Skip to content

2022-06-13: KubeCon EU insights, OpenTelemetry Metrics GA, eBPF+Tetragon, ArticDB and Keptn CNCF graduated to incubating

Thanks for reading the web version, you can subscribe to the Ops In Dev newsletter to receive it in your mail inbox.

πŸ‘‹ Hey, lovely to see you again

May has been very busy, conference driven development like Chris Aniszczyk said, my talk slides (and DNS chaos demo, yay!) amongst many exciting ideas for KubeCon EU. Meeting everyone in-person for the first time was amazing! My recap got delayed by Covid19, so this newsletter issue comes a bit later than planned, feeling much better now. The good thing is that everyone already published their KubECon EU analysis, and the video recordings are up on YouTube, with me linking the best resources for you here :)

That said, I hope you enjoy reading the extended issue :-)

β˜• Hot Topics

🎯 Release speed-run: kube-state-metrics v2.50 brings more metrics for standard components, experimental feature for own CRD creation, etc., Prometheus v2.36.0 brings service discovery for Ionos Cloud and Vultr, OpenSearch 2.0 brings document-level alerting, and a new notification system, Kyverno v1.7.0 with Mutation/Generation, GitOps and Image Verification support, Dockerfile 1.4 supports multiple build contexts, GitLab 15.0 ships nested env variables for environments, Terraform registry CI/CD templates, agent server for Kubernetes enabled by default in the Helm chart, etc.

☸️ KubeCon EU

KubeCon EU brought many great insights and will take a while to unpack. In between the great talks and conversations we had, I am personally very excited about the new Environmental Conversation/Sustainability WG. Below are a few more summaries worthwhile to read:

Recommend checking out the talk playlists, and bookmark interesting session to watch later: KubeCon EU, eBPF day, SecurityCon. WASM day, GitOpsCon. Here are few selected talks with focus on Ops and Observability:

We'll talk more about Learned at KubeCon EU in the #EveryoneCanContribute cafe meetup tomorrow, Jun 14, 9 am PT. The recording will be up on later.

I've shared more insights into my talk "From Monitoring to Observability: Left Shift your SLOs with Chaos" and KubeCon EU experience in this blog post.

πŸ›‘οΈ The Sec in Ops in Dev

Ever wondered about JWT (JSON Web Tokens), authorization workflows, and identity providers? Read no further in this blog post. Great diagram and workflow!

MongoDB announced "Queryable Encryption", an interesting new concept without the need to re-architect existing data sets. The MongoDB drivers analyze the query, and whenever an encrypted key is hit, it requests the encryption keys from AWS/GCP KMS, Azure Key Vault, or HashiCorp Vault for example. The encrypted query data is run by Queryable Encryption on encrypted data, and only on success, the results are returned to the driver which decrypts the data for the client. Sounds really nifty, I'm very curious about the performance and challenges with high availability/replication here.

Terraform as part of the software supply chain, Part 1 - Modules and Providers dives deep into security and potential problems with IaC tools and frameworks.

Merge+Diff: Building DAGs more efficiently: MergeOp and DiffOp are two new features released in BuildKit v0.10. These operations let you assemble container images by composing filesystems (MergeOp) and splitting them apart (DiffOp), all while minimizing the creation of duplicated data both locally on disk and in remote registries.

"Using the MaterializedPostgreSQL database engine, you can replicate an entire PostgreSQL database (or a subset of schemas and tables) into a ClickHouse database" - great blog post by Clickhouse.

β›… Cloud Native

Isovalent open-sourced Tetragon as a new Cilium component that enables real-time, eBPF security observability and runtime enforcement. Recommend watching the eBPF day keynote at KubeCon EU, where Thomas Graf also explains the basics and future of eBPF in Cloud Native.

Congrats to Keptn, becoming a CNCF incubating project. It's been a great journey, seeding Keptn evolve as a quality gate for CI/CD to an Observability platform for Continuous Delivery. We had a first look in 2020 in the 9. #EveryoneCanContribute cafe meetup.

Kubernetes 1.24 brings a breaking change: ServiceAccounts to longer auto-generate a secret (Twitter thread)

Should I Run Postgres on Kubernetes? brings interesting takeaways, like "The biggest reason is to simplify your development and deployment picture by putting all application components on Kubernetes. It supplies a whole set of scaffolding to make deploying and integrating applications and databases easier, including shared secrets, universal discovery, load balancing, service monitoring, and scaling."

πŸ‘οΈ Observability

OpenTelemetry announced GA for metrics at KubeCon EU, which means that the APIs are stable, and we can look into the collector, auto-instrumentation, and much more. There are more suggestions coming this way, such as adding a new JSON log exporter component. A deep dive into OpenTelemetry metrics touches on the getting started questions, provides the architecture, tools/frameworks to use, and much more. Fantastic article!

The KubeCon EU community vote in TAG Observability is very interesting: Add profiling as OpenTelemetry supported event type. After tracing, metrics and log support, this adds the next event types allowing to correlate more Observability data. Great times ahead - building more use cases for Parca, Pyroscope, etc. Or like Frederic Branczyk said: "Do you even Observability if you don't know how many and where page faults are happening?"

PolarSignals announced arcticDB, an embeddable columnar database for Observability. The blog post explains the challenges with lots of profiling data collected with the Parca agent, leveraging eBPF, and dives into the first implementation iteration.

Getting started with eBPF? Cilium, Falco and Pixie are matured projects to run in production, and learn how to use them for your use cases. Bumblebee also brings in a new perspective, helping to build, run and distribute eBPF programs using OCI images. Another great example is Parca for Profiling: at eBPF day at KubeCon EU, the change from C to Rust for more programming safety was a super interesting talk.

Brendan Gregg, author of the Systems Performance book (highly recommended read!) shared helpful resource in the Learning eBPF Tracing: Tutorials and Examples (2019) post.

Jaeger Tracing can now accept the OpenTelemetry protocol directly, allowing trace data sent directly: "With this new capability, it is no longer necessary ... to run the OpenTelemetry Collector in front of the Jaeger backend."

πŸ” The inner Dev

Scripting with Go dives into new development paradigms, system commands, pipes and error handling. "Everything is a pipeline" is an interesting approach.

Remember the times you were asked to architect or extend a database schema, or just pull data from several SQL tables? "Use a JOIN." Ok, what is the difference between left, right, inner, and outer join? Andreas Martinson shared a mind-blowing new way to visualize SQL joins instead of Venn diagrams. As a reminder, a Venn diagram is using overlapping circles to figure out what common data are shared between tables.

πŸ“ˆ Your next project could be ...

πŸ“š Tools and tips for your daily use

πŸ”– Book'mark

πŸŽ₯ Events and CfPs

πŸ‘‹ CfPs due soon

Looking for more CfPs? Try CFP Land.

🎀 Shoutouts

Everyone cheered and said hello at KubeCon EU, be it in person or remote. Community spirit at its best :-)

Thanks for reading! If you are viewing the website, make sure to subscribe to stay in the loop!

See you next month - let me know what you think on Twitter or LinkedIn.



PS: If you want to share items for the next newsletter, please check out the contributing guide - tag me in tweet replies or send me a DM. Thanks!