While research CNI recently, I recalled an interesting issue I encountered during the development of network plugins and investigation of Calico: Calico assigns IP addresses to its own components’ Pods (e.g., calico-kube-controllers). How does Calico achieve this? From the installation of the Calico network plugin to assigning IPs to its own Pods, what happens at the underlying level?

This essentially poses a “chicken-and-egg” problem: running a Pod requires the CNI plugin, while the CNI plugin’s operation depends on the proper functioning of other Pods.

This analysis is based on Cilium v1.16.5, Calico v3.29.1, and Kubernetes v1.23.

This project aims to simplify the creation and management of complex custom resources for Kubernetes.

Kube Resource Orchestrator (kro) helps you to define complex multi-resource constructs as reusable components in your applications and systems. It does this by providing a Kubernetes-native, vendor agnostic way to define groupings of Kubernetes resources.

kro's fundamental custom resource is the ResourceGraphDefinition. A ResourceGraphDefinition defines collections of underlying Kubernetes resources. It can define any Kubernetes resources, either native or custom, and can specify the dependencies between them. This lets you define complex custom resources, and include default configurations for their use.

The kro controller will determine the dependencies between resources, establish the correct order of operations to create and configure them, and then dynamically create and manage all of the underlying resources for you.

kro is Kubernetes native and integrates seamlessly with existing tools to preserve familiar processes and interfaces.

A single binary to manage your multiple kubernetes clusters.

kubewall provides a simple and rich real time interface to manage and investigate your clusters.

A Kubernetes media gateway for WebRTC.

In this article, we take a look at the Azure Verified Module for Azure Landing Zones, and how we can customise deployments.

On December 11, 2024, OpenAI experienced a major outage caused by a failure in the Kubernetes cluster control plane. For outsiders, this may simply seem like an interesting incident, but as an insider, I analyzed this failure from a technical perspective.

Harnessing the power of policy-driven governance in shared computing environments

Kubernetes seems like the obvious choice for building out remote, standardized and automated development environments. We thought so too and have spent six years invested in making the most popular cloud development environment platform at internet scale. That’s 1.5 million users, where we regularly see thousands of development environments per day. In that time, we’ve found that Kubernetes is not the right choice for building development environments.

December 4th, 2024, started as a peaceful, snowy morning. Around 8 AM, I settled into my work-from-home routine, having freshly brewed coffee. My usual workflow:

1. Check the Production dashboard to ensure everything is running smoothly — and it was.
2. Check my email and Slack to see if any team member needs help.
3. Open JIRA, pick up a task and get ready to dive into work.

There were no pressing issues to address. I opened JIRA and picked up a task to migrate one of our Infrastructures as a Code repository from Terragrunt to Terraform. This is a topic for another post to explain why.

Lucked out! The peace and serenity didn’t last long. An alert popped up: One of our production services had gone down. What started as a calm Wednesday morning quickly turned into a troubleshooting adventure.