We hope those of you in the United States got to enjoy the long Memorial Day weekend. The big news from last week is the release of EKS 1.27! If you having been meaning to upgrade your cluster but aren’t sure where to begin, head on over to the Best Practices for Cluster Upgrades in the EKS Best Practices Guide. You’ll also want to catch the ReadME Project’s podcast with Kelsey Hightower on the future of Kubernetes. There’s a new CFTC episode about using Datree for policy enforcement too.
Please take the time to respond to the Kubernetes production readiness survey . Your answers will help direct the community’s future efforts. And lastly, the CNCF is now accepting CFPs for KubeCon NA in Chicago. If you have an idea for a talk, please visit the CFP website . Good luck!
New AWS services and features
- Amazon EKS and Amazon EKS Distro now support Kubernetes version 1.27
- In 1.27 the seccomp runtime profile for containerd is enabled by default. You can also control when a pod is ready for scheduling using Pod Scheduling Readiness and use custom queue controllers to update pod scheduling directives, e.g. node affinity, tolerations, labels, etc for suspended jobs
- Amazon Managed Service for Prometheus now available in 4 additional AWS regions
- Now available in Asia Pacific (Mumbai), Asia Pacific (Seoul), South America (Sao Paulo) and Europe (Paris)
- The AWS observability workshop now includes an example for managing dashboards with the Grafana operator
- HardenEKS: Validating Best Practices For Amazon EKS Clusters Programmatically
- HardenEKS is an open source Python-based Command Line Interface (CLI) that’s designed to make it easier to programmatically validate if an EKS cluster follows best practices defined in EKS Best Practices Guide.
- The blog walks through how to install and run HardenEKS, how to identify and remediate issues, and how to generate reports.
- Amazon EKS now supports Kubernetes version 1.27 (Chill vibes)
- Release includes new features for achieving balanced topology spread , such as minDomains, nodeAffinityPolicy & nodeTaintPolicy, and matchLabelKeys
- 1.27 also includes higher API limits for the kubelet (now 50 sustained and 100 burst) which improves the responsiveness and performance of the kubelet, such as how quickly pods start after being scheduled
--container-runtimeflag has been removed too. If you were using this flag to use an alternate container runtime, you will need to remove that flag from your [AMI] image builds. For example, to run Mirantis Container Runtime on Kubernetes see Install MCR on Linux distros and Use MCR with Kubernetes . To run CRI-O on Kubernetes see [CRI-O Installation Instructions](http://CRI-O Installation Instructions) and Running CRI-O on Kubernetes cluster .
- Configure Continuous Deployment Using Kustomize Components and Spinnaker Operator in Amazon EKS
- This blog describes how to streamline the Spinnaker service configurations using Kustomize components, Spinnaker Operator, and Amazon EKS Blueprints
- Let’s Architect! Designing microservices architectures
- This post dives into the microservices architectures by analyzing the options for discoverability and connectivity available through Amazon VPC Lattice ; it specifically focuses on architectural patterns for communication, mainly on asynchronous communication. Finally, it explores how to work with serverless microservices and analyzes a case study from Amazon, coming directly from the Amazon Builder’s Library .
- 2023Q2 Kubernetes Production Readiness Survey
- KubeCon North America (2023) Call For Proposals (CFP)
- Kelsey Hightower on leadership in open source and the future of Kubernetes
- Cost Management in Kubernetes with OpenCost and Kyverno
- Run more pods per GPU with NVIDIA Multi-Instance GPU
- Container security fundamentals part 4: Cgroups
- Getting started with Istio in AWS EKS
- Beyond the Clouds: A CNCF Ambassador’s Introduction to Four Transformative Technologies
- Useful kubectl plugins