With the rapid pace of the cloud-native ecosystem, staying current with Kubernetes updates and managing upgrades becomes a daunting task for many organizations. In this KubeFM episode, Mat discusses the necessity of long-term support for Kubernetes and explores the intricacies of managing Kubernetes upgrades in a fast-evolving landscape. You will learn: The importance of long-term support (LTS) for Kubernetes and how it can alleviate the challenges associated with the platform's rapid release cycles. Strategies for managing Kubernetes upgrades, including insights into the release cycle and ..read more

Ensuring the repeatability of your infrastructure is a crucial aspect of managing Kubernetes clusters. This allows you to swiftly tear down and set up a new one, a practice that is quite handy. However, there are exceptional circumstances when your cluster becomes more than a disposable tool. Dan shared, "A Kubernetes cluster will be treated as disposable until you deploy ingress, and then it becomes a pet." In this episode, you will delve into the concept of 'disposable' and 'pet' Kubernetes clusters and learn: How you can use GitOps to create a repeatable infrastructure that syncs. How r ..read more

Service meshes and the community's opinion of them have changed drastically over the years. From being perceived as unnecessary, complicated and bloated, they matured into security and observability powerhouses (while still retaining much of their complexity). In this KubeFM episode, William deep dives into the world of service meshes and explains a few of the technical choices and trade-offs of service meshes in simple terms. You will learn: What is a service mesh and its design (i.e. control plane and data plane). How Ambient mesh departs from the traditional sidecar model and how it aff ..read more

Can you run databases on Kubernetes and survive to tell the story? Or should you refrain from running stateful workloads as much as possible? In this KubeFM episode, Steven argues that you should run databases on Kubernetes. He also goes further and demonstrates how to build your custom operator to manage your database. Listen to the episode and learn how: You can use Kubebuilder and the Operator Framework to build your operator. Custom Resources lets you create higher abstractions to manage your infrastructure as code. Steven's operator manages hundreds of databases at scale at QuestDB ..read more

Structured Authentication Config is the most significant Kubernetes authentication system update in the last six years. In this KubeFM episode, Maksim explains how this is going to affect you: You can use multiple authentication providers simultaneously (e.g., Okta, Keycloak, GitLab) — no need for Dex. You can change the configuration dynamically without restarting the API server. You can use any JWT-compliant token for authentication. You can use CEL (Common Expression Language) to determine whether the token's claims match the user's attributes in Kubernetes (username, group). Spon ..read more

Is sharing a cluster with multiple tenants worth it? Should you share or have a single dedicated cluster per team? In this KubeFM episode, Artem revisits his journey into Kubernetes multi-tenancy and discusses how the landscapes (and opinions) on multi-tenancy have changed over the years. Here's what you will learn: The trade-offs of multi-tenancy and the tooling necessary to make it happen (e.g. vCluster, Argo CD, Kamaji, etc.). The challenges of providing isolated monitoring and logging for tenants. How to design and architect a platform on Kubernetes to optimise your developer's exper ..read more

How hard could it be to debug a network issue where pod connections time out? It could take weeks if you are (un)fortunate like Alex. But Alex and his team didn't despair and found strength in adversity while learning several Kubernetes networking and kubespray lessons. In this KubeFM episode, you'll follow their journey and learn: How a simple connection refused led to debugging the kernel syscalls. How MetalLB works and uses Dynamic Admission webhooks. How Calico works and assigns a range of IP addresses to pods (and what you should watch out for). How to use tcpdump and strace to de ..read more

Pod Topology Spread Constraints is a convenient feature to control how pods are spread across your cluster among failure domains such as regions, zones, nodes, etc. You can also choose the pod distribution (skew), what happens when the constraint is unfulfillable (schedule anyway vs don't) and the interaction with pod affinity and taints. It's a great and straightforward feature, so what could possibly go wrong? In this episode of KubeFM, you will follow Martin and his team's journey in discovering and fixing a production incident (on a Friday afternoon) due to a misconfiguration. You will als ..read more

On average, Kubernetes nodes running on ARM instances are 20% cheaper than their AMD counterpart. Optimising your cloud bill is tempting, but how do you seamlessly migrate existing workloads to a different architecture? And how do you do it at scale, with more than 1500 engineers and 30 clusters in 4 regions? In this episode of KubeFM, Thibault and Miguel explain how Adevinta built an internal platform on Kubernetes for mixed AMD and ARM workloads. You will learn: The challenges they faced with validating containers for mixed architecture with a mutating webhook and the open source solution ..read more

Should every project start with Kubernetes? And if not, when is the right time to switch without incurring (unbearable) technical debt? In this episode of KubeFM, you will learn how the team at Loovatech designed an app from scratch and decided to use Docker Compose to host their infrastructure cheaply and effectively in a single virtual machine. As the project grew, the team had to make the difficult choice to rearchitect their infrastructure and plan for scalability and fault tolerance. Follow their journey and learn: How to migrate from a single Docker Compose file with 24 containers to K ..read more