What’s Happening with Ingress-Nginx! - James Strong, Chainguard & Ricardo Katz, VMware
This presentation will discuss our plans for Ingress-nginx 2.0 release, breaking changes, new features, and deprecations. We will also discuss our plans for gateway API, CVE reduction, and other security updates coming to ingress-nginx. As always, we will provide a community update, roadmap, and other critical information attendees should know about the project. Please join us to learn all about the progress and future of ingress-nginx.
Are you using container images with hundreds of known vulnerabilities?
The majority of us are using images based on the Docker official images available on the Docker Hub. This includes base images – such as Debian and Ubuntu – as well as application images such as nginx and redis. Unfortunately these images often have hundreds of known vulnerabilities due to excessively large dependency trees with out-of-date packages. This security debt can lead to unnecessary security risks and slower development cycles.
ingress-nginx is an Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer. It’s not the NGINX inc controller… confusing, right? In this session we will discuss how the ingress-nginx controller works, how it differs from the NGINX inc controller, the release process, and how you can help contribute to the project!
One of the key values of GitOps relies on its fully declarative single source of truth in Git for the desired state of your entire system – configuration that continuously reconciles with the runtime of the system.
Validating committer identity in your Git repository is a critical component towards a secure GitOps solution. Although basic capabilities are provided by Git service providers, more granular controls for governance and compliance are a requirement to satisfy most enterprise grade implementations.
Life of a CVE with Ingress-Nginx; Understanding the Project’s Release Cycle - James Strong, Chainguard & Dylen Turnbull, Nginx INC
Speakers: Dylen Turnbull, James Strong
In 7 years, Ingress-nginx has had 221 releases, with over 6800 commits. To ensure stability and to test this highly configurable controller, the project has grown to over 400 e2e tests and helm chart tests across various kubernetes versions and deployment landscapes. We were 3/4 through our stabilization project in the last maintainer track we presented.
Understanding the Future of Ingress-nginx - James Strong, Chainguard & Ricardo Katz, VMware
Speakers: Ricardo Katz, James Strong
In this talk, we will present the survey results from our Ingress-nginx community survey. The survey’s goal was to know what we should be doing for future releases and how to prioritize features, bugs, or other issues important to the community. The ingress-nginx project is undergoing a stabilization project as well. This stabilization project has worked to increase the security, review and deprecate older features, and fix long-standing issues with the project.
Things got a little tense on this week’s podcast when James Strong (@strongjz, Co-Author of O’Reilly’s Networking & Kubernetes) hinted at DR being a thing of the past with K8s. Mr. Backups was having none of that. No blows were thrown, mostly because it was all online, but it was a really good conversation that K8s and DR enthusiasts alike will find interesting. We also cover the new book, Networking and Kubernetes, by James Strong and Vallery Lancey, including why the decided to write it, and what it covers.
Networking & Kubernetes: Book Review and Interview with Author James Strong By Amy Pravin Shah
As organizations undergo a digital transformation, cloud migration now more than ever remains a high priority for those looking to expand their business and remain top competitors in their field. But how do companies develop and deploy in the cloud without fear? What is really needed to secure your cloud accounts, and develop your engineers’ innovation all while adhering to industry-wide security best practices?
On Thursday, May 27th, discover the solution to those questions and more during our latest webinar where we present our unique framework, Cloud Guardian.
This past year Vallery Lancey and I have been working on a Kubernetes Networking Book.
I am proud to announce that we have an early release of Chapters 1-3 of the book available on O’Reilly Digital platform.
Kubernetes Networking is an essential guide for anyone who wants to deploy, manage, or troubleshoot a production-scale Kubernetes network.
Understanding Kubernetes clusters isn’t enough to operate Kubernetes at scale. Every layer of the stack–the network, operating system, and Kubernetes–depends on the layer below.
I’ve spent the last year created a course for A Cloud Guru. With 3.4 hours of content and 36 lessons, I look forward to your feedback. Here is my “Advanced Networking with Kubernetes on AWS” Course.
Since its release in 2014, Kubernetes has become the de-facto standard for container orchestration. Kubernetes is a distributed system for managing containers and its networking is no different. Many companies are deploying Kubernetes on-prem and in the cloud, both managed offerings and self-deployed.
Slides: https://www.slideshare.net/jstrong09/kubernetes-do-or-do-not-there-is-no-try
In this webinar Gregory Patmore and I covered:
Getting started with Kubernetes - laying the foundations for success Clusters: Set up, security and operations Best practices for container and Kubernetes adoption Securing containers Optimising application development in Kubernetes environments
KubeCon San Diego Recap
KubeCon had a great turnout this year with 12,000 attendees that filled the San Diego Convention center. Three things stood out to me: Security, Network, and Community.
The community was a big theme at this event and in many of the keynotes. From David’s talk about non-code ways to contribute to CNCF’s projects. Kelsey Hightower’s keynote on how we could never have done this as an individual or a single company.
JvB and James dicuss KubeCon and the evolution of the Kubernetes ecosystem at KubeCon North America 2019
Another year! Another amazing Code PaLOUsa come and gone.
Location This year Code PaLOUsa was at the Hyatt Regency, which is smack dap in the middle of downtown. This location makes it a perfect spot for all the speakers and conference-goers to experience some of the tourist spots in Louisville and still enjoy the conference.
Sessions The sessions were action-packed, as well. A (useful?) attribute of a conference is the level of difficulty for goers to decide which speakers to see!
I have begin working on Deep Dive into Kubernetes Networking, Let me know your thoughts about what you want to see.
https://strongjz.github.io/k8-networking/#/
In April, we kicked off [Kubernetes and Cloud Native Computing Louisville](https://www.meetup. com/Kubernetes-and-Cloud-Native-Computing-Louisville/)
I presented an “Intro to Kubernetes”, here is a link to the presentation
More about that Meetup here
Recording
The inaugural Kubernetes and Cloud Native Computer Louisville will be on April 4th. I will be presenting an “Intro to Kubernetes”
https://www.meetup.com/Kubernetes-and-Cloud-Native-Computing-Louisville/events/259202067/
At Dev Nexus 2018 my co-worker, Adarsh, and I led a workshop “Introduction to Kubernetes”
Introduction to Kubernetes is a hands-on, interactive workshop giving attendees a thorough understanding of the fundamentals of Kubernetes. As part of this workshop, you will learn how Kubernetes works, be able to successfully create a kubernetes cluster, deploy microservices to that cluster & also hear about some war stories.
https://contino.github.io/intro-k8/
Developer density @devnexus!
First class speakers!
On December 29th I completed my final goal of the year - I passed the CKA.
TL;DR This is a list of the bare minimum necessary to try to pass.
Do Kelsey Hightower’s tutorial Kubernetes The Hard Way at least three times! Understand it, internalize it. Do all the tasks on https://kubernetes.io/docs/tasks/ Read Kubernetes in Action by Marko Luksa Also practice, practice, and practice. Did I mention practice? This is a practical exam, no multiple choice questions here.