Ask Sendai

Kubernetes is a remarkable success story: A container orchestration technology that made its first public appearance barely three years ago now plays a pivotal role at thousands of organizations that have adopted container-based application architectures. Perhaps the most amazing thing about Kubernetes, however, isn’t what it’s accomplishing today—it’s that we’re just getting started! If current trends hold, within a few more years we expect to see customers deploying container orchestration on a scale far surpassing how most organizations deploy it today.

The growth and innovation in the Kubernetes project, since it first launched just over four years ago, has been tremendous to see. In part 1 of my blog, I talked about how Red Hat has been a key contributor to Kubernetes since the launch of the project, detailed where we invested our resources and what drove those decisions. Today, that innovation continues and we are just as excited for what comes next.

Usually, when you’re a leader in an open-source community like Kubernetes and there’s a big event (like this week’s KubeCon North America), that means launching a brand new project. Launches are exciting, but maintaining a successful project like Kubernetes requires sustained investment and maintenance. We find that what really distinguishes a successful open-source project is the day-in day-out nurturing that happens behind the scenes. And it’s more than coding—it’s things like keeping the project safe and inclusive, writing documentation, managing test infrastructure, responding to issues, working in project governance, creating mentoring programs, reviewing pull requests, and participating in release teams.

As we approach the end of another year for Red Hat OpenShift and Kubernetes, and another Kubecon, which I believe will be even bigger than the last, it’s a great time to reflect on both where we’ve been and where we’re going. In this blog I will look back over the past 4+ years since Red Hat first got involved in the Kubernetes project, where we have focused our contributions and the key decisions that got us to this point.

Knative, the open-source framework that provides serverless building blocks for Kubernetes, is on a roll, and GKE serverless add-on, the first commercial Knative offering that we announced this summer, is enjoying strong uptake with our customers. Today, we are announcing that we’ve updated GKE serverless add-on to support Knative 0.2. In addition, today at KubeCon, RedHat, IBM, and SAP announced their own commercial offerings based on Knative. We are excited for this growing ecosystem of products based on Knative.

To start this off, I want to make it totally clear, that I think mTLS in Istio is a pretty awesome feature, almost a unique selling point for Istio. But it also has some pitfalls, that can be hard to spot. And yes, this is documented, but it took me a while to understand anyway. In this article I want to provide some information about setup, but also about debugging.

Booking.com is proud to announce the first public release of Shipper, an open source project that provides powerful, customizable rollouts to one or manyKubernetes clusters. Shipper uses Helm charts and native Kubernetes concepts to make it easy for anyone to set up blue/green or canary rollouts for their applications. The current release uses vanilla Kubernetes traffic shifting, so you don’t need a service mesh provider to get started. We intend to add support for other traffic shifting backends like Istio in the coming months.

Did you know there is more than one NGINX Ingress controller for Kubernetes? You do now. We help you figure out which one makes sense for you, based on their differences around authorship, development philosophy, production readiness, security, and support. Source: nginx.com

Container security orchestration allows to define within your security policy how you are going to respond to your different container security incidents. These responses can be automated in what is called security playbooks. This way, you can define and orchestrate multiple workflows involving different software both for sourcing and responding. This is how Falco and Splunk Phantom can be integrated together to do this. Phantom is a security orchestration platform, part of Splunk product portfolio.

Today we’re very happy to announce the release of Linkerd 2.1. This is our first stable update to 2.0, and introduces a host of goodies, including per-route metrics, service profiles, and a vastly improved dashboard UI. We’ve also added a couple exciting experimental features: proxy auto-injection, single namespace installs, and a high-availability mode for the control plane. Source: linkerd.io