- Helm 3 with Matt Farina
Our local Helm expert Matt Farina is back to give us the update in the world of Helm, which has been transitioning from Helm 2 to Helm 3. Since we know many of you love and use Helm we thought it'd be best to have Matt give us some best practices on some of these major topics: - Helm 3 vs Helm 2 - General migration steps - New patterns of CD with Helm 3 - Community Charts (helm/charts repo) with Helm 3 - Near-term and long-term things are coming down the pipe! - Competitors and new patterns that have arrived Matt is a software engineer working on the Cloud Native Computing Team at Samsung SDS where he focuses on cloud native applications. He is an author, speaker, and regular contributor to open source. Matt has been developing software for over 25 years. He is currently a maintainer of Helm and co-chair of Kubernetes SIG Apps.
- Securing Kubernetes and API workloads using Open Policy Agent
> Live Stream Link: https://youtu.be/bl6MSrDg_i4 Open Policy Agent (a CNCF project) provides a unified toolset and framework for policy across the cloud native stack. With OPA you can use declarative and context aware policy, decouple it from the code to release, analyze, and review policies (which security and compliance teams love) without sacrificing availability or performance. In this meetup, you will learn about OPA, the use cases of OPA and how to use OPA as an admission controller in your Kubernetes clusters. For example, by deploying OPA as an admission controller you can ensure: A few examples of what you can ensure with OPA: * Whether images are pulled from a specific corporate image registry * All resources are labeled according to your organization's guidelines, * All Pods specify resource requests and limits. * Prevent conflicting Ingress objects from being created. Additionally, Rajesh is planning a special giveaway for those tuned in sometime throughout his presentation! Our speaker, Rajesh Jain, is a Cloud Engineer @ Palo Alto Networks. Prior to Palo, he was at Aporeto (acquired by Palo), and Pivotal. Rajesh has worked on various cloud platforms including Kubernetes, Cloud foundry, AWS, GCP and Azure. He has presented before at Kubernetes and DevOps focused meetups and conferences. > This is a Virtual Event being streamed live on Youtube! Watch here: https://youtu.be/bl6MSrDg_i4
- The Four Stooges Deep-Dive K3s
Stuck in Quarantine with only your laptop? What if you could easily spin up a free cluster right in your lap, instead of burning a hole in your cloud spend? We're thinking the same thing! Your friendly stir-crazy Orchestructure board members are going to deep-dive into one such solution named K3s. K3s is lightweight Kubernetes from Rancher Labs. Easy to install, half the memory, and all in a binary of less than 50mb. Marketed as a fully compliant Kubernetes Distribution, K3s is geared for IoT and Edge platforms where speed and thin installation is necessary. Please join us for our first ever Virtual event, streamed on Youtube, geared for everyone, and meant to be the most fun you'll have on a Wednesday night. Be sure to hop in our Slack channel, #orchestructure in the MadeinA2 Slack (http://madeina2.com/slack) network to participate by asking questions, making suggestions, and trolling. Stream Link: https://youtu.be/f0CA0nka1Oo
- Introduction to gRPC with Richard Belleville from Google
gRPC is a modern open source high performance RPC framework that can run in any environment. It can efficiently connect services in and across data centers with pluggable support for load balancing, tracing, health checking and authentication. It's also incredibly applicable in distributed computing to connect devices, mobile applications and browsers to backend services. In this talk, we will design, build, and test a simple gRPC service from scratch using the Go programming language. We'll then deploy it to Google Kubernetes Engine (GKE) and observe! Food will be provided by the CNCF! Everyone is welcome so feel free to bring friends or co-workers! The speaker is remote and a recording will be released shortly after the event.
- Falco - Container Native Runtime Security
Join us January 29 at Alfa Jango with Marky Jackson from Sysdig! Learn about Falco, a new Host Intrusion Detection system made for Cloud Native Platforms (not to mention its a CNCF project!). What if we can detect abnormal behavior in the application, container runtime, & cluster environment as well? In this talk, Marky will present Falco, a CNCF Sandbox project for runtime security. We will show how Falco taps Linux system calls & the Kubernetes API to provide low level insight into application behavior, & how to write Falco rules to detect abnormal behavior. We’ll show how to collect & aggregate alerts using an EFK stack (Elasticsearch, Fluentd, Kibana). Finally we will show how Falco can trigger functions to stop abnormal behavior, & isolate the compromised Pod or Node for forensics. Attendees will leave with a better understanding of what problems runtime security solves, & how Falco can provide runtime security, auditing & incident response. Food to be provided by the CNCF Hope to see you at the first meeting in 2020!
- Brewing Enough Coffee! Scaling Kubernetes at Palantir
Jared Ledvina, a Cloud Operations Engineer at Palantir, and has spent the last year helping grow their infrastructure from 12,000 to over 20,000 EC2 instances. In this talk, he'll discuss managing over 50 ephemeral production Kubernetes clusters, future plans to support Azure, and how Palantir engineers could have avoided multiple production outages. If possible, please checkout the following before hand: Introducing Rubix: Kubernetes at Palantir - https://medium.com/palantir/introducing-rubix-kubernetes-at-palantir-ab0ce16ea42e Spark scheduling in Kubernetes - https://medium.com/palantir/spark-scheduling-in-kubernetes-4976333235f3 If there are any topic's or question's you'd like answered please reach out to @jaredl on the MadeInA2 Slack! (#orchestructure channel!) You can also catch him on Twitter: https://twitter.com/geekatcomputers and Github: https://github.com/jaredledvina
- Welcome to 1.16: All Hail the Breadsticks
** Our Falco speaker unfortunately had to cancel at the last minute. Instead, read below for the freshest event details! Join the Orchestructure members who participated in the latest Kubernetes release as they give a whirlwind tour around major changes in this new version, 1.16. API deprecation, scalability enhancements, and the latest KEPs are some of the major topics with this release. In addition, they'll give insight into the community and intense release process for a project of this magnitude! We'll be featuring refreshments from Pizza House, including many many breadsticks! We apologize for the last minute change and hope to see you there! *Official k8s Release Page: https://kubernetes.io/blog/2019/09/18/kubernetes-1-16-release-announcement/
- Building Kubernetes Operators in an Ansible-native way
Join us on August 28th at Duo to hear Chris Short dive into building Kubernetes Operators with Ansible! Kubernetes Operators simplify the management of complex applications, but are usually written in Go and require expertise with the internals of Kubernetes. Using the Operator SDK, Ansible becomes a first-class citizen! It has lowered the barrier to entry and has made it easy to orchestrate your applications across both new & existing platforms with one simple language. Come learn all about this new phase of infrastructure automation! Food to be provided by the CNCF.
- The Orchestructure Workshop 2019
Please see the official Workshop page at https://workshop.orchestructure.io/ The Orchestructure Workshop will bring together southern Michiganders to provide hands-on experiences with the very technologies talked about at every meetup. The Workshop will take place over 4 hours with beginner and advanced content including a lunch period with time before and after for conversation. Each session will be around 1.5 hours in length with a half-hour break for lunch. Please RSVP as soon as possible so we can get an accurate idea of planning requirements. Orchestructure stickers and other branded items will be available as well as refreshments throughout the entirety of the Workshop. Feel free to post comments and questions. The full schedule and other details can be found at https://workshop.orchestructure.io/