Issue #1 : Unlocking Jenkins on Kubernetes & More
This week’s DevOps spotlight:
1. Jenkins on Kubernetes - Free Course Available Now! We've launched a brand-new free course on deploying Jenkins on Kubernetes. We keep adding one lesson every day - Access it here
2. IPAM in Networking: Nowadays, in most organizations, network teams manage the VPC networks and ensure that only unused ranges are allocated to VPCs. How do they manage this? Learn More
3. Wcurl Utility: A Handy Tool for Web Requests a simple wrapper around curl designed to make file downloads easier. Explore
?? Special Offers & Learning Resources
1. Save 35% on Kubernetes Certifications: Use code AUGUST24CT at kube.promo/devops to get a 35% discount on individual certification vouchers. Don’t miss this limited-time offer!
2. Free Course on Gemini API by Google: Expand your cloud knowledge with this free course on Google's Gemini API. A great resource for those interested in API management and cloud services. Access Here
3. Kubernetes Patterns - Free eBook: Download the "Kubernetes Patterns" eBook for free and gain valuable insights into Kubernetes design patterns and best practices. Download Now
?? Research & Insights
1. Kube-Proxy ?????????????????? ???????? ???????????? ??????????????????????.
Ever wondered how Kubernetes services handle load balancing?
By default, the kube-proxy component in Kubernetes uses iptables for routing requests. (Supports IPVS as well)
I got curious about how it manages load balancing behind the scenes, and I discovered something interesting: a feature in iptables called ?????????????????? ???????? ???????????? ??????????????????????.
This feature is part of iptables and is used for packet filtering and network address translation. It allows you to create rules that match a specific percentage of packets at random.
领英推荐
For example, I tested a service endpoint pointing to a three pod deployemnt. It showed statistic mode random probability as 0.33 , essentially balancing the load across the three pods.
It is more of a probabilistic traffic distribution and not actual load balancing.-
2. Searches for DevSecOps are skyrocketing—up 200% every year!
3. Istio utilizes 10 percent of hardware resources
Alibaba Cloud reported,A Kubernetes cluster comprising 500 nodes and 15,000 pods, and found it consumed 1,500 cores and 5,000 gigabytes of memory.
It also claimed that the sidecar's CPU and memory requirements grow even higher than that of the app.Google addressed some of these resource challenges with Ambient Mesh.
But as per Alibaba, Ambient Mesh improved performance but still required some proxies to reside within the user cluster.
Alibaba Cloud overcame these issues by building their own service mesh called Canal Mesh.It claims, Canal Mesh delivers throughput ????.???? ?????? ??.???? ???????????? than Istio and Ambient Mesh, respectively, while reducing CPU consumption compared to Istio.
This was achieved by moving proxies out of the user cluster, leaving only a minimal on-node proxy to manage security and observability. Additionally, it leverages eBPF-based kernel bypass and remote mTLS acceleration to optimize performance further.
1. ???????????? ???????? ????????????????????????:It is a technique used to optimize the processing of mTLS connections by offloading the computationally intensive cryptographic operations to specialized hardware.A similar implementation can be done in k8s ingress controllers for TLS using device plugins & RuntimeClass.
??. ????????-?????????? ???????????? ????????????A technique used to enhance the performance of network operations by bypassing the traditional kernel network stack in LinuxRead about XDP (eXpress Data Path) to understand more on this.
???????????????? ?????????? ???????? ??????????: https://dl.acm.org/doi/pdf/10.1145/3651890.3672221
Stay tuned for more updates and resources in next week's digest!
Early Adopter at ONPASSIVE
3 个月https://youtu.be/5URdkOKywaY World's Best Opportunity - To Achieve 24 x 7 Time Freedom - To Generate Sustainable Income effortlessly with Automation Mode. - To Fulfill your passion for helping people Globally. The feeling of giving is 10 times more powerful than the feeling of receiving. Start your journey with ONPASSIVE - The Future of Internet. Before borne UNICORN Launch on World Cup at Katar User 1.4 Million (Organic Data) Associated with 220 Countries Office at Hyderabad, Singapore, Egypt, USA and Dubai - Burj Khalifa on 134 and 151 floor Metro Station in the name of ONPASSIVE at Dubai ONPASSIVE beyond our imagination ONPASSIVE Real Company Real Business Real Products for REAL PEOPLE. - Confirm to learn more. WhatsApp: 9433625178
DevOps Engineer ? at Blackned | Golang
3 个月awesome, thx Bibin!
Site Reliability Engineer-Application Support Lead|Axiom CV-9|”Empowering Efficiency,System Reliability,Bridging Technology & Business for Seamless Applications with Expert Support”
3 个月Nice keep publishing and sharing knowledge with audience like us
Technology Leader|Author|Speaker - SRE|DevOps|Platform Engineering|Infrastructure|Cloud Architect
3 个月Brest wishes Bibin Wilson