Open source project recommendations
Inspector Gadget
Inspektor Gadget is a set of tools (or gadgets) for debugging and inspecting Kubernetes resources and applications. It manages the packaging, deployment, and execution of eBPF programs in a Kubernetes cluster, including many programs based on BCC tools, as well as some programs developed specifically for use in Inspektor Gadgets. It automatically maps low-level kernel primitives to high-level Kubernetes resources, making it easier and faster to find relevant information.
Kairos
Kairos (formerly c3os) is an open source project and immutable Linux metadistribution for edge Kubernetes. It brings edge, cloud and bare metal lifecycle operating system management into the same design principles through a unified cloud-native API.
KubeConfig-Merger
This is a command line tool that merges two Kubernetes configuration files (kubeconfig files) into one file. The generated file can be used as a single kubeconfig file to manage multiple Kubernetes clusters.
Article recommendations
Use Kubernetes native method to implement multi-cluster alarms
This article reveals a Kubernetes-based solution for multi-cluster and multi-tenant alerting and notification needs. Our comprehensive approach covers alerting for metrics, events, auditing and logging while ensuring compatibility with alertmanager. For indicators, we provide hierarchical RuleGroups CRDs suitable for different alarm scopes, while maintaining compatibility with Prometheus rule definitions. We also developed specific rule definitions and evaluators (i.e., rulers) for Kubernetes events and audit events, which share the same rule evaluation engine. Our notification implementation, named notification-manager, provides a number of notification channels and basic functionality such as routing, filtering, aggregation, and silencing via CRDs. Not only that, but comprehensive notification history, multi-cluster and multi-tenant support are also provided. These capabilities facilitate seamless integration between various alert sources.
An in-depth interpretation of K8s’ new features – adjusting Pod resources in place
This article is an in-depth analysis of the new feature in Kubernetes - adjusting the size of Pod resources in place. The article explains how this feature works, the benefits it provides, and how to use it.
In-place Pod resource adjustment is a new feature in Kubernetes that allows the CPU and memory resources allocated to a Pod to be adjusted without restarting the Pod. This is an important advantage for many applications, improving performance and efficiency without causing any downtime.
The article discusses the in-place Pod resource adjustment function in detail and shows how to adjust the Pod size in actual operations. The author introduces how to set the restart policy in the YAML file of the Pod to trigger the restart of the container when adjusting memory resources. For adjustment of CPU resources, there is no need to restart the container.
The article also introduces some information related to Pod resource adjustment, such as resource allocation and real-time resource usage monitoring. Additionally, the article provides examples of using patches from the command line to adjust CPU and memory limits.
Backup and recovery on Kubernetes high-availability clusters
This article is a guide to backup and recovery on a Kubernetes high-availability cluster. The author introduced that all objects in the Kubernetes cluster are stored in Etcd, and emphasized the importance of regularly backing up Etcd cluster data in order to restore the cluster in the event of a disaster.
The article first introduces the snapshot mechanism of Etcd and the command line utility Etcdctl that interacts with it. The author then provides steps for taking snapshots using the Etcd client, and recommends running Etcd as a multi-node cluster in a production environment, with regular backups.
Next, the article provides sample commands for creating test Pods and taking snapshot backups. The author then demonstrates the steps on how to restore the backup data to the control plane nodes and provides the corresponding commands.
The article also describes how to modify the etcd configuration files on all control nodes and move the files from the backup location back to the original location.
Finally, the author summarizes the Etcd database as an important part of the entire system, and introduces in detail the necessity of Etcd backup and recovery in Kubernetes cluster management.
Cloud native dynamics
KubeSphere 3.4.1 released
KubeSphere 3.4.1 is officially released!
This version was submitted by 15 contributors. Thank you to all contributors for your support and contribution to the KubeSphere project!
KubeSphere 3.4.1 released this time is a patch version of KubeSphere 3.4.0, which mainly focuses on improving Console and DevOps and fixing problems.
CNCF launches fuzz testing manual
Fuzzing plays a vital role in today's software development practices to ensure safe and reliable software. CNCF is committed to promoting fuzz testing as part of CNCF project development practices and has created a fuzz testing manual to introduce fuzz testing in a completely open source fuzz testing framework.
The Fuzz Testing Handbook is a comprehensive hands-on guide containing over 60 pages of fuzz testing-related material. The manual first introduces the concepts and core techniques of fuzz testing, and then details the practice of fuzz testing, including many code examples. The goal is to provide practical intuition for fuzz testing, enabling the reader to apply it to arbitrary software packages. The manual also details how to use the open source fuzz testing framework OSS-Fuzz to establish a continuous fuzz testing environment. The manual introduces fuzz testing of C/C++/Golang and Python, and plans to introduce fuzz testing of Rust and Java.
Tetragon 1.0 officially released
Isovalent has announced the release of version 1.0 of Cilium Tetragon, their eBPF-based Kubernetes security observability and runtime execution tool. Policies and filters can be applied directly through eBPF to monitor process execution, privilege escalation, and file and network activity.
Version 1.0 brings stability and performance improvements to Tetragon. The main focus of this release is to significantly reduce the performance overhead of running Tetragon. This release also adds a default observability policy library.
Alibaba Cloud suffered a serious failure and all products were affected (restored). Tumblr cooled down the Russian operating system Aurora OS 5.0. New UI unveiled Delphi 12 & C++ Builder 12, RAD Studio 12. Many Internet companies urgently recruit Hongmeng programmers. UNIX time is about to enter the 1.7 billion era (already entered). Meituan recruits troops and plans to develop the Hongmeng system App. Amazon develops a Linux-based operating system to get rid of Android's dependence on .NET 8 on Linux. The independent size is reduced by 50%. FFmpeg 6.1 "Heaviside" is releasedThis article is published by OpenWrite, a blog that publishes multiple articles !