.

Timestamp	Description / Link	Community Rating
3:46	An awesome article from a community member about OpenEBS, Rancher, RKE, and the NFS Server Provisioner.	☕️☕️☕️☕️☕️
4:57	TeamTNT is at it again, cryptojacking your Kubernetes clusters. You have to really work hard to make it easy for them, though.	☕️☕️☕️☕️
8:36	How hard is it to pwn a Kubernetes cluster through the kubelet? Easier than you think.	☕️☕️☕️☕️
13:51	kubeaudit can help identify Kubernetes misconfigurations that could cost you dearly.	☕️☕️☕️☕️☕️
15:22	Where Kubernetes complexity lets you down, Boundary can step in and simplify your life with solid RBAC controls for clusters and the underlying substrate.	☕️☕️☕️☕️☕️
18:26	Bion Consulting is offering free audits of Kubernetes clusters as an intro to their security service offerings.	☕️☕️☕️☕️
20:04	New features in k0s are taking shape around their goals to be the “frictionless” Kubernetes distro.	☕️☕️☕️
21:41	This article demonstrates how Traefik Ingress can be implemented as an entry point to an Istio service mesh.	☕️☕️☕️
23:28	Garden wants to solve the elusive problems developers face with Kubernetes by easing the transition between dev and prod in local testing and CI environments.	☕️☕️☕️☕️
25:56	This is the first in a series of AWESOME AWESOME AWESOME articles from codefresh on Kubernetes anti-patterns. This isn’t rehashed content. Read it and I guarantee you’ll learn something new.	☕️☕️☕️☕️☕️
27:32	Tool of the Day: This K8s operator creates UptimeRobot monitors for Kubernetes Ingresses. uptime_robot will you please gift Max a Pro account so he can test the Pro features?	☕️☕️☕️☕️☕️

- 1
- 2
- 3
- 13