Date: Tue, 11 Dec 2018 19:45:22 +0000
<p>The Envoy proxy, a universal data plane for Cloud Native, has just graduated as the third top-level project in the CNCF. <a href="https://kubernetespodcast.com/about">Craig and Adam</a> talk to its author, <a href="https://twitter.com/mattklein123/">Matt Klein</a> from <a href="https://eng.lyft.com/">Lyft</a>, about modern load balancing for microservices and pragmatically avoiding “second system” syndrome.</p> <p>Do you have something cool to share? Some questions? Let us know:</p> <ul> <li>web: <a href="https://kubernetespodcast.com">kubernetespodcast.com</a></li> <li>mail: <a href="mailto:kubernetespodcast@google.com">kubernetespodcast@google.com</a></li> <li>twitter: <a href="https://twitter.com/kubernetespod">@kubernetespod</a></li> </ul> <h3 id="news-of-the-week">News of the week</h3> <ul> <li><a href="https://github.com/kubernetes/kubernetes/issues/71411">CVE-2018-1002105: proxy request handling in kube-apiserver can leave vulnerable TCP connections</a> <ul> <li><a href="https://gravitational.com/blog/kubernetes-websocket-upgrade-security-vulnerability/"> Gravitational write up</a></li> <li><a href="https://github.com/evict/poc_CVE-2018-1002105">Proof of concept</a></li> <li><a href="https://blog.binaryedge.io/2018/12/06/kubernetes-being-hijacked-worldwide/"> More cryptocurrency mining with exploited Kubernetes clusters</a></li> </ul> </li> <li>Microsoft Connect(); <ul> <li><a href="https://azure.microsoft.com/en-us/blog/bringing-serverless-to-azure-kubernetes-service/"> AKS virtual nodes are in preview</a></li> <li><a href="https://github.com/virtual-kubelet/virtual-kubelet">Virtual Kubelet</a> joins CNCF</li> <li><a href="https://docs.microsoft.com/azure/container-instances/container-instances-gpu"> GPU support for ACI</a></li> <li><a href="https://azure.microsoft.com/en-us/updates/azure-container-service-will-retire-on-january-31-2020/"> ACS to be retired</a> in favour of AKS</li> <li>Cloud Native Application Bundle <ul> <li><a href="https://cloudblogs.microsoft.com/opensource/2018/12/04/announcing-cnab-cloud-agnostic-format-packaging-running-distributed-applications/"> Microsoft and Docker introduce Cloud Native Application Bundle</a></li> <li><a href="https://cnab.io/">CNAB spec</a></li> <li><a href="https://duffle.sh/">Duffle</a></li> </ul> </li> </ul> </li> <li>DockerCon EU 2018: <ul> <li><a href="https://blog.docker.com/2018/12/simplifying-kubernetes-with-docker-compose-and-friends/"> Docker releases Compose operator for Kubernetes</a> <ul> <li><a href="https://github.com/docker/compose-on-kubernetes">Available on GitHub</a></li> </ul> </li> <li><a href="https://blog.docker.com/2018/12/introducing-desktop-enterprise/">Docker Desktop Enterprise</a></li> </ul> </li> <li><a href="https://www.hashicorp.com/blog/vault-1-0">Hashicorp Vault 1.0</a></li> <li><a href="https://blog.upbound.io/introducing-crossplane-open-source-multicloud-control-plane/"> Upbound introduce Crossplane</a> <ul> <li><a href="https://github.com/crossplaneio/crossplane">Available on GitHub</a></li> <li><a href="https://about.gitlab.com/2018/06/25/moving-to-gcp/">GitLab moving to GKE</a></li> </ul> </li> <li><a href="https://github.com/rook/rook/releases/tag/v0.9.0">Rook 0.9.0</a> — available you-guessed-where</li> <li>MicroK8s from Canonical: <ul> <li><a href="https://blog.ubuntu.com/2018/12/06/canonical-launches-microk8s-deploy-kubernetes-in-seconds"> Announc4t</a></li> <li><a href="https://microk8s.io/">Project p2e</a></li> <li><a href="https://github.com/ubuntu/microk8s">Available on G5b</a></li> </ul> </li> </ul> <h3 id="links-from-the-interview">Links from the interview</h3> <ul> <li><a href="https://envoyproxy.io">Envoy</a> <ul> <li><a href="https://blog.envoyproxy.io/envoy-graduates-a6f71879852e">Recently graduated to top-level project at the CNCF</a></li> <li>Built at <a href="https://eng.lyft.com/">Lyft</a></li> <li>Replaces libraries like <a href="https://twitter.github.io/finagle/">Finagle</a> and <a href="https://github.com/Netflix/Hystrix">Hystrix</a></li> <li><a href="https://blog.envoyproxy.io/introduction-to-modern-network-load-balancing-and-proxying-a57f6ff80236"> Introduction to modern network load balancing and proxying</a></li> </ul> </li> <li><a href="https://envoy.devstats.cncf.io/d/4/companies-stats?orgId=1&from=now-6M&to=now"> Envoy contributors</a></li> <li><a href="https://istio.io">Istio</a>, built on Envoy</li> <li>Turning down the VC money: <a href="https://medium.com/@mattklein123/optimizing-impact-why-i-will-not-start-an-envoy-platform-company-8904286658cb"> Why Matt isn’t starting an Envoy company</a></li> <li><a href="https://blog.envoyproxy.io/service-mesh-data-plane-vs-control-plane-2774e720f7fc"> Service mesh data plane vs. control plane</a></li> <li><a href="https://twitter.com/mattklein123/">Matt Klein</a> on Twitter</li> <li><a href="https://medium.com/@mattklein123">Matt’s blog</a></li> </ul>
