Cloud Native Digest: Better Security with ChatGPT
While ChatGPT has grabbed negative headlines recently due to cybercriminals’ use of the technology to strengthen attacks, it can also be a formidable asset for cyber defense, helping companies maximize their security posture while promising to bridge any skills gaps in their workforce.
The Cloud Security Alliance (CSA) recently published a white paper examining ChatGPT’s offensive and defensive potential in detail. CSA technical research director Sean Heide, one of the paper’s authors, said one key strength of the tool is that it allows users to simply ask in natural language for a specific attribute they need written for a task, or to make tasks more efficient with new suggestions.
Open source projects worth checking out
Caretta
Caretta is a lightweight, standalone tool that instantly creates a visual network map of the services running in your cluster.
Carreta leverages eBPF to efficiently map all service network interactions in a K8s cluster, and Grafana to query and visualize the collected data.
Github: https://github.com/groundcover-com/caretta
kubespawner
The kubespawner (also known as JupyterHub Kubernetes Spawner) enables JupyterHub to spawn single-user notebook servers on a Kubernetes cluster.
GitHub: https://github.com/jupyterhub/kubespawner
kubecfg
A tool for managing Kubernetes resources as code.
kubecfg allows you to express the patterns across your infrastructure and reuse these powerful “templates” across many services, and then manage those templates as files in version control. The more complex your infrastructure is, the more you will gain from using kubecfg.
GitHub: https://github.com/kubecfg/kubecfg
Technical recommendations
Spring Boot (3) Spring Native (GraalVM) with Kubernetes & Istio
This article provides an overview of how to build applications based on Kubernetes and Istio using Spring Boot 3, Spring Native, and GraalVM. Specifically, the author discusses how to build natively supported Kubernetes applications using Spring Boot 3’s Spring Native feature, and how to optimize Java applications for performance using GraalVM.
Learn more: https://tafadzwalnyamukapa.medium.com/spring-boot-3-spring-native-graalvm-with-kubernetes-istio-c26687185366
How to Deploy a Containerized Node.js App on a Kubernetes Cluster
This article provides an overview of how to deploy a containerized Node.js API application using Kubernetes. The author starts by discussing how to build and package the application using Docker containers, and then covers how to schedule and deploy the application using Kubernetes. This includes discussing how to use kubectl commands to manage Kubernetes clusters, and how to use Kubernetes resource files to define the deployment and configuration of the application.
Learn more: https://medium.com/@amanymounas/how-to-deploy-a-containerized-node-js-api-using-kubernetes-8192c54ec465
Contract Testing on Kubernetes with Microcks
This article provides an overview of how to perform contract testing on Kubernetes using the Microcks tool. The article first introduces what contract testing is, and the benefits of performing contract testing on Kubernetes. It then covers how to install and configure a contract testing environment using Microcks, and how to execute contract tests using Microcks. The article also provides some best practices, such as how to set up fault tolerance, how to set the order of test cases, and how to monitor the application’s health during the testing process.
Learn more: https://piotrminkowski.com/2023/05/20/contract-testing-on-kubernetes-with-microcks/
What’s new in cloud native
Azure Container Storage Now in Public Preview
Microsoft recently announced the public preview of Azure Container Storage, a volume management service built natively for containers.
Azure Container Storage provides a consistent management experience across different storage offerings, including a managed option (backed by Azure Elastic SAN), Azure Disks, and ephemeral disks on container services — intended to simplify the deployment of persistent volumes. Previously, customers had to use individual container storage interface (CSI) drivers to offer cloud storage for containers, causing various operational issues regarding application availability, performance, cost, usability, and stability.
OpenTelemetry Updates Lambda Support
The Functions-as-a-Service (FaaS) SIG is incredibly excited to announce that the release of OpenTelemetry Lambda layers, and associated documentation on how to monitor Amazon Web Services (AWS) Lambdas.
Expanding the Headlamp Project
Up until the last release ( 0.16.0 ), Headlamp shipped as a basic Kubernetes Web UI that could be extended by creating plugins.
Starting with the 0.17.0 release, Headlamp ships with plugins that extend the base Kubernetes UI experience. This transforms the project into two concepts:
- Headlamp Base: This is a “vanilla” build, that does not include any plugins and can be used as a foundation to build your own Kubernetes Web UIs. This version can easily be built by following the build instructions .
- Headlamp: This is what we package as a release for users and includes Headlamp Base plus plugins that provide a more complete Kubernetes web UI experience.
Both versions are open, free, and downloadable/installable just like Headlamp has always been. And plugins that we ship with Headlamp will all be open source. So, to be very clear, this is not an “open core” approach.
About KubeSphere
KubeSphere is an open source container platform built on top Kubernetes with applications at its core. It provides full-stack IT automated operation and streamlined DevOps workflows.
KubeSphere has been adopted by thousands of enterprises across the globe, such as Aqara, Sina, Benlai, China Taiping, Huaxia Bank, Sinopharm, WeBank, Geko Cloud, VNG Corporation and Radore. KubeSphere offers wizard interfaces and various enterprise-grade features for operation and maintenance, including Kubernetes resource management, DevOps (CI/CD), application lifecycle management, service mesh, multi-tenant management, monitoring, logging, alerting, notification, storage and network management, and GPU support. With KubeSphere, enterprises are able to quickly establish a strong and feature-rich container platform.
To stay updated, visit our official website or follow us on Twitter.
