Cloud Native Digest: KubeSlice is now a CNCF Sandbox Project

Open source projects worth checking out

Chart Testing

Chart Testing is the the tool for testing Helm charts. It is meant to be used for linting and testing pull requests. It automatically detects charts changed against the target branch.

Clusterpedia

This name Clusterpedia is inspired by Wikipedia. It is an encyclopedia of multi-cluster to synchronize, search for, and simply control multi-cluster resources.

Clusterpedia can synchronize resources with multiple clusters and provide more powerful search features on the basis of compatibility with Kubernetes OpenAPI to help you effectively get any multi-cluster resource that you are looking for in a quick and easy way.

enhancements

Enhancement tracking repo for Kubernetes releases. Owned by SIG Architecture.

This repo contains issues and KEPs. These issues are umbrellas for new enhancements to be added to Kubernetes. An enhancement usually takes multiple releases to complete. And an enhancement can be tracked as backlog items before work begins. An enhancement may be filed once there is consensus in at least one Kubernetes SIG.

Kubernetes Explorer

k’exp — Kubernetes Explorer
Understand Kubernetes — the visual way. Not yet another attempt to manage production clusters in the browser.

k’exp is for:

- Learning and exploring Kubernetes capabilities
- Application development (object graph presets for every app)
- Controller and operator development (dynamic object graphs)

netfetch

The netfetch tool is designed to scan Kubernetes namespaces for network policies, checking if your workloads are targeted by a network policy or not.

Technical recommendations

Ingress Vs Gateway API — Explained in a simple way

This article discusses the comparison between Ingress and Gateway API in Kubernetes, explaining the concepts in a simple manner. It explores the differences between these two approaches and provides guidance on when to choose each one. Ingress is likened to a basic key system that allows visitors to access applications through the internet, while Gateway API is described as a smart security system that can handle more visitors and make intelligent decisions based on their identity. The Gateway API offers features such as smart door directions, handling more guests, custom guest rules, and cross-vendor compatibility. In contrast, Ingress is recommended for applications with simple routing needs, smaller scale projects, and limited resources. On the other hand, Gateway API is suitable for applications with complex routing requirements, advanced traffic management, scalability and flexibility needs, multi-tenancy and security considerations, and cross-platform consistency requirements. The article concludes by mentioning that the next article will delve into how to work with Gateway API.

Lookup Kubernetes Resources inside Helm Charts

This article explains how to query the Kubernetes API directly from Helm templates. The author demonstrates this feature by showing how to scale down deployments to zero in specific namespaces using the lookup function. The article provides a step-by-step guide on extending a Helm chart, retrieving namespaces with certain labels, and creating CronJobs based on the retrieved information. The usage of the lookup function and its limitations are discussed, including the need to regularly apply the chart to reflect API resource changes. The author also mentions that in some cases, writing a separate script may be easier for achieving the same functionality. Overall, the article showcases the usefulness of the Helm lookup function for automating Kubernetes tasks and highlights its potential time-saving benefits.

What’s new in cloud native

KubeSlice is now a Cloud Native Computing Foundation (CNCF) Sandbox Project

Avesha, a leader in Kubernetes and AI innovation, is thrilled to announce that KubeSlice has been accepted as a Cloud Native Computing Foundation (CNCF) Sandbox project. KubeSlice, Avesha’s flagship product enabling multi-cluster computing, is recognized for its innovative approach to Kubernetes cluster virtualization, providing secure and efficient solutions for distributed application deployments across various platforms and locations.

Isovalent Strengthens Cloud Native Security via Tetragon Enterprise Update

This week’s update to the enterprise edition of the open source Tetragon project added a slew of capabilities to simplify applying cybersecurity policies more granularly and to limit privilege escalation.

Jeremy Colvin, senior technical marketing engineer for Isovlant, said Isovalent Enterprise for Tetragon 1.13 supports a framework that helps organizations to harden cloud-native computing environments. The goal is to provide a missing cybersecurity piece to the cloud-native computing puzzle.

About KubeSphere

KubeSphere is an open source container platform built on top Kubernetes with applications at its core. It provides full-stack IT automated operation and streamlined DevOps workflows.

KubeSphere has been adopted by thousands of enterprises across the globe, such as Aqara, Sina, Benlai, China Taiping, Huaxia Bank, Sinopharm, WeBank, Geko Cloud, VNG Corporation and Radore. KubeSphere offers wizard interfaces and various enterprise-grade features for operation and maintenance, including Kubernetes resource management, DevOps (CI/CD), application lifecycle management, service mesh, multi-tenant management, monitoring, logging, alerting, notification, storage and network management, and GPU support. With KubeSphere, enterprises are able to quickly establish a strong and feature-rich container platform.

To stay updated, visit our official website or follow us on Twitter.