GC - #29 It's Puja Two Y'all

Show notes

Giant Conversations Episode #29

Episode Date: March 5 2025

Topic: Puja Two Y'all!

Hosted by:

Special Guest: Puja Abbassi

Contributors:

Subscribe to Marcus' Kubernetes Newsletter https://cloudnative.now/

### Swarmalicious News

Marcus Noble: Tekton Incubation Application - This is from May 1, 2024. Is it new?

Martin Proffitt: Introducing Flux 2.5 GA.

  • General Availability of the Bucket API: The Bucket API has reached General Availability (GA), providing a stable interface for managing bucket resources.
  • CLI Enhancements: The flux command-line interface now includes a create secret proxy command, facilitating the creation of proxy secrets. Additionally, the create source commands have been updated with a --proxy-secret-ref flag to support proxy configurations.
  • Dependency Updates: Flux components have been updated to align with Kubernetes v1.31.1, ensuring compatibility and leveraging the latest Kubernetes features.
  • Testing Improvements: Conformance tests now cover Kubernetes versions 1.29 through 1.31, ensuring robust support across these versions.

Puja Abbassi: Six Sins of Platform Teams where Sergey Tselovalnikov discusses common pitfalls that platform teams encounter, such as:

  • Structuring teams around specific solutions
  • Losing empathy towards product engineers
  • Overengineering solutions
  • Neglecting user feedback
  • Imposing mandatory usage
  • Lack of clear success metrics

Marcus Noble: CVE-2025-0426: Node Denial of Service via kubelet Checkpoint API. A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk. What is this process?

Simon Weald: Tolerating full cloud outages with Monzo Stand-in Monzo introduces "Monzo Stand-in," a backup banking infrastructure hosted on Google Cloud Platform (GCP) designed to maintain essential banking services during outages of their primary platform on Amazon Web Services (AWS). Notes:

  • Independent Operation: Monzo Stand-in runs on GCP, while the primary platform operates on AWS, ensuring that a failure in one doesn't affect the other.
  • Essential Services Coverage: During primary platform outages, Stand-in supports vital functions such as card spending, cash withdrawals, bank transfers, balance checks, transaction history, and card freezing/unfreezing.
  • Simplified App Interface: When Stand-in is active, the Monzo app automatically transitions to a streamlined user interface, focusing on essential banking features to maintain user accessibility.
  • Risk Mitigation Strategy: By developing a separate set of services for Stand-in, Monzo avoids complexities and potential issues related to real-time data replication and consistency between platforms.

Puja Abbassi: Confidential computing is a new technology that enables 1Password to bring its end-to-end encryption model into the cloud.

Confidential AI with: https://www.edgeless.systems/

### AI News

Puja / Timo: Introducing agent mode for GitHub Copilot in VS Code, announcing the general availability of Copilot Edits, and providing a first look at our SWE agent.

Puja: ChatGPT for DevOps: otto8.ai. Easily integrate CLIs, Docker Images, JavaScript, Python, and Shell scripts with AI.

New comment

Your name or nickname, will be shown publicly
At least 10 characters long
By submitting your comment you agree that the content of the field "Name or nickname" will be stored and shown publicly next to your comment. Using your real name is optional.