Cloud native ecology Weekly Vol 16 |. CNCF archive rkt, container runtime "ancient" of the war veterans dying

Enterprise 2019-08-28 04:09:56 views: null

List of Authors: Su wood, stone face, get to, etc.

Industry News

1. Security-2019-9512 vulnerability CVE
Attack
CVE-2019-9514 vulnerability HTTP2 of DOS, if successful, will run out of server cpu / mem, resulting in service is unavailable.
Related Links:https://discuss.kubernetes.io/t/security-release-of-kubernetes-v1-15-3-v1-14-6-v1-13-10-cve-2019-9512-and-cve-2019-9514/7596/1

2.CNCF of rkt archiving project

rkt CoreOS company is in the early CNCF donated container runtime project. That time Docker heady, Missing Piece, the open source community has been hoping for more Docker can listen to the voice of the community at that time but could Docker is a container runtime (open source) is the only choice. rkt appear to the user community and a Alternative, provides a justification for access later CRI standards such as container operation. However, with the container runtime harmonization of standards (CRI, CSI, CNI, etc.), rkt community activity is greatly reduced, some of CVE has been slow to repair, so CNCF decided to archive rkt. At present there are two container CNCF running the project: containerd and CRI-O.
Related Links:https://www.cncf.io/blog/2019/08/16/cncf-archives-the-rkt-project/

3.GitHub supports the use of CI / CD functions on Azure, the public will have free use of warehouse development, related features include: authorization, application deployment way, way container deployment, K8s of deployment, etc. (azure / actions (login ), azure / appservice-actions, azure / container-actions, azure / k8s-actions).

Related Links:

a.https://github.blog/2019-08-08-github-actions-now-supports-ci-cd/
b.https://azure.microsoft.com/en-au/blog/announcing-the-preview-of-azure-actions-for-github/

4.Intel release GPU plugin K8s, the project contains a fpga / gpu / quickAssist.

Related Links:

a.https://www.careyscloud.ie/intel_gpu_plugin
b.https://github.com/intel/intel-device-plugins-for-kubernetes

5.orka supports the deployment of multiple MacOS VM

orka using K8s and container technology support one Mac hardware to deploy multiple MacOS VM, convenient iOS and Mac developers. <br /> Related Links:https://www.macstadium.com/orka

6.Helm Submmit 2019 schedule determined

Related Links:https://events.linuxfoundation.org/events/helm-summit-2019/program/schedule/

7.VMware acquisition of Pivotal

VMware Class A common stock at US $ 15 per share acquisition of Pivotal stock. Pivotal to their previously working in the Cloud Foundry PaaS become a unique force field, but with the overall success of the project Kubernetes, Pivotal and Cloud Foundry have to start compatible Kubernetes. Pivotal's CTO said in an interview that they are bringing into the K8s which do apply and container platform experience before some of Pivotal. Kubernetes related issues will be fully occupied by August 25 will be held VMworld 2019 in San Francisco, the General Assembly is expected to exceed 80 breakout sessions, expert roundtables.
Related Links:

. A takeover information:https://investors.pivotal.io/news/financial-news/press-release-details/2019/Pivotal-In-Discussions-With-VMware-Regarding-Potential-Business-Combination/default.aspx
b.Pivotal CTO talk K8s:https://devclass.com/2019/08/16/pivotal-cto-kubernetes-means-were-all-distributed-systems-programmers-now/
c.VMware2019 & Kubernetes:https://cloud.vmware.com/community/2019/08/13/kubernetes-is-set-to-take-over-vmworld-us-2019-heres-what-to-see-and-do/

Significant progress upstream

  1. Support kube-apiserve r of service, Kubernetes can support clusterIP and externalName, let kube-apiserver can be accessed directly FQDN other Pod.
    KEP link:

https://github.com/kubernetes/enhancements/pull/1216
related to similar PR:
A.https://github.com/kubernetes/kubernetes/pull/47588
b.https://github.com/kubernetes/kubernetes/pull/79312

2.request-faireness documentation updates, mainly KEP modify the document based implementations.
. a progress tracking:https://github.com/kubernetes/kubernetes/issues/76846
. b design and implementation:https://github.com/kubernetes/enhancements/blob/master/keps/sig-api-machinery/20190228-priority-and-fairness.md#design-details
c this PR. : //github.com/kubernetes / enhancements / pull / 1214

3. The number of Metric be revised. The main content:
a.cAdvisor: label indicators "pod_name", "container_name" to "POD", "Container";
b.API Histogram buckets Latency: 125ms before is to 8s, support range [0.01 0.005 0.025 0.05 0.1 0.25 0.5 10. 5 2.5. 1];
c.kubelet: promethues modified metrics as histograms and other types of summary, becomes second units;
d.kube-Scheduler: unit becomes second;
e.Kube-Proxy: unit becomes second, delete indicators: DeprecatedNetworkProgrammingLatency;
f.kube-apiserver: apiserver_request_latency_seconds window becomes larger, follow-up can be more refined;
g.Convert Latency / latencies in metrics name to DURATION;
h.Client-Go: workingqueue renamed indicators, monitoring indicators in line with specifications.

Related Links:

i.[https://github.com/kubernetes/enhancements/issues/1206](https://github.com/kubernetes/enhancements/issues/1206)
ii. [https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/instrumentation.md](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/instrumentation.md)

4. scheduler-related PR:
A support binder plugin, wrote a default implementation;.https://github.com/kubernetes/kubernetes/pull/81593/files
. extension point B increases the cleanup;
i.issue:https://github.com/kubernetes/kubernetes/issues/81438
ii.pr: https://github.com/kubernetes/kubernetes/pull/81593/files
. C support the dispatch queue parameter maxBackoffDuration;https://github.com/kubernetes/kubernetes/pull/81263
d.Move RunNormalizeScorePlugins and ApplyScoreWeights INTO RunScorePlugins, in fact, a small optimization.https://github.com/kubernetes/kubernetes/pull/81614/files

5.Promote Node Zone/Region Topology Labels to GA
https://github.com/kubernetes/kubernetes/pull/81431

6.kube-apiserver began to support CacheObject, to avoid duplication of serialization costs
https://github.com/kubernetes/kubernetes/pull/81585/commits

7.kube-apiserver support webhook call timeout to set context
https://github.com/kubernetes/kubernetes/pull/81602

8.apiserver 调用 webhook 的 metrics apiserver_admission_webhook_admission_duration_seconds 新增标签(ignore_call_failure, call_failure and code)
https://github.com/kubernetes/kubernetes/pull/81399/files

9.Block etcd client creation until connection is up #81435
https://github.com/kubernetes/kubernetes/pull/81435

10.Enables resizing of block volumes
https://github.com/kubernetes/kubernetes/pull/81429/files

Open source projects recommended

1.k3sup: easy access kubeconfig of tools from a machine.
link:https://github.com/alexellis/k3sup

2.Gatekeeper: Policy Controller for Kubernetes, OPA's K8s a policy configuration tool is different.
link:https://github.com/open-policy-agent/gatekeeper

3.ktop: A visualized monitoring dashboard for Kubernetes , K8s visual monitoring of a dashboard.
link:https://github.com/ynqa/ktop?utm_sq=g3i5hm4xyz

4.System-validators. This is a new project that aims to provide a preflight check of the installation is Kubeadm, private environment that seems to help deploy K8s save a lot of time, staff in related fields will be of great help.

link:https://github.com/kubernetes/system-validators

This week Recommended Reading

1.OPA Gatekeeper: Policy and Governance for Kubernetes. This blog describes how to use OPA Gatekeeper the rules and policy configuration K8s in. (For example: How to configure the operating rights in line with company policy for users?)
https://kubernetes.io/blog/2019/08/06/opa-gatekeeper-policy-and-governance-for-kubernetes/
. A still another article about the OPA Recommended: How to enforce custom policies on Kubernetes objects using OPA. link:https://www.openpolicyagent.org/docs/latest/kubernetes-admission-control

2.The Case for Virtual Kubernetes Clusters. Virtualization K8s cluster is the technical community and the program is currently of great concern to many users, the main source of demand is multi-tenant. If you are in this area is not very understanding, reading this article will help.
link:https://thenewstack.io/the-case-for-virtual-kubernetes-clusters/?utm_source=tuicool&utm_medium=referral

Learn ACK container services, check https://www.aliyun.com/product/kubernetes
Ali cloud container service China the best, enter Forrester report strong performance Quadrant

Guess you like

Origin blog.51cto.com/13778063/2432930
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com