Cloud Native Digest: Crossplane Completes Security Audit

Open source projects worth checking out

OpenKruiseGame

OpenKruiseGame (OKG) is a multicloud-oriented, open source Kubernetes workload specialized for game servers. It is a sub-project of the open source workload project OpenKruise of the Cloud Native Computing Foundation (CNCF) in the gaming field. OpenKruiseGame makes the cloud-native transformation of game servers easier, faster, and stabler.

Kubernetes Jobs Manager Operator

This operator is responsible for managing the lifecycle of complicated workflows which consist of multiple jobs and making their management easy, without need for dozens of yaml files and doing magic with ordering.

Kanister

Kanister is a data protection workflow management tool. It provides a set of cohesive APIs for defining and curating data operations by abstracting away tedious details around executing data operations on Kubernetes. It’s extensible and easy to install, operate and scale.

KWOK

KWOK (Kubernetes WithOut Kubelet) is a toolkit that enables setting up a cluster of thousands of Nodes in seconds. Under the scene, all Nodes are simulated to behave like real ones, so the overall approach employs a pretty low resource footprint that you can easily play around on your laptop.

Technical recommendations

Build a Modern Platform with Crossplane, Anthos and ArgoCD: The Future of Infrastructure Management

This article explores how to take a GitOps approach with Crossplane to simplify the deployment and maintenance of modern cloud platforms. By leveraging the principles of Kubernetes and focusing on traceability, collaboration and configuration drift detection, Crossplane offers an attractive alternative to traditional solutions such as Terraform.

Disaster Recovery on Kubernetes and Container Registry

This article discusses how to achieve disaster recovery on Kubernetes and container registry. The article first introduces the concept of disaster recovery, including its importance and implementation in cloud environments. Then, the article explains the basic concepts of Kubernetes and container registry and their importance in containerized workflows. The article then discusses in detail the strategies and practices for achieving disaster recovery on Kubernetes and container registry, including backup and restore, data replication, disaster recovery planning, and multi-cluster deployment. Additionally, the article lists possible risks, such as natural disasters, security vulnerabilities, container image vulnerabilities, Kubernetes secret leaks, and runtime threats, and provides corresponding solutions. Finally, the article summarizes the importance of achieving disaster recovery on Kubernetes and container registry and emphasizes the importance of disaster recovery plans in ensuring business continuity, improving system security, reducing recovery costs, and ensuring customer retention.

What’s new in cloud native

Kubeflow brings MLOps to the CNCF Incubator

The CNCF Technical Oversight Committee (TOC) has voted to accept Kubeflow as a CNCF incubating project.

Kubeflow is an open source, community-driven project for deploying and managing a Machine Learning (ML) stack on Kubernetes. The Kubeflow community actively develops and supports Kubernetes-native MLOps for its users who develop and deploy distributed machine learning (ML) in popular frameworks, including TensorFlow, PyTorch, XGBoost, Apache MXNet, and more.

Crossplane Completes Security Audit

The Crossplane project has spent the last couple months partnering with Ada Logics, an independent third party security research firm, as well as the CNCF and the OSTIF, to perform a security audit of the project. We are excited to announce today that the security audit is officially complete and the full report and findings are available for the public in the Crossplane repository. Completing this thorough audit was a major step to mature, harden, and grow enterprise confidence in the project as we continue on a path towards full graduated status with the CNCF.

Microsoft Announces Preview of Azure Application Gateway for Containers

Microsoft has announced the preview of Azure Application Gateway for Containers, a new application (layer 7) load balancing and dynamic traffic management product for workloads running in a Kubernetes cluster. It extends Azure’s Application Load Balancing portfolio and is a new offering under the Application Gateway product family. The product supports several deployment options and provides several improvements over the existing Application Gateway and Application Gateway Ingress Controller (AGIC), including achieving nearly real-time convergence times, supporting more than 1400 backend pods and 100 listeners, and enabling blue-green deployment strategies and active/active or active/passive routing.

About KubeSphere

KubeSphere is an open source container platform built on top Kubernetes with applications at its core. It provides full-stack IT automated operation and streamlined DevOps workflows.

KubeSphere has been adopted by thousands of enterprises across the globe, such as Aqara, Sina, Benlai, China Taiping, Huaxia Bank, Sinopharm, WeBank, Geko Cloud, VNG Corporation and Radore. KubeSphere offers wizard interfaces and various enterprise-grade features for operation and maintenance, including Kubernetes resource management, DevOps (CI/CD), application lifecycle management, service mesh, multi-tenant management, monitoring, logging, alerting, notification, storage and network management, and GPU support. With KubeSphere, enterprises are able to quickly establish a strong and feature-rich container platform.

To stay updated, visit our official website or follow us on Twitter.