Cloud Drops Episode #004 - Security Security Security

Backstage joins CNCF Incubator - an open platform for building developer portals maintained by a global community. It unifies an organization’s tooling, services, apps, data, and docs into a single, consistent UI that allows developers to easily create, manage, and explore software. Backstage is used by 100 publicly listed adopting companies , including American Airlines, Expedia Group, HelloFresh, Netflix, Peloton, Roku, Splunk, Wayfair, Zalando, and more. Adoption ranges across various companies and industries, including retail, gaming, financial services, manufacturing, and government. It also has a thriving open source community of over 500 developers submitting PRs, adding new features, and building plugins. More on Backstage

• Cloud Native Computing Foundation Unveils Schedule for KubeCon + CloudNativeCon Europe 2022

• Google admits Kubernetes container tech is so complex, it's had to roll out an Autopilot feature to do it all for you

Technical

• CISA updated: Kubernetes hardening guide

  CISA Staff

• Announcing automated multi-cluster failover for Kubernetes

  Alejandro Pedraza, Buoyant

• Security: Using pod security standard “restricted”

  Daniel Holbach, Flux

• Can You Detect Kubernetes Runtime Vulnerabilities

  Cisco

• Moving and Building Container Images, The Right Way

  Jason Hall

• Triaging a malicious docker container

  Nicolas Lang, Sysdig

• New Vulnerability in CRI-O Engine Lets Attackers Escape Kubernetes Containers

  Ravie Lakshmanan

• What Are Kubernetes Persistent Volumes and Persistent Volume Claims (PVC)?

  Chris Short

• Leveraging OpenTelemetry to democratize Cloud Spanner Observability

  Mohit Gulati & Mayank Khanwalker, Google

• Kubernetes Vault Integration via Sidecar Agent Injector vs. CSI Provider

  HashiCorp

• ZARF - simplifies the setup & administration of air-gapped kubernetes clusters

• Securing your site via OIDC, powered by Kong and KeyCloak

  Robin Cher

• Karpenter - EKS best practices guides

  Karpenter Project

• Kubernetes is so Simple You Can Explore it with Curl

  Nick Santos

• Kubernetes security - Control pod to pod communications with Cilium network policies

  Charles-Edouard Brétéché

• NSA and CISA: Here's how to improve your Kubernetes cluster security

  ZDNET

• Argo, with Jesse Suen

  Craig Box, Kubernetes Podcast from Google

• Canonical: OpenStack is dead, long live OpenStack

  Liam Proven

• Kubernetes Version 1.23: What's New for Security? 

  Aqua

• SPIRE: Intro & Deep Dive Into Windows Support

• Make the Secure Kubernetes Supply Chain Work for You

• Service Mesh at Scale: How Xbox Cloud Gaming Secures 22k Pods with Linkerd Thursday, May 19 • 17:25 - 18:00

• Kubectl Cheatsheet

https://twitter.com/datacouch_io/status/1503747017356775426?ref_src=twsrc^tfw|twcamp^tweetembed|twterm^1503747017356775426|twgr^|twcon^s1_c10&ref_url=https%3A%2F%2Fkubelist.com%2F

https://jimmysong.io/kubernetes-handbook/guide/using-kubectl.html

• 6 CNCF Projects for CI/CD

  Bill Doerrfeld, Container Journal

• Inside the Numbers: The KubeCon + CloudNativeCon selection process for Europe 2022

  CNCF

• CNCF Annual Survey Report Review: The state of cloud and Kubernetes

  Leon Adato, New Relic

• Cloud Native Observability Microsurvey: Prometheus leads the way, but hurdles remain to understanding the health of systems

  CNCF

Online Webinars

• Using Kanister for logical backup of PostgreSQL

   Vivek Singh, InfraCloud Technologies 

Securing microservices using Let's Encrypt

Angel Ramirez, Cuemby

Live Learning

• March 22: From pipelines to supply chains: Level up with supply chain choreography Christian Posta, Solo.io - RSVP

Cloud Native Live

• March 23: Service Mesh in production 101 with LinkerdJason Morgan, Buoyant - RSVP

On demand webinars

• March 24: Extend Falco with plugins: Trigger alerts with any stream of events Thomas Labarussias, Sysdig - RSVP

• March 24: Easily find the needle in your Kuberenetes traffic haystack with Mizu Refael Botbol Weiss, UP9 - RSVP

• March 24: The future of observability Dave Anderson, ScoutAPM - RSVP

• March 21: Microservices Security Pattern in Kubernetes (East-West traffic) NGINX

Live syft-ing through top 25 containers - What will we uncover?

Josh Bressers, Anchore

DevOps Roadmap

U.S. Cybersecurity Modernization, SBOM Explosions and More

The New Stack

VMware Joins Innovation Community at SXSW 

vmware & Tanzu were on display at SXSW for a series of talks related to DoD and technology. While the talks were closed to those with official passes FedSuperNova had these same talks a few months earlier and they are definitely worth checking out

Transforming Soldiers Into Software Engineers

Building an Outcomes-based DoD Software Culture

Why Climate Change Can’t Knock Our Lights Out

https://octo.vmware.com/vmwares-palo-alto-community-microgrid-proof-concept-comes-life/

https://www.statesman.com/story/business/2022/03/20/sxsw-vmware-pitches-microgrids-keep-power/9444314002/

7 years ago Brenden Burns was out SXSW

Envoy Community Meeting

The Envoy mobile team meets weekly on Thursday at 11am PT. The meeting and zoom link are on the Envoy calendar here

• Meeting minutes are here

Free Books

Container Security - Aqua

Liz Rice

Kubernetes security and observability - Tigera

Brendan Creane & Amit Gupta

Service Mesh for Mere Mortals

Bruce Basil Mathews