Cloud Native weekly highlights:

  • Crossplane became the CNCF incubator project
  • VMware Tanzu Kubernetes Grid 1.4
  • Merge Sqlcommenter with OpenTelemetry
  • Antrea 1.3.0 release
  • Envoy project open Source for 5 years
  • Open Source Project Recommendation
  • The article recommended

Cloud native dynamics

Crossplane became the CNCF incubator project

The CNCF Technical Oversight Committee (TOC) has voted to accept Crossplane as an incubator project for CNCF. Crossplane is an open source Kubernetes add-on that enables modern organizations to use infrastructure through an open, community-driven, standards-based common control plane. This control plane approach, first proposed by the Kubernetes community, is changing how platform teams automate infrastructure and enable developers to build faster through self-service provisioning.

Crossplane was created and open-source by a team at Upbound in late 2018. In June 2020, it was incorporated into the CNCF sandbox.

see

VMware Tanzu Kubernetes Grid 1.4

VMware Tanzu Kubernetes Grid 1.4 is released. This release introduces improvements and updates to networking, packages, user experience, and Kubernetes version control, and supports Kubernetes 1.21.2.

The new features are as follows:

  • Packages: All extensions and add-ons have now been migrated to the Carvel packaging format and API
  • User experience: includes periodic improvements to installation, accessibility, and support
  • Networking: In Tanzu Kubernetes Grid 1.4, new support for single-stack IPv6 clustering is introduced for vSphere and static load balancing

For more information about the new features in Tanzu Kubernetes Grid 1.4, see the release notes.

Merge Sqlcommenter with OpenTelemetry

Database observability is important to every DevOps team. To troubleshoot slow applications, developers, DBAs, data engineers, or SRE use a variety of application performance monitoring (APM) tools that require access to database activities. This makes it imperative that database telemetry be easily accessible and seamlessly integrated with the tool of your choice for end-to-end visibility.

So merge Sqlcommenter, an open source Object relational Mapping (ORM) automated detection library, with OpenTelemetry, an open source observability framework. This consolidation will enable application-centric database observability through open standards.

Sqlcommenter is an open source library that enables ORM to extend SQL statements prior to execution, with comments containing information about the code that caused them to execute. This makes it easy to associate slow queries with source code and gain insight into back-end database performance. OpenTelemetry, now the second most active Cloud Native Computing Foundation (CNCF) open source project after Kubernetes, makes it easy to create and collect telemetry data from your services and software, and then forward that data to a variety of application performance monitoring tools.

see

Antrea 1.3.0 release

Antrea is a Kubernetes native project that implements the container network interface (CNI) and Kubernetes NetworkPolicy to provide network connectivity and security for pod workloads. Antrea extends the benefits of programmable networking from Open vSwitch (OVS) to Kubernetes.

In April 2021, Antrea became a CNCF Sandbox Project. In September, Antrea released a new version, V1.3.0. Includes support for network security policies based on DNS/FQDN names, support for WireGuard encryption of cross-host Pod traffic, and other updates and modifications.

See the Antrea 1.3.0 Release documentation for new features in this Release

Envoy project open Source for 5 years

Envoy open Source celebrates its 5th anniversary with founder Matt Klein’s personal blog about the journey and lessons learned from open source. He joined Lyft after leaving Twitter due to his own bugs, and had little experience contributing or managing open source projects before the open source Envoy. In this post, he shares his personal and open source journey, how to decide between joining open source Envoy or working for his employer Lyft. After reading this article, I believe that the maintainer of open source projects, entrepreneurs and investors will have a great harvest.

译 文 : 5 years of Envoy OSS

Open Source Project Recommendation

topic

When you run the top command in a container to view the resource status, some metrics, such as CPU utilization, memory utilization, etc. are inaccurate because the /proc file in the container is actually owned by the host. The prevailing approach is to hijack read calls using LXCFS, but LXCFS is expensive to deploy. The idea of topic is to modify the top command to directly read the system files in the container that reflect the actual resource usage status, which is cheaper than LXCFS.

Liqo

Liqo is a multi-cluster management platform, which can realize dynamic resource scheduling across Kubernetes cluster. Liqo allows Pod to run seamlessly on remote clusters without any modifications to Kubernetes and applications. With Liqo, you can extend the control plane of a Kubernetes cluster to the edge of the cluster and map the entire remote cluster to a virtual local node, enabling a native multi-cluster.

Kink

KinD is a tool that uses Docker containers to run local Kubernetes clusters, primarily for testing purposes, but also for local development. Kink is a CLI application that runs a KinD cluster directly within a Pod of a Kubernetes cluster and manages the life cycle of a KinD cluster.

registry-du

By default, Docker Registry (including Harbor) does not have a tool to visually check the used space. Registry -du can be used to count the Project space occupied by Registry. Such as:

$ registry-du /home/X/du-demo/registry/data/docker/registry/v2 Registry Path is: /home/X/du-demo/registry/data/docker/registry/v2 +Project-Size----------+-----------+ | Project Name | Size(MiB) | + -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - + -- -- -- -- -- -- -- -- -- -- -- + | jellyfin 277.55 | | | library 147.62 | | | mongo - express: latest 47.2 | | +----------------------+-----------+ +Image-Size----------------+-----------+ | Image Name | Size(MiB) | + -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - + -- -- -- -- -- -- -- -- -- -- -- + | jellyfin/jellyfin: latest 277.55 | | | library/mysql: 5.7 147.62 | | | Mongo - express: latest 47.2 | | + -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- - + -- -- -- -- -- -- -- -- -- -- - +Copy the code

BMC

BMC (BPF Memory Cache) is the memcached kernel Cache based on eBPF. Without modifying the Linux kernel or memcached applications, the memcached throughput can be increased by 18 times.

The article recommended

12 am Istio production accident! The operation was handled like a tiger

In a new cluster on the service, traffic is cut. During the verification process, the web page can be opened normally and 502 is returned during login. After investigation, the author found that ISTIO did not send 7000 traffic by proxy, and provided an alternative solution.

Use eBPF to trace SSL/TLS connections

This article demonstrates how to use eBPF to trace connections encrypted over TLS (or SSL). TLS has become the standard for securing microservice communications, so any production-grade tracing tool should have the ability to handle encrypted connections.

Prometheus TSDB series articles

Although Prometheus 2.0 is three years old, there is little information available on how TSDB works other than Fabian’s articles, which are very high-level and not suitable for beginners. This series of articles explains in detail how TSDB works, including Haed Blocks, chunk memory mapping, persistent blocks and their indexes.

This article is published by OpenWrite!