This edition features 2 technologies powered by eBPF: native network policies using the VPC CNI plugin and the GuardDuty Runtime Monitoring agent.
Network policies can be enabled on all new EKS clusters v1.25 and above.
New AWS services and features
- Amazon VPC CNI now supports Kubernetes NetworkPolicy enforcement
- Starting with VPC CNI v1.14, customers running Kubernetes on AWS can now allow or deny traffic between their pods based on label selectors, namespaces, IP blocks, and ports.
- Customers can also trace and troubleshoot configured policies at a cluster and node level using the Amazon VPC CNI plugin.
- NetworkPolicy support is available on new clusters running Kubernetes version 1.25 and above but turned off by default at launch.
- Amazon VPC CNI now supports Kubernetes Network Policies (Getting started blog)
- GitHub - aws-samples/eks-network-policy-examples
AWS blogs
- Measure cluster performance impact of Amazon GuardDuty EKS Agent
- This blog describes how the GuardDuty agent captures threat intelligence information without taxing the nodes
Community news
- Cloud Native Rejekts NA 2023 Tickets
- If you’re planning to arrive early for KubeCon NA, we recommend attending this event!
- Lessons and Takeaways from Evaluating Kubernetes Migration at Uber
- Notary Project announces a major release!
- OpenAI-based Open Source tools for Kubernetes AIOps
- Supercharging AI/ML Development with JupyterLab and Docker
- Slack’s Migration to a Cellular Architecture
- Introducing Kepler: Efficient power monitoring for Kubernetes
Videos and webinars
- Container Secrets for Lambda or Kubernetes
- Create a container image that can run on Kubernetes and Lambda with PD_PRELOAD
- GitHub - rails-lambda/crypteia: 🧱🔐 Rust Lambda Extension for any Runtime
- Run Stable Diffusion on Kubernetes | Generative AI on Amazon EKS
- Container Image Signing with AWS Signer and Amazon EKS