Listen to a podcast, please open Podcast Republic app. Available on Google Play Store.
Introduction to GitOps
Topic 2 - Weave really started evangelizing this concept of “GitOps”. For anyone that isn’t familiar, walk us through the basics building blocks.
Topic 3 - Git becomes the CMDB (single source of truth, single source for compliance). Developers push code (Git > CI/CD). CI/CD system builds containers and deploys to Kubernetes. What assumptions does this model make about the underlying infrastructure operations?
Topic 4 - Let’s talk about the separation of interests between the CI system and the CD system and how this impacts security.
Topic 5 - Let’s talk about the role of Operators in a GitOps environment. Operators (today) tend to be more focused on stateful applications, so how does this link into developer code?
|Jun 18, 2019|
Reviewing KubeCon Barcelona 2019 - Part I
|May 24, 2019|
Operators and OperatorHub
Topic 2 - Last year (May 2018) we spoke with Brandon Philips around the launch of Operator Framework. How has the ecosystem around Operators evolved over the last year?
Topic 3 - We spoke with Clayton Coleman and Derek Carr about how Operators are now core to the architecture of OpenShift 4, but what role do Operators play for applications running on Kubernetes or OpenShift?
Topic 4 - How are complex applications getting turned into Operators? What’s the model to get them engaged with the SDK and Metering frameworks?
Topic 5 - How is OpenShift 4 interacting with OperatorHub?
|May 01, 2019|
Ceph Storage with Rook
Topic 2 - One of the most frequent requests we get from listeners is to discuss how to integrate (and manage) storage into OpenShift/Kubernetes environments. Let’s talk about storage needs for OpenShift/Kubernetes infrastructure (masters, logging, monitoring, etc.) vs. storage for applications.
Topic 3 - Help us understand the difference between a storage manager like Rook and a storage system like Ceph. Where does one start and the next one stop?
Topic 4 - Rook now uses the Operator pattern for managing underlying storage systems. How does the Operator technology help make managing (and lifecycling) storage easier or more robust?
Topic 5 - As you talk to users of Ceph and Rook, what are some of the best practices that you’re seeing them implement?
|Apr 24, 2019|
Kubernetes Extended Authentication Model
Topic 2 - A few weeks ago we talked with John Osbourne about “Kubernetes Policy”. This is very different than “Authentication” or “Authorization”. For people that don’t live around security, can you help us understand the difference between policy and the things that make up AAA (Authentication, Authorization and Accounting)?
Topic 3 - You and I were talking a few months ago at OpenShift Commons Gathering in London about “the Kubernetes extended authorization model”, and I wonder if you could elaborate on that a little bit.
Topic 4 - What are some of the areas where you feel like there isn’t enough awareness, especially for production environments, between policy and AAA models (e.g. Kubernetes elements vs. user-level elements)?
Topic 5 - Give us a quick set of thoughts on how any of this changes if we start doing multi-cluster or Federation.
|Apr 05, 2019|
Multi-Cluster and Federation v2
Topic 2 - What are the basic functionality that needs to be in place to federate more than 1 cluster together (authentication, registry, cluster registry, network routing, etc.)
Topic 3 - What are some of the mechanisms that help determine which cluster a container should run?
Topic 4 - Is the current design intended to handle applications that span clusters, or is the expectation that apps live in a single cluster? What about deploying the same app to multiple clusters?
Topic 5 - For more advanced capabilities, such as intelligence to know where to dynamically place an application, would that be something that’s within Kubernetes, or any external service?
|Mar 29, 2019|
Project Quarkus, Kubernetes-native Java
Topic 2 - Today we’re going to talk about Java and containers. Before we get into the new technologies, let’s talk about what the world of Java in containers (and Kubernetes) looks like today - especially the challenges and tradeoffs from the Java EE world to Kubernetes. (see: “Kubernetes as the New Application Server”, Eps.55 on PodCTL)
Topic 3 - Please introduce us to Project Quarkus.
Topic 4 - So for the Kubernetes or container person, how does this change things? It’s still Java/Quarkus in the container, but it is the smaller/faster aspect that’s interesting, or better interaction with the native Kubernetes patterns?
Topic 5 - What does this mean for today’s Java developer in terms of learning new capabilities or reusing any existing stacks or frameworks? (Eclipse MicroProfile, JPA/Hibernate, JAX-RS/RESTEasy, Eclipse Vert.x, Netty, and more.
Topic 6 - What’s the best way for developers to get the technology or engage with other developers/community around questions?
|Mar 19, 2019|
Understanding Project Velero (formerly Ark)
Topic 2 - Let’s talk about the Velero Project, which was recently renamed from “Ark”. [From GitHub] “Velero gives you tools to backup and restore your Kubernetes cluster resources and persistent volumes.” It got started in 2017 by engineers at Heptio. Help us understand the scope of the project (backup/recovery, disaster recovery, other).
Topic 3 - Tell us about the architecture behind Velero.
Topic 4 - Right now it appears that all the “Compatible Storage Provider” targets are public cloud storage services. Is there a framework to allow other storage services to be plugged into Velero?
Topic 5 - If people want to get involved in Velero, is there a roadmap of things that are coming in future releases, or a wishlist of things that the project would like to see people focus on?
|Mar 08, 2019|
Topic 2 - Are there some basic things that an existing Ansible Playbook should have in order to easily fit into an Ansible Operator?
Topic 3 - Will Ansible Operator mostly be targeting applications that are automated via Ansible Playbooks, or is it also applicable to infrastructure or security-related playbooks?
Topic 4 - How does an Ansible Operator interact with Ansible Tower, or how due those two worlds co-exist (or not)?
Topic 5 - Are there examples today of Ansible Operators that people can look at or try out?
|Feb 27, 2019|
OpenShift 4 Architecture Overview
Topic 1 - Welcome back to the show. Let’s talk about some of the architectural concepts that will exist in OpenShift 4, and why decisions were made.
Topic 2 - OpenShift has always been a flexible/composable/modular platform. How does that evolve in OpenShift 4 (e.g. Operators, Platform + OS, etc.)?
Topic 3 - OpenShift has evolved since the early 3.x days, when a lot of necessary things weren’t “Kubernetes embedded” (install/upgrade tools, monitoring, scanning, visualization of resources, etc.). OpenShift has been moving to adopt the Kubernetes native elements as they mature (e.g. Prometheus). Can you talk about some of the new Kubernetes native capabilities coming in OpenShift 4 that people should start looking into? (e.g. CRI-O, Cluster-Version-Operator, Machine APIs)
Topic 4 - Let’s come back to the discussion of Operators. We heard alot about Operators for applications (e.g. databases), but are there uses for Operators for things that would be considered more platform-centric (e.g. storage, logging, service mesh, etc.)?
Topic 5 - There are some things happening in the public cloud that make it easier to manage nodes and scaling of nodes. Any interesting stuff coming to OpenShift 4 to help make those elements easier to manage?
|Feb 20, 2019|
Topic 1 - Welcome John Osborne to the show. Let’s talk about your background.
Topic 2 - We decided to discuss “policy” in Kubernetes. Where do you usually find that discussion begins. If I were to do a Google search, the Kubernetes site highlights “Pod Security Policies” and “Quotas”.
Topic 3 - What types of tools do you see in production being used to apply and track policy within Kubernetes environments?
Topic 4 - Grafaes and Kritis are often discussed around policy for “securing Kubernetes software supply chain”. Are these types of projects focused on Kubernetes as a platform, or applications running on Kubernetes, with more of a focus on the CI/CD and Testing pipelines?
Topic 5 - There is a newer framework that’s starting to emerge, called “Open Policy Agent”. What are some of the things that it is focused on?
Topic 6 - Are there communities within Kubernetes that are focused on policy, if people want to follow discussions or contribute to projects?
|Feb 15, 2019|
The Show is Back, 2019 style!
|Feb 07, 2019|
Reviewing KubeCon 2018 Seattle
|Dec 20, 2018|
Kube Security, Kube 1.13 and KubeCon
Kubernetes 1.13 Features
|Dec 07, 2018|
Windows Containers with Microsoft
Topic 1 - From a Windows perspective (OS, Application), talk us through how you typically explain Windows Containers to other people? What are some of the important technologies, or changes to Windows?
Topic 2 - If someone has a Windows (.NET) application today, how would they go about getting into a Container/Kubernetes environment today, and in the near future?
Topic 3 - What are you finding is different between Kubernetes with Linux containers, and Kubernetes with Windows containers?
Topic 4 - You're in the process of writing a series of blogs about OpenShift + Windows containers. You've been working with both the Microsoft and Red Hat teams in getting this supported with OpenShift. What are some of the things you're seeing either Developer Preview customers?
Topic 5 - What are some of the questions that you're getting from people interested in Windows Containers and Kubernetes? (normal and unusual)
|Nov 29, 2018|
Kubernetes as the New Application Server
We mentioned last week that we’re moving into the 3rd Era of Kubernetes (automated ops, automated apps), with the 2nd Era being about getting a broader set of applications on Kubernetes. Today we thought we’d talk about some design patterns, especially for anyone that’s transitioning from existing applications, and how some of those concepts map to the evolving Kubernetes eco-system.
Topic 1 - At the core of this statement about “Kubernetes is the New Application Server” is three things:
Topic 2 - It walks through the 10 elements that either map to Kubernetes, an OpenShift service, or emerging functionality in Istio (or maybe Knative)
|Nov 15, 2018|
Have We Reached Kubernetes-Native Yet
Topic 1 - We’re more than 3yrs into Kubernetes, and almost at the 2yr anniversary of the 1st big CloudNativeCon / KubeCon in Seattle (we’ll be back again this year). So let’s ask a big question - how has the industry evolved to actually deliver Kubernetes-Native?
Topic 2 - What is Kubernetes-Native?
Topic 3 - Was reading a report recently that separated the concepts of DevOps from PlatformOps. We know Developers experiences and expectations are never the same and always evolving. But should the PlatformOps side of things be standardizing on something Kubernetes-native?
Topic 4 - What are some of the common things you’ve seen in the Kubernetes community (products, platforms, services) that have gained some traction, but aren’t really aligned to Kubernetes?
|Nov 09, 2018|
The Internal Build vs Buy Discussion
This show is somewhat free form, but it ultimately started with a listener question that asked:
|Oct 31, 2018|
OpenShift 3.11 and OpenShift Container Engine
Topic 1 - CoreOS integration into OpenShift (admin dash, operators, etc)
|Oct 17, 2018|
Reviewing Kubernetes 1.12 Updates
Topic 1 - Kubelet TLS Bootstrap moves to GA - simplify how nodes are securely added/removed into a cluster. As an add-on, server certificate rotation functionality moves into beta, and this will be tied in with Cluster Operators and Application Operators.
Topic 2 - Azure Virtual Machine Scale Sets (VMSS) and Cluster-Autoscaler is Now Stable
Topic 3 - On the network security front, two NetworkPolicy components graduate to GA: egress and ipBlock.
Topic 4 - Multi-Tenancy: In this release comes the ability to support priority on the various resource quotas via the new ResourceQuotaScopeSelector feature. This enhances the existing priority and preemption feature that was delivered in Kubernetes 1.11.
Topic 5 - CSI now supports the notion of topology awareness and this functionality moves to beta in Kubernetes 1.12. What this means is that stateful workloads can now have a conceptual understanding of where storage resources live, whether it be a rack, datacenter, availability zone, or region.
Topic 6 - Kubectl Plugins: With kubectl plugins, developers can engineer extensions to kubectl, which accommodate their administration scenarios, while not being baked into the core kubectl codebase. This is going to allow teams to develop and deliver kubectl functionality faster and in a more consistent manner. (example: OpenShift “oc commands”) Topic 7 - Let’s discuss the upgrading process of Kubernetes (again).
|Oct 03, 2018|
Listener Mailbag Questions
Topic 1 - From David - Is it possible to do a show about running Spark, Jupyter notebooks and analytical workloads on k8s?
Topic 2 - From Matthew - it would be interesting to hear your thoughts for how apps will be deployed and maintained in the future of OpenShift/kubernetes (covered in Eps.37 in late May).
Topic 3 - From Will - One thing I would still like to know about is how people secure their running kubernetes deployments. Are people generally just exposing their ingress nodes to the open internet, or is it more complicated than that? I'm familiar with Nginx/Apache and modsecurity, and saw that OpenShift recently started supporting Nginx as ingress, and would like to know if anybody is using that as a WAF.
Topic 4 - From Walid - What storage available options are available for production use cases? and what diverse use cases are out there? e.g. stateful mostly, how about trends in machine learning/AI, Big Data workloads not the conventional K8s workloads!
|Sep 19, 2018|
Security & Service Meshes
Topic 1 - Welcome to the show. Tell us about your background, and introduce us to Twistlock for anyone that isn’t familiar with the company.
|Sep 12, 2018|
Patching VMs, OS, Containers
Lots of confusion about how to manage patching of VMs vs. Containers.
Topic 2 - What do I have to patch in a Container-centric environment? Who is typically responsible for that patching?
Topic 3 - Is it possible to quantify the difference between the amount of patching that’s needed?
|Sep 05, 2018|
VM Admin vs Container Admin
Let’s put ourselves in the shoes of a virtualization admin. How would we transition their day-to-day activities from VMs to Containers?
Topic 1 - What does the virtualization infrastructure/platform vs. container infrastructure/platform consist of?
Topic 2 - How do we get an application onto each platform, and how are resources provisioned?
Topic 3 - Who is responsible for the different aspects of the application once it’s running?
Topic 4 - What are the biggest differences or misperceptions between the environments?
|Aug 30, 2018|
KubeVirt and Container Native Virtualization
Topic 1 - Welcome to the show. Tell us about some of the areas you’re focused on these days.
Topic 2 - Let’s talk about some of the basics of KubeVirt. How does it work? What problem is this trying to solve?
Topic 3 - What are some of the technical challenges that have to be overcome for Kubernetes to understand how to deal with virtual machines?
Topic 4 - Looking at the project today, what are some of the things that are possible, and what are some of the goals to add over the next 6 or 12 months?
Topic 5 - What has been the feedback you’ve heard from companies as you’ve introduced them to KubeVirt and CNV?
|Aug 23, 2018|
Topic 1 - Let’s start with the basics. What does a container registry do? Is it just a glorified FTP server?
Topic 2 - What are the typical interactions that a container registry has with elements of Kubernetes (e.g. Deployments, Kubernetes masters) and elements around Kubernetes (e.g. CI/CD pipeline)?
Topic 3 - How do things like scanning and signing fit into container registries? Or should that function reside somewhere else?
Topic 4 - What sort of design considerations should architects consider for the container registry?
|Aug 15, 2018|
Looking Forwards and Backwards at 3yrs of Kubernetes
Topic 1 - Let’s start with people and community. How have you seen the Kubernetes community evolve over the past 3 years? What’s working well, and where have there been struggles?
|Aug 02, 2018|
Istio, Knative and GoogleNEXT
Google Cloud Services Platform (GCSP) - Hybrid and Multi-cloud application development stack, built on Kubernetes and Istio - custom-configured, enterprise-hardened, and delivered by Google.
GKE On-Prem - A core component of CSP, with GKE On-Prem, customers get the Google Kubernetes Engine (GKE) experience in their data center. The first private cloud option for deployment is vSphere 6.5 in alpha release this fall and Google will continue to look at the hardware and other virtualization environments. In a parallel statement, Cisco Hybrid Cloud for Google Cloud will be the first GKE-certified hybrid cloud platform, although any direct relationship to GKE On-prem is unclear.
Project Knative - (Knative on Github) it provides fundamental building blocks for serverless workloads in Kubernetes, empowering the creation of modern, container-based and cloud-native applications which can be deployed anywhere on Kubernetes. OpenShift + Knative (blog).
Istio 1.0 - Istio service mesh is now version 1.0, and available as a managed add-on to GKE, as well as being integrated into Google Stackdriver. PodCTL #23 - Microservices with Istio
Google Cloud Platform Marketplace (pre-announced) - Marketplace of packaged applications to run on GCP and Google Cloud services (e.g. Kubernetes)
GKE Serverless Containers Add-On - Similar to AWS Fargate, Google announced an early-trial serverless infrastructure option to GKE , simplifying infrastructure operations management.
|Jul 27, 2018|
Kubernetes 1.11 Released
Topic 1 - Let’s review for anybody that’s a new listener how the Kubernetes community identifies the maturity level of features and how they should consider interpreting those classifications.
Topic 2 - Kubernetes release usually have a few new GA features, and then lots of Beta or Tech Preview features. What were the highlights of this release for you, or some of the core areas you suggest people focus on?
Topic 3 - Let’s walk through some of the most mentioned capabilities:
|Jul 16, 2018|
Dissecting Kubernetes Survey Data
Topic 1 - Lots of differences between these surveys, both in methodology and results:
Topic 2 - Would you prefer to see more vendor-usage data in these reports, or is it OK to just have generic usage data? Right now it’s sort of a mixed bag
Topic 3 - It’s (usually) never clear who is running these container environments. We see some survey data targeting developers, but not all of them explain (or know) which groups are running the container environments vs. consuming services.
Topic 4 - It’s interesting that none of these surveys highlight the location of companies/customers/users, since we know that certain geographic pockets of the world have very different usage behaviors than others.
|Jul 10, 2018|
Scaling OpenShift Roadshows
Topic 1 - Welcome to the show. Tell us a little bit about your background, as well as some of your focus areas at Red Hat.
Topic 2 - You work on lots of different things, but today we wanted to talk about the technical roadshows. They are hands-on environments, which cater to both Developers and Operators. Give us some of the background of how these get pulled together.
Topic 3 - Are there ways that people could replicate these environments, or the labs/trainings on their own?
Topic 4 - What types of things can you teach developers in a day?
Topic 5 - What types of things can you teach operators in a day?
|Jun 25, 2018|
CI/CD and Kubernetes
Topic 1 - One of our listeners asked if we would CI / CD in the content of Kubernetes, so we thought we’d go through some of the basics and some of the options. First of all, we always say ‘CI/CD’ but what is Continuous Integration, what is Continuous Delivery and what’s the difference?
Topic 2 - What do all these different tools do?
Topic 3 - Is there an approved Kubernetes CI/CD tool, or model?
|Jun 18, 2018|
A Beginners Guide to Kubernetes
Topic 2 - What has significantly changed in the Kubernetes world since 2015/16 to today that people should consider taking advantage of?
Topic 3 - What do you consider “still hard” and should probably justify more early effort?
Topic 4 - What patterns have you seen from successful deployments and customer behaviors?
|Jun 04, 2018|
How to Deploy Applications to Kubernetes
Topic 3 - Why do we have so many different ways to deploy things to Kubernetes, and also from Kubernetes?
Topic 4 - Let’s talk about where the Developer experience should exist and why that’s likely not one specific place.
|May 28, 2018|
VMs for Infrastructure or Isolation?
Topic 1 - Let’s start with the basics. Can you please tell the audience the one command to run to make all containers secure?
Topic 2 - This past week (or 2 weeks) has been a good reminder that there are certain patterns that repeat themselves in emerging technologies and open source: hype (cool demo), binary claims of market dominance and destruction of previous technology (containers vs. VMs), buzzwords of simplicity which go against decades of experience, and then the realities of production environments.
Topic 3 - Let’s talk about where VMs provide value in a container environment, and realities of VMs that people should be aware of in production and in multi-cloud environments.
Topic 4 - Let’s talk briefly about a few of the recent announcements in this space (e.g. gVisor, CNV, etc.)
|May 22, 2018|
Kubernetes News & Events
KubeCon / CloudNativeCon (all videos)
Red Hat Summit (all videos)
|May 14, 2018|
Unifying CoreOS and OpenShift
Topic 1 - Welcome to the show, both of you. Before we get to the announcements and roadmap, let’s do quick introductions and maybe tell us how things have been going since the acquisition of CoreOS was announced at the end of January.
Topic 3 - What are the announcements coming out this week, related to the Kubernetes platform? What timelines are important for these announcements?
Topic 4 - What are the announcements coming this week, related to the Linux OS platform? What timelines are important for these announcements?
Topic 5 - If you’re a customer (new or existing), or an ISV partner of Red Hat, what are you hoping will be the top few takeaways that they understand after hearing these announcements and seeing the demonstrations?
|May 08, 2018|
Topic 1 - Welcome to the show. Tell us about your role within the Kubernetes community, as well as your new role within Red Hat.
Topic 2 - Back at the original KubeCon in Seattle, you introduced the concept of Operators, as “human operational knowledge in software, to reliably manage an application”. Give us the basics of your original thinking behind Operators.
Topic 3 - What is being announced today at KubeCon with the Operator Framework?
Topic 4 - Let’s walk through the 3 core pieces of the Operator Framework
Topic 5 - How will the broader community plan a role in Operator Framework?
|May 01, 2018|
Container Vulnerability Scanning
Topic 1 - Welcome to the show Liz. Tell us a little bit about your background and the types of things that you’re working on these days.
Topic 2 - Let’s start with the basics. A container is defined by a file (e.g. Dockerfile) that the user/developer/operator defines. How can a vulnerability get into that file?
Topic 3 - Is it up to the CI/CD system or host OS (where the container runs) or container orchestrator (e.g. Kubernetes) or container registry to figure out if a vulnerability exists?
Topic 4 - How do most container registries today manage vulnerability lists, container scanning and potential mitigations? What are the difficult parts of those tasks?
Topic 5 - Most containers today are Linux containers. Are you seeing anything happening (yet) around how to manage Windows containers vulnerabilities? Is the assumption that Microsoft will fix this through one of their existing tools, or are things happening in the open source community as well?
|Apr 19, 2018|
PodCTL Basics - Windows Containers & Kubernetes
Show Overview: Brian and Tyler discuss the basics of Microsoft Windows Containers and their integration into Kubernetes.
Topic 1 - Containers on Windows
Topic 2 - Running Windows Containers on Kubernetes
|Apr 02, 2018|
Reviewing Kubernetes 1.10
We discussed some of the new features (Stable, Beta and Alpha) from the Kubernetes 1.10 release. We don't cover every new feature, but we tried to hit the highlights.
Topic 2 - Container Storage Interface (CSI) - Standardized Storage Support
Topic 3 - A replacement for kube-dns
Topic 4 - GPUs and Expanded support for Performance-Sensitive Workloads
Topic 5 - Pod Security Policy
Topic 6 - Adding Identity to Containers (not just pods)
|Mar 28, 2018|
2018 Kubernetes Trends
Topic 1 - Open Service Brokers - who is delivering them, who maintains them, how are they evolving, etc.
|Mar 19, 2018|
Topic 1 - Welcome to the show. Tell us about your background and some of the areas you focus on now?
Topic 2 - Let’s talk about the basics of Kubernetes networking. Walk us through the core elements from container addressing, pod/cluster networking, and things like ingress/egress routing (direct or through proxies).
Topic 3 - Kubernetes has a standard called “CNI” (Container Networking Interface). What does this do, and how does it interact with various SDN projects/products?
Topic 4 - A recent enhancement to Kubernetes was “Network Policy”. What does this provide, and where does it overlap with some commercial SDN capabilities?
Topic 5 - Let’s talk about inbound and outbound routing of traffic. What are some of the biggest issues that people need to take into consideration (proxies, traffic sources, protocols supported, etc.)?
Topic 6 - What are some of the things you’re working on to bridge the networking between CaaS/PaaS layers and IaaS layers?
|Mar 12, 2018|
Kubernetes Roles & Personas
Topics - On today's show, we looked at the four quadrants outlined by Joe Beda in his talk "More Usable Kubernetes" at KubeCon 2017 Austin. He looked at each role and how well the Kubernetes community has addressed that functional area in both tooling and clear definition of the tasks required. We explored where areas are doing well (green) and where there are still areas that need improvement (yellow or red).
|Mar 05, 2018|
The Serverless Landscape
Topic 1 - Let’s talk about the history of serverless within the CNCF, and maybe within the context of PaaS and Kubernetes.
Topic 2 - When talking about Serverless, there seem to be 4 areas to dissect:
Topic 3 - What were your key takeaways from reading the CNCF Serverless whitepaper?
Topic 4 - What about Operations? Do those jobs go away? Are there Ops uses for serverless?
|Feb 26, 2018|
Kubernetes Myths & Misperceptions - Part II
Myth/Misunderstanding 1 - Architecture - Kubernetes Multi-Tenancy
|Feb 19, 2018|
Kubernetes Myths & Misperceptions - Part I
Myth/Misunderstanding 1 - Kubernetes is a platform.
|Feb 12, 2018|
The Blurred Line Between Containers and Applications
News of the Week:
Topic 1 - What’s the most common “basic” question you get about containers? How often is it about either [a] what should developers care about?, or [b] what applications can go into a container?
Topic 2 - As we’ve seen from various survey data (both from CNCF and analyst firms), there is still some amount of “mixed orchestration” in usage. Have you seen specific applications that really require different orchestrators these days?
Topic 3 - Are the orchestrators similar enough that Ops teams can learn multiple? What else is required to operator multiple orchestrators?
Topic 4 - What is the line between a CaaS and a PaaS? Are those even the right distinctions anymore? What’s different for each for a developer?
Topic 5 - As we’re seeing more “serverless / FaaS” projects created for Kubernetes (OpenFaaS, Kubeless, Fission, OpenWhisk, Nuclio, Fn, etc.), where developers just deal with functions and event-sources, won’t this blur the line more?
|Feb 05, 2018|
Microservices with Istio
Topic 1 - Welcome to the show. Give us a little bit of your background as a developer and history of working with various development frameworks/languages/concepts.
Topic 2 - Let’s start with some basics - as a development paradigm, why are we now seeing technologies like Istio and Envoy? The premise of service mesh “reliably connecting services across the network” sounds eerily similar to what we heard about ESB technology. Can you say some words about why this service mesh concept idea is different? Or is it?
Topic 3 - So we’re seeing a need to decouple the application code from the routing-level logic and control. Walk us through the types of things that Istio and Envoy are providing for applications? What are the performance implications of the service mesh? How is this related to API management?
Topic 4 - Architecturally, where are you seeing some of the advantages of Istio / Envoy vs. either previous approaches, or some other service-mesh like projects in the market? (e.g. linkerd, Netflix OSS projects)
Topic 5 - What are some specific problem examples that people run into that should make them think “maybe I need Istio”?
Topic 6 - Where is Istio in its maturity to run in production?
|Jan 29, 2018|
Highway to Helm
Topic 1 - Welcome to the show. Let’s talk about your background prior to getting involved in the Helm community, as well as where you’re focused on with Helm these days.
Topic 2 - For someone that might only be familiar with docker containers (e.g. a DockerFile), give us the basics of what Helm does and the various pieces involved with using Helm (e.g. Helm, Helm Charts, Tiller, Kubernetes).
Topic 3 - Helm is like a blueprint of how you want your containers / application to run. Can you walk us through what else is built into Helm to give it the ability to do Application Lifecycle Management? (versioning, updates, rollback, deletion, etc.)
Topic 4 - Kubernetes can have a lot of different deployment models (stateful, stateless, jobs, batch, custom-resources, etc.). Does Helm have awareness of all of these models?
Topic 5 - What are some of the common tools and patterns you’re seeing around using Helm (CI/CD pipelines, multicloud deployments, etc.)?
|Jan 22, 2018|
Effective RBAC for Kubernetes
Topic 1 - The concept of RBAC is best described as “Can ______ (noun) ______ (verb) on ______ (object) at ______ (location)?” where “noun” is a person/service, “verb” is an action, “object” is a function of the API, and “location” is proximity to a Kubernetes cluster.
Topic 2 - RBAC operates on the concept of Roles and RoleBindings, which map actors to actions, and those actors and actions are defined either globally or locally, and the actions are also defined globally or locally.
Topic 3 - RBAC can be manually defined, or enabled (by default) by an installer or distribution. It comes with a default set of Roles. Everything is done within the scope of a cluster.
Topic 4 - By default, the kube-scheduler, kube-controller-manager, and kube-proxy all have RBAC roles defined. Kubelets (node-level) don’t use RBAC by default, but have their own authorizer, which can then be combined with an RBAC authorizer.
Topic 5 - “Add-ons” (networking, monitoring, logging, etc.) can have RBAC defined in their manifests, or you can grant them access to their service account.
Topic 6 - “If the element needs to be something other than those default roles, or using default authorizer services, then CustomRoles can be created. Can use audit logs to track the needs of a specific add-on. Can use “audit2rbac” tool to views the logs and create custom RBAC roles.
Topic 7 - “Aggregate Roles” are now available in Kubernetes 1.9.
|Jan 15, 2018|
Gathering Kubernetes Communities
Topic 1 - Welcome to the show. Tell us a little bit about your background, as you’ve been through many of the transitions in the application/developer platform market.
Topic 2 - With the breadth of the Kubernetes community today, why does the OpenShift Commons community exist? Don’t they overlap, or are they different types of goals?
Topic 3 - We wanted to talk about the bridge between really wide open communities and customers aligning around common interests. Can you tell us how OpenShift Commons is helping to facilitate those connections? What are some of the “interests” that are growing?
Topic 4 - Almost every week you host at least one video webinar that highlight new technologies. Why do you spend all this time on non-Red Hat technologies and vendors? Have you had any recently that really jumped out at you?
Topic 5 - Around each KubeCon and Red Hat Summit, you host an event called OpenShift Commons Gathering. Can you tell us what these events are, who typically attends, and how these have co-existed with the KubeCon events?
|Jan 08, 2018|
PodCTL Basics - Understanding Service Meshes
Show Overview: Brian and Tyler discuss the basics of Service Meshes, such as Istio, Envoy and Linkerd.
Service Mesh is a layer that manages the communication between apps (or between parts of the same app, e.g. microservices)
Topic 2 - Didn’t developers build Microservices before Service Meshes?
Topic 3 - How does a Container or Kubernetes interact with a Service Mesh?
|Jan 04, 2018|
2017 Kubernetes Year in Review
Topic 1 - GETTING STARTED: People said that getting started w/ Docker Swarm was easier than Kubernetes. Kubernetes community created tools like Minikube & Minishift to run locally on the laptop, automation playbooks in Ansible, Katacoda have made it simple to have online tutorials, multiple cloud offerings (GKE, AKS, EKS, OpenShift Dedicated) make it simple to get a working Kubernetes cluster.
Topic 2 - ENSURING PORTABILITY: Enterprise customers wants Hybrid Cloud environment. they need to understand how multiple cloud environments will impact this decision. The CNCF’s Kubernetes Conformance model is the only container-centric framework that can ensure customers that Kubernetes will be consistent between clouds.
Topic 3 - INFRASTRUCTURE BREADTH: Other container orchestrators had ways to integrate storage and networking, but only Kubernetes created standards (e.g. CNI, CSI) that have gained mainstream adoption to create dozens of vendors/cloud options.
Topic 4 - APPLICATION BREADTH: The community has evolved from supporting stateless apps to supporting stateful applications (and containerized storage), serverless applications, batch jobs, and custom resources definitions for vertical-specific application profiles.
Topic 5 - SECURITY: There were concerns about K8S security. the community has responded with better encryption and management of secrets, and improved Kubernetes-specific container capabilities like CRI-O and OCI standardization.
|Dec 18, 2017|
Microsoft in the Kubernetes Ecosystem
Topic 1 - Welcome to the show. You joined Microsoft via the Deis acquisition. Let’s talk about some of the work you’ve been focused on since joining Microsoft.
Topic 4 - Help us understand what the Helm project and Draft project enable for developers.
|Dec 11, 2017|
Kubernetes Everywhere, Now What...
Topic 1 - AWS re:Invent happened last week. Any news about Kubernetes?
|Dec 04, 2017|
Day to Day Kubernetes Operations
Topic 1 - How do you deploy the underlying compute resources that are used as Nodes in a Kubernetes cluster?
Topic 3 - When a new version of Kubernetes comes out, how do you manage to upgrade the environment?
Topic 4 - What are the common things that the Ops team is tracking, monitoring, measuring in a Kubernetes environment?
Topic 5 - What are some things that have changed, from an operational perspective, because a Container/Kubernetes environment and previous technologies (e.g. VMs)?
|Nov 20, 2017|
Security: Identity Management, RBAC, Authentication and Authorization
Topic 1 - Let’s talk about User authentication in Kubernetes>
Topic 2 - Let’s dig into the various types of Authorizations
Topic 3 - Given that various people (Devs & Ops) interact with dashboards, how do we manage that Authentication?
|Nov 13, 2017|
Security: Hosts, Registries, Content and Pipelines
Topic 1 - Let’s start at the bottom of the stack with the security needed on a container host.
Topic 2 - Next in the stack, or outside the stack, is the sources of container content.
Topic 3 - Once we have the content (applications), we need a secure place to store and access it - container registries.
Topic 4 - Once we have secure content (building blocks) and a secure place to store the container images, we need to think about a secure supply chain of the software - the build process.
|Nov 06, 2017|
An Introduction to CRI-O
Topic 1 - Welcome to the show. Why don’t you both introduce yourselves and tell us what areas you focus on.
|Oct 30, 2017|
An Introduction to Prometheus Monitoring
Topic 3 - Prometheus is now part of CNCF. Is it a native Kubernetes service, or a sidecar application for containers, or a broad service that just runs on Kubernetes?
|Oct 23, 2017|
Service Catalog All the Things
Topic 1 - Welcome to the show. Before you got involved in the Service Catalog SIG, you worked on several other aspects of Kubernetes (security, etc.). Tell us about some of the things you’re been involved with?
Topic 4 - We saw a demo of the Service Catalog/Broker at Red Hat summit during an announcement with AWS, where is showed AWS services as part of the catalog. Previously, we’ve seen the CF Service Broker interact with Google or Azure services. Is the relationship between the broker and cloud-services “cloud specific”, or will things be interchangeable at all?
|Oct 17, 2017|
Unclogging some Kubernetes Plumbing Issues
Topic 1 - Let’s talk about the challenges of networking with containers and some of the ways that Kubernetes addresses these challenges.
Topic 2 - Let’s talk about the challenges of storage with containers and some of the ways that Kubernetes addresses these challenges.
|Oct 09, 2017|
Managing High Performance Workloads
Topic 1 - Welcome to the show. You recently introduced the Resource Management Working Group within Kubernetes. Tell us a little bit about the group.
Topic 3 - This is a broad list of areas to focus on. How do you determine what things should be kernel-level focus, Kubernetes-level focus, or application-level focus?
|Oct 02, 2017|
Digging into Kubernetes 1.8
Topic 1 - Welcome to the show. Both of you are top contributors to Kubernetes, both also lead (or co-lead) some of the SIG/Working group. Can you give us a sense of your community involvement from a contributor and leader perspective?
|Sep 25, 2017|
What's included with Kubernetes?
News of the Week:
Topics 1 - What's included in Kubernetes (by default)?
Topic 3 - What are some of the standard ways to plug in those pieces?
Topic 4 - What does a company get with a "distribution" vs. "platform" vs. "public cloud service"?
Question of the Week:
Q: What is "pure" Kubernetes?
|Sep 18, 2017|
PodCTL Basics - How to Containerize an Application
Show Overview: Brian and Tyler discuss the basics of how an application gets into a container, how to layer OS + applications + dependencies, how a container interacts with a container registry, and how container files different from Kubernetes manifests.
Topic 1 - How does a Container know what application to run?
Topic 2 - Can any Application run in a Container? Does it have to be modified?
Topic 3 - How does a Container interact with a Container Registry?
Topic 5 - Can a Containerized Application interact with other applications? How?
|Sep 13, 2017|
Understanding the Cloud Native Ecosystem
News of the Week
Interview with Chris Aniszczyk
Is there a CNCF stack?
Can you talk about how projects get engaged with CNCF and the process of “official” vs. “incubation”, etc?
Will it ever make sense to have a “certification” program for CNCF-associated offerings, or does that create too much overhead?
Topic 4 - With so many projects being created, in different parts of the stack, where do you potentially see the next “official” projects coming from?
|Sep 11, 2017|
PodCTL Basics - Linux Containers
Show Overview: Brian and Tyler discuss the basics of Linux containers.
Segment 1 - What is a Linux Container?
Segment 2 - How do Linux hosts interact (and isolate) Linux Containers?
Segment 3 - How does a container interact with Networking and Storage?
Segment 4 - Can any Application run in a Linux Container? Does it have to be modified?
|Sep 07, 2017|
All the Tools in the Kubernetes Toolbox
Segment 1 - [News of the Week]
Segment 2 - Why do Open Source Projects often end up with so many installers?
Segment 4 - What are some of the Day 2 tools that are used with Kubernetes?
|Sep 04, 2017|
Making Sense of Container Standards
Segment 1 - News of the Week
Segment 2 - An Interview with Vincent Batts
Segment 3 - Question(s) of the Week
|Aug 28, 2017|
PodCTL Basics - What is Kubernetes?
Show: PodCTL Basics #1
Segment 1 - What is Kubernetes?
Segment 2 - How does Kubernetes work?
Segment 3 - What’s the relationship between Kubernetes and Containers?
Segment 4 - Are there alternative technologies that work similar to Kubernetes?
Segment 5 - How can a company get Kubernetes or use Kubernetes?
|Aug 21, 2017|
Who has a Kubernetes problem?
Show Description: Brian and Tyler discuss some of the use-cases that businesses have for using Kubernetes. They review several public examples of Kubernetes uses, both in web scale and Enterprise environments.
Segment 1 - Thank you for the great response to the initial show. Response has been very positive and we’ve already had like 8-10 people ask to be guests on the show. The challenge is to figure out what to do on show #2 or #3 since there is so much happening. So we’ve decided that for a while, we’re going to make sure that we cover all the fundamentals of containers and Kubernetes.
Segment 3 - How are companies using Kubernetes?
Segment 4 - How to Learn More
Segment 5 - Question(s) of the Week
|Aug 21, 2017|
3.6 Ways to Love Kubernetes
|Aug 11, 2017|