Docker updates subscription plan, state of Kubernetes security report, organizing Kubernetes containers, and ArgoCD
Kubernetes dashboards, Path from Kubernetes to Serverless with Kelsey Hightower, and Secret Manager support for Functions
Github Codespaces, KubeCon and learncloudnative.com redesign
NSA/CISA Kubernetes hardening guidance and a critical review from NCC Group
In August, NSA & CISA released a Kubernetes hardening guidance that explains how to harden your Kubernetes clusters.
A day ago, the NCC Group (an information assurance company from the UK) released a critical review of the guidance. They separated the guidance into "Good", "Bad", and "Complex" sections. It's an interesting read, especially the bad and the complex sections that go into some aspects of Kubernetes security that were either overlooked or are already out of date (the joys of working in tech).
2021 State of DevOps report
For the past ten years, Puppet has been releasing the yearly State of DevOps report. This year anniversary edition talks about multiple pillars. For example, it says that DevOps is not just automation, but automating repetitive tasks is necessary (90% of respondents with highly evolved DevOps practices automate most repetitive tasks) to allow the team to step back and think about broader strategy.
Here are a couple of other tidbits from the executive summary:
Even though 65% of mid-evolution companies are using the public cloud, only 20% are using it to its full potential
The major obstacle that prevents enterprises from evolving to the highest levels is organizational structure and dynamics
Clear understanding of responsibilities to other teams is reported by 91% of highly evolved teams vs. 46% of low-evolution teams
In mid-evolution teams, 21% report their culture discourages risk, and 20% mention unclear responsibilities
Links of the week
- What happened to Docker - How Docker broken in half
- Amazon ESK Anywhere - create and manage Kubernetes clusters on premises
- OpenSSL 3.0 Has Been Released
- Kubernetes Network Policies - A Practitioner's Guide
- kspan - truen k8s events into spans
- Google secret manager provider for Secret store CSI driver
- Getting ready for Hacktoberfest
- 6 Steps to Keep Your Developers Productive and Happy