diff --git a/.vitepress/data/blog.data.ts b/.vitepress/data/blog.data.ts index 9f8a9d390..d57b3efed 100644 --- a/.vitepress/data/blog.data.ts +++ b/.vitepress/data/blog.data.ts @@ -25,6 +25,7 @@ Copied and adapted from -> https://github.com/vitejs/vite/blob/9b98dcbf75546240e */ import { createContentLoader } from 'vitepress' +import { normalizeAuthors, normalizeTags, type BlogAuthor } from '../shared/blogMetadata' interface Post { title: string @@ -33,7 +34,9 @@ interface Post { time: number string: string } - excerpt: string | undefined + authors: BlogAuthor[] + tags: string[] + preview: string | undefined } declare const data: Post[] @@ -41,117 +44,323 @@ export { data } export default createContentLoader('blog/**/*.md', { excerpt: true, + render: true, transform(raw): Post[] { - return raw - .filter(page => { - // Filter out index files and images - const isIndex = page.url.includes('_index') || page.url === '/blog/' || page.url.includes('/images/'); - - // Check if it's not a folder - const isNotFolder = !page.url.endsWith('/'); - - // Check if page has a date in frontmatter or in filename - let hasDate = !!(page.frontmatter.publishdate || page.frontmatter.date); - - // If no date in frontmatter, try to extract from filename - if (!hasDate && page.url) { - // URLs like /blog/2019/06.11-Feature-Flags... - const datePattern = /\/(\d{4})\/(\d{2})\.(\d{2})-/; - hasDate = datePattern.test(page.url); - } - - return !isIndex && isNotFolder; - }) - .map(({ url, frontmatter, excerpt }) => { - // Try to get date from frontmatter - let dateValue = frontmatter.publishdate || frontmatter.date; - - // If no date in frontmatter, try to extract from URL/filename - if (!dateValue && url) { - const match = url.match(/\/(\d{4})\/(\d{2})\.(\d{2})-/); - if (match) { - const [, year, month, day] = match; - dateValue = `${year}-${month}-${day}`; - } - } - - return { - title: frontmatter.title || frontmatter.linkTitle || 'Untitled', - url, - excerpt, - date: formatDate(dateValue, frontmatter.title) - }; - }) - .sort((a, b) => b.date.time - a.date.time) + .filter(page => { + // Filter out index files and images + const isIndex = page.url.includes('_index') || page.url === '/blog/' || page.url.includes('/images/') + + // Check if it's not a folder + const isNotFolder = !page.url.endsWith('/') + + const frontmatterDate = page.frontmatter.publishdate || page.frontmatter.date + const extractedDate = extractDateFromBlogUrl(page.url) + const hasDate = Boolean(frontmatterDate || extractedDate) + + return !isIndex && isNotFolder && hasDate + }) + .map(page => { + const { url, frontmatter, excerpt, html } = page + const source = getSourceMarkdown(page) + const dateValue = frontmatter.publishdate || frontmatter.date || extractDateFromBlogUrl(url) + + return { + title: frontmatter.title || frontmatter.linkTitle || 'Untitled', + url, + authors: normalizeAuthors(frontmatter.authors ?? frontmatter.author), + tags: normalizeTags(frontmatter.tags), + preview: extractPreview(source, html, excerpt), + date: formatDate(dateValue, frontmatter.title) + } + }) + .sort((a, b) => b.date.time - a.date.time) } }) +function formatDate(raw: string | Date | undefined, title: string | undefined): Post['date'] { + const parsed = parseDateValue(raw) + if (!parsed) { + if (title !== 'Overview') { + console.warn(`Post: ${title} missing or invalid date, sorting it to the bottom`) + } + + return { + time: 0, + string: 'Undated' + } + } + + return { + time: +parsed, + string: toDisplayDate(parsed) + } +} -function formatDate(raw: string | Date, title: string): Post['date'] { +function parseDateValue(raw: string | Date | undefined): Date | undefined { if (!raw) { - // Fallback for posts without dates - if(title !== 'Overview'){ - console.warn(`Post: ${title} missing date, using current date as fallback`); + return undefined + } + + if (raw instanceof Date) { + if (Number.isNaN(raw.getTime())) { + return undefined } - const now = new Date(); - return { - time: +now, - string: now.toLocaleDateString('en-US', { - year: 'numeric', - month: 'long', - day: 'numeric' - }) - }; - } - - const date = new Date(raw); - - // If the date is invalid, try parsing with a different format - if (isNaN(date.getTime())) { - // Try to parse from format like "2019-05-24" or other common formats - console.warn(`Invalid date format: ${raw}, attempting to parse differently`); - - // Try different parsing strategies - if (typeof raw === 'string') { - // Try to extract a date from formats like "2019/06.11-Feature..." - const match = raw.match(/(\d{4})[-/.](\d{2})[-/.](\d{2})/); - if (match) { - const [, year, month, day] = match; - const parsedDate = new Date(`${year}-${month}-${day}`); - if (!isNaN(parsedDate.getTime())) { - return { - time: +parsedDate, - string: parsedDate.toLocaleDateString('en-US', { - year: 'numeric', - month: 'long', - day: 'numeric' - }) - }; - } + + return new Date(Date.UTC(raw.getUTCFullYear(), raw.getUTCMonth(), raw.getUTCDate())) + } + + const trimmed = raw.trim() + if (!trimmed) { + return undefined + } + + const isoDateOnly = /^(\d{4})-(\d{2})-(\d{2})$/.exec(trimmed) + if (isoDateOnly) { + const [, year, month, day] = isoDateOnly + return normalizeDateParts(year, month, day) + } + + const isoDateTime = /^(\d{4})-(\d{2})-(\d{2})T/.exec(trimmed) + if (isoDateTime) { + const [, year, month, day] = isoDateTime + return normalizeDateParts(year, month, day) + } + + const genericDate = /(\d{4})[-/.](\d{2})[-/.](\d{2})/.exec(trimmed) + if (genericDate) { + const [, year, month, day] = genericDate + return normalizeDateParts(year, month, day) + } + + return undefined +} + +function toDisplayDate(date: Date): string { + return date.toLocaleDateString('en-US', { + year: 'numeric', + month: 'long', + day: 'numeric', + timeZone: 'UTC' + }) +} + +function extractDateFromBlogUrl(url: string | undefined): string | undefined { + if (!url) { + return undefined + } + + // New format: /blog/2026/02/02-18-some-title/ + const monthFolderAndDay = url.match(/\/(\d{4})\/(\d{2})\/(\d{2})[-.](\d{2})-/) + if (monthFolderAndDay) { + const [, year, , month, day] = monthFolderAndDay + const normalized = normalizeDateParts(year, month, day) + if (normalized) { + return normalized.toISOString().slice(0, 10) + } + } + + // Legacy format without the repeated month: /blog/2020/11.23-some-title/ + const legacy = url.match(/\/(\d{4})\/(\d{2})[.-](\d{2})-/) + if (legacy) { + const [, year, month, day] = legacy + const normalized = normalizeDateParts(year, month, day) + if (normalized) { + return normalized.toISOString().slice(0, 10) + } + } + + return undefined +} + +function normalizeDateParts(yearRaw: string, monthRaw: string, dayRaw: string): Date | undefined { + const year = Number(yearRaw) + const month = Number(monthRaw) + const day = Number(dayRaw) + + if (!Number.isInteger(year) || !Number.isInteger(month) || !Number.isInteger(day)) { + return undefined + } + + const date = new Date(Date.UTC(year, month - 1, day)) + if ( + date.getUTCFullYear() !== year + || date.getUTCMonth() !== month - 1 + || date.getUTCDate() !== day + ) { + return undefined + } + + return date +} + +function getSourceMarkdown(value: unknown): string | undefined { + if (!value || typeof value !== 'object') { + return undefined + } + + const src = (value as { src?: unknown }).src + return typeof src === 'string' ? src : undefined +} + +function extractPreview( + source: string | undefined, + html: string | undefined, + fallbackExcerpt: string | undefined +): string | undefined { + const fromSource = extractPreviewFromMarkdown(source) + if (fromSource) { + return fromSource + } + + const fromHtml = extractPreviewFromHtml(html) + if (fromHtml) { + return fromHtml + } + + return normalizePreviewText(fallbackExcerpt) +} + +function extractPreviewFromMarkdown(markdown: string | undefined): string | undefined { + if (!markdown) { + return undefined + } + + const withoutFrontmatter = markdown.replace(/^\uFEFF?---\s*[\r\n][\s\S]*?[\r\n]---\s*[\r\n]?/, '') + const lines = withoutFrontmatter.split(/\r?\n/) + const paragraphLines: string[] = [] + + let inFence = false + let fenceToken = '' + + for (const rawLine of lines) { + const line = rawLine.trim() + + const fenceMatch = line.match(/^(`{3,}|~{3,})/) + if (fenceMatch) { + const token = fenceMatch[1] + if (!inFence) { + inFence = true + fenceToken = token[0] + } else if (line.startsWith(fenceToken.repeat(3))) { + inFence = false + fenceToken = '' } + continue } - // If all else fails, use current date - const fallback = new Date(); - return { - time: +fallback, - string: fallback.toLocaleDateString('en-US', { - year: 'numeric', - month: 'long', - day: 'numeric' - }) - }; + if (inFence) { + continue + } + + if (!line) { + if (paragraphLines.length) { + break + } + continue + } + + if (!paragraphLines.length) { + if (line.startsWith('#') || line.startsWith(':::')) { + continue + } + + if (/^(-|\*|\+)\s/.test(line) || /^\d+\.\s/.test(line)) { + continue + } + + if (line.startsWith('|') || /^<\w+/.test(line)) { + continue + } + } + + paragraphLines.push(line) } - // Normal case - valid date - date.setUTCHours(12); - return { - time: +date, - string: date.toLocaleDateString('en-US', { - year: 'numeric', - month: 'long', - day: 'numeric' - }) + if (!paragraphLines.length) { + return undefined } + + return normalizePreviewText(stripMarkdownFormatting(paragraphLines.join(' '))) +} + +function extractPreviewFromHtml(html: string | undefined): string | undefined { + if (!html) { + return undefined + } + + const trimmedHtml = html.trimStart() + const afterTitleHeading = trimmedHtml.replace(/^]*>[\s\S]*?<\/h1>/i, '') + + // Prefer the first paragraph after the title. + const firstParagraph = afterTitleHeading.match(/]*>[\s\S]*?<\/p>/i) + if (firstParagraph) { + const text = normalizePreviewText(firstParagraph[0]) + if (text) { + return text + } + } + + const divBlocks = afterTitleHeading.match(/]*>[\s\S]*?<\/div>/gi) || [] + for (const div of divBlocks) { + if (/]*>[\s\S]*?<\/\1>/gi) || [] + for (const block of blocks) { + const text = normalizePreviewText(block) + if (text) { + return text + } + } + + return normalizePreviewText(afterTitleHeading) +} + +function stripMarkdownFormatting(raw: string): string { + return raw + .replace(/!\[([^\]]*)\]\([^)]+\)/g, '$1') + .replace(/\[([^\]]+)\]\([^)]+\)/g, '$1') + .replace(/`([^`]+)`/g, '$1') + .replace(/\*\*([^*]+)\*\*/g, '$1') + .replace(/\*([^*]+)\*/g, '$1') + .replace(/__([^_]+)__/g, '$1') + .replace(/_([^_]+)_/g, '$1') + .replace(/~~([^~]+)~~/g, '$1') +} + +function normalizePreviewText(raw: string | undefined, maxLength = 360): string | undefined { + if (!raw) { + return undefined + } + + const text = raw + .replace(//g, ' ') + .replace(//gi, ' ') + .replace(//gi, ' ') + .replace(/<[^>]*>/g, ' ') + .replace(/ /g, ' ') + .replace(/&/g, '&') + .replace(/"/g, '"') + .replace(/'/g, "'") + .replace(/</g, '<') + .replace(/>/g, '>') + .replace(/\s+/g, ' ') + .trim() + + if (!text) { + return undefined + } + + return text.length > maxLength + ? `${text.slice(0, maxLength).trimEnd()}...` + : text } + diff --git a/.vitepress/shared/blogMetadata.ts b/.vitepress/shared/blogMetadata.ts new file mode 100644 index 000000000..d20d22500 --- /dev/null +++ b/.vitepress/shared/blogMetadata.ts @@ -0,0 +1,187 @@ +export interface BlogAuthor { + name: string + avatar?: string + login?: string + email?: string +} + +const TAG_ALIASES: Record = { + aws: 'provider-aws', + azure: 'provider-azure', + gcp: 'provider-gcp', + openstack: 'provider-openstack', + 'metal-stack': 'provider-metal-stack', + neonephos: 'apeiro' +} + +export function canonicalizeTag(value: string): string { + const trimmed = value.trim() + if (!trimmed) { + return '' + } + + const key = trimmed.toLowerCase() + return TAG_ALIASES[key] || trimmed +} + +export function normalizeTags(raw: unknown): string[] { + if (Array.isArray(raw)) { + return uniqueNonEmpty(raw) + } + + if (typeof raw === 'string') { + return uniqueNonEmpty(raw.split(',')) + } + + return [] +} + +export function normalizeAuthors(raw: unknown): BlogAuthor[] { + const values = Array.isArray(raw) + ? raw + : raw == null + ? [] + : [raw] + + const unique: BlogAuthor[] = [] + const seen = new Set() + + for (const value of values) { + const author = normalizeAuthor(value) + if (!author) { + continue + } + + const key = `${author.name.toLowerCase()}::${(author.login ?? '').toLowerCase()}` + if (seen.has(key)) { + continue + } + + seen.add(key) + unique.push(author) + } + + return unique +} + +function normalizeAuthor(value: unknown): BlogAuthor | undefined { + if (typeof value === 'string') { + const trimmed = value.trim() + if (!trimmed) { + return undefined + } + + const login = getGitHubLogin(trimmed) + const name = trimmed.startsWith('@') + ? trimmed.slice(1) + : login ?? trimmed + + return { + name, + login, + avatar: toGitHubAvatar(login) + } + } + + if (!value || typeof value !== 'object') { + return undefined + } + + const rawAuthor = value as { + name?: unknown + avatar?: unknown + image?: unknown + login?: unknown + github?: unknown + url?: unknown + email?: unknown + } + + const explicitName = asNonEmptyString(rawAuthor.name) + const email = asNonEmptyString(rawAuthor.email) + const login = getGitHubLogin(rawAuthor.login) + ?? getGitHubLogin(rawAuthor.github) + ?? getGitHubLogin(rawAuthor.url) + const name = explicitName || login + + if (!name) { + return undefined + } + + const avatar = + asNonEmptyString(rawAuthor.avatar) + || asNonEmptyString(rawAuthor.image) + || toGitHubAvatar(login) + + return { + name, + login: login || undefined, + avatar: avatar || undefined, + email: email || undefined + } +} + +function uniqueNonEmpty(values: unknown[]): string[] { + const unique: string[] = [] + + for (const value of values) { + if (typeof value !== 'string') { + continue + } + + const normalized = canonicalizeTag(value) + if (!normalized || unique.some(tag => tag.toLowerCase() === normalized.toLowerCase())) { + continue + } + + unique.push(normalized) + } + + return unique +} + +function asNonEmptyString(value: unknown): string | undefined { + if (typeof value !== 'string') { + return undefined + } + + const normalized = value.trim() + return normalized || undefined +} + +function getGitHubLogin(value: unknown): string | undefined { + if (typeof value !== 'string') { + return undefined + } + + const trimmed = value.trim() + if (!trimmed) { + return undefined + } + + const withoutPrefix = trimmed.startsWith('@') ? trimmed.slice(1) : trimmed + + if (isGitHubLogin(withoutPrefix)) { + return withoutPrefix + } + + const match = withoutPrefix.match(/github\.com\/([A-Za-z0-9-]+)/i) + if (match && isGitHubLogin(match[1])) { + return match[1] + } + + return undefined +} + +function isGitHubLogin(value: string): boolean { + return /^[A-Za-z0-9](?:[A-Za-z0-9-]{0,38})$/.test(value) +} + +function toGitHubAvatar(login: string | undefined): string | undefined { + if (!login) { + return undefined + } + + return `https://avatars.githubusercontent.com/${login}` +} + diff --git a/.vitepress/theme/components/BlogIndex.vue b/.vitepress/theme/components/BlogIndex.vue index cddccdd2e..b2cf1490b 100644 --- a/.vitepress/theme/components/BlogIndex.vue +++ b/.vitepress/theme/components/BlogIndex.vue @@ -25,49 +25,622 @@ SOFTWARE. Copied and adapted from -> https://github.com/vitejs/vite/blob/9b98dcbf75546240e1609185828e18a77bac8c8d/docs/.vitepress/theme/components/YouTubeVideo.vue */ +import { computed, onMounted, onUnmounted, ref } from 'vue' import { data as posts } from '../../data/blog.data' -import {withBase} from "vitepress"; +import { withBase } from 'vitepress' +import { canonicalizeTag } from '../../shared/blogMetadata' +function parseSelectedTagsFromUrl(): string[] { + if (typeof window === 'undefined') { + return [] + } -function getDateTime(time: number) { - return new Date(time).toISOString() + const params = new URLSearchParams(window.location.search) + const rawValues = [ + ...params.getAll('tag'), + ...params.getAll('tags').flatMap(value => value.split(',')) + ] + + const selected: string[] = [] + + for (const value of rawValues) { + const normalized = canonicalizeTag(value) + if (!normalized) { + continue + } + + if (selected.some(tag => tag.toLowerCase() === normalized.toLowerCase())) { + continue + } + + selected.push(normalized) + } + + return selected +} + +const selectedTags = ref([]) +const tagQuery = ref('') + +function applySelectedTagsFromUrl(): void { + selectedTags.value = parseSelectedTagsFromUrl() +} + +onMounted(() => { + applySelectedTagsFromUrl() + window.addEventListener('popstate', applySelectedTagsFromUrl) +}) + +onUnmounted(() => { + window.removeEventListener('popstate', applySelectedTagsFromUrl) +}) + +function compareTags(a: string, b: string): number { + const normalizedA = a.toLowerCase() + const normalizedB = b.toLowerCase() + + if (normalizedA === normalizedB) { + return a.localeCompare(b) + } + + return normalizedA.localeCompare(normalizedB) +} + +function visibleTags(tags: string[]): string[] { + return [...tags].sort(compareTags) +} + +const postsWithVisibleTags = computed(() => { + return posts + .filter(post => post.title !== 'Overview') + .map(post => ({ + ...post, + visibleTags: visibleTags(post.tags) + })) +}) + +const allVisibleTags = computed(() => { + const tagsByNormalized = new Map() + + for (const post of postsWithVisibleTags.value) { + for (const tag of post.visibleTags) { + const normalized = tag.toLowerCase() + if (!tagsByNormalized.has(normalized)) { + tagsByNormalized.set(normalized, tag) + } + } + } + + return Array.from(tagsByNormalized.values()).sort(compareTags) +}) + +const normalizedTagQuery = computed(() => tagQuery.value.trim().toLowerCase()) +const normalizedSelectedTags = computed(() => selectedTags.value.map(tag => tag.toLowerCase())) + +const filteredPosts = computed(() => { + return postsWithVisibleTags.value.filter(post => { + const matchesSelectedTags = + !normalizedSelectedTags.value.length || + normalizedSelectedTags.value.every(selectedTag => + post.visibleTags.some(tag => tag.toLowerCase() === selectedTag) + ) + const matchesTagQuery = !normalizedTagQuery.value || post.visibleTags.some(tag => tag.toLowerCase().indexOf(normalizedTagQuery.value) !== -1) + + return matchesSelectedTags && matchesTagQuery + }) +}) + +function syncSelectedTagsToUrl(): void { + if (typeof window === 'undefined') { + return + } + + const url = new URL(window.location.href) + url.searchParams.delete('tag') + url.searchParams.delete('tags') + + for (const tag of selectedTags.value) { + url.searchParams.append('tag', tag) + } + + window.history.replaceState({}, '', url) +} +function isTagActive(tag: string): boolean { + return normalizedSelectedTags.value.indexOf(tag.toLowerCase()) !== -1 +} + +function toggleTag(tag: string): void { + const existingIndex = selectedTags.value.findIndex(selected => selected.toLowerCase() === tag.toLowerCase()) + + if (existingIndex !== -1) { + selectedTags.value.splice(existingIndex, 1) + } else { + selectedTags.value.push(tag) + } + + // Clicking tags manages the selected tag set explicitly. + tagQuery.value = '' + syncSelectedTagsToUrl() +} + +function clearFilters(): void { + selectedTags.value = [] + tagQuery.value = '' + syncSelectedTagsToUrl() +} + +function isAuthorLinkable(author: { login?: string, email?: string }): boolean { + return Boolean(author.login) +} + +function getAuthorGithubHref(login: string): string { + return `https://github.com/${encodeURIComponent(login)}` } diff --git a/.vitepress/theme/components/BlogPostMeta.vue b/.vitepress/theme/components/BlogPostMeta.vue new file mode 100644 index 000000000..410d85a38 --- /dev/null +++ b/.vitepress/theme/components/BlogPostMeta.vue @@ -0,0 +1,329 @@ + + + + + + + + + + + + diff --git a/.vitepress/theme/index.ts b/.vitepress/theme/index.ts index e844db3ed..655cf9cd3 100644 --- a/.vitepress/theme/index.ts +++ b/.vitepress/theme/index.ts @@ -6,6 +6,7 @@ import YouTubeVideo from './components/YouTubeVideo.vue' import VPFooter from './components/VPFooter.vue' import TaxonomyIndex from './components/TaxonomyIndex.vue' import Banner from './components/Banner.vue' +import BlogPostMeta from './components/BlogPostMeta.vue' import './style.css' @@ -13,7 +14,7 @@ export default { extends: DefaultTheme, Layout() { return h(DefaultTheme.Layout, null, { - 'doc-before': () => h(TaxonomyIndex), + 'doc-before': () => [h(TaxonomyIndex), h(BlogPostMeta)], 'home-features-before': () => h(Banner), 'layout-bottom': () => h(VPFooter), }) @@ -22,3 +23,5 @@ export default { app.component('YouTubeVideo', YouTubeVideo) }, } satisfies Theme + + diff --git a/hack/apply-blog-tags.mjs b/hack/apply-blog-tags.mjs new file mode 100644 index 000000000..d40925261 --- /dev/null +++ b/hack/apply-blog-tags.mjs @@ -0,0 +1,363 @@ +import fs from 'node:fs/promises' +import path from 'node:path' +import yaml from 'js-yaml' + +const BLOG_ROOT = path.resolve('website/blog') +const DRY_RUN = process.argv.includes('--dry-run') + +const CONTENT_TYPE_TAGS = [ + 'feature-announcement', + 'release-notes', + 'technical-deep-dive', + 'case-study', + 'community-event', + 'tutorial', + 'milestone' +] + +const TAXONOMY_ORDER = [ + ...CONTENT_TYPE_TAGS, + 'cost-optimization', + 'security', + 'networking', + 'high-availability', + 'observability', + 'storage', + 'autoscaling', + 'node-management', + 'dashboard', + 'gardenctl', + 'etcd', + 'helm', + 'cluster-api', + 'extensions', + 'provider-aws', + 'provider-azure', + 'provider-gcp', + 'provider-openstack', + 'provider-metal-stack', + 'apeiro' +] + +const TAG_ALIASES = { + aws: 'provider-aws', + azure: 'provider-azure', + gcp: 'provider-gcp', + openstack: 'provider-openstack', + 'metal-stack': 'provider-metal-stack', + neonephos: 'apeiro' +} + +const DOMAIN_RULES = [ + { + tag: 'cost-optimization', + keywords: ['cost', 'save money', 'lower bills', 'optimization', 'registry cache', 'hibernate', 'finops', 'efficiency'] + }, + { + tag: 'security', + keywords: ['security', 'secure', 'credential', 'authentication', 'authorization', 'tls', 'certificate', 'ca support', 'oci registries', 'cookie'] + }, + { + tag: 'networking', + keywords: ['network', 'cidr', 'dns', 'calico', 'cilium', 'kube-proxy', 'coredns', 'ipv4', 'ipv6', 'l7', 'load balancing', 'overlay'] + }, + { + tag: 'high-availability', + keywords: ['high availability', 'zone outage', 'outage toleration', 'failover', 'multi-zone'] + }, + { + tag: 'observability', + keywords: ['observability', 'monitoring', 'prometheus', 'promcon', 'opentelemetry', 'otel', 'logging', 'metrics', 'alertmanager', 'promql'] + }, + { + tag: 'storage', + keywords: ['storage', 'etcd', 'volume', 'pvc', 'persistent volume', 'backup', 'efs', 'filestore', 'bucket'] + }, + { + tag: 'autoscaling', + keywords: ['autoscaling', 'scale down', 'scale-up', 'hpa', 'vpa', 'overprovision'] + }, + { + tag: 'node-management', + keywords: ['node', 'worker', 'machine controller', 'machine-controller', 'rolling update', 'in-place update', 'gardenadm', 'gardenlet'] + } +] + +const COMPONENT_RULES = [ + { tag: 'dashboard', keywords: ['dashboard'] }, + { tag: 'gardenctl', keywords: ['gardenctl'] }, + { tag: 'etcd', keywords: ['etcd'] }, + { tag: 'helm', keywords: ['helm', 'oci registries'] }, + { tag: 'cluster-api', keywords: ['cluster api', 'capi', 'capga', 'kcp'] }, + { tag: 'extensions', keywords: ['extension', 'gardener-extension', 'provider extension'] } +] + +const CLOUD_RULES = [ + { tag: 'provider-aws', keywords: ['aws', 'amazon web services', 'amazon efs', 's3'] }, + { tag: 'provider-azure', keywords: ['azure'] }, + { tag: 'provider-gcp', keywords: ['gcp', 'google cloud'] }, + { tag: 'provider-openstack', keywords: ['openstack'] }, + { tag: 'provider-metal-stack', keywords: ['metal-stack', 'equinix metal', 'equinix'] } +] + +const PROJECT_RULES = [ + { tag: 'apeiro', keywords: ['apeiro', 'neonephos'] } +] + +async function main() { + const files = await collectMarkdownFiles(BLOG_ROOT) + const blogFiles = files.filter(file => { + const name = path.basename(file) + return name !== 'index.md' && name !== '_index.md' + }) + + let modified = 0 + const outputRows = [] + + for (const file of blogFiles) { + const source = await fs.readFile(file, 'utf8') + const match = source.match(/^---\r?\n([\s\S]*?)\r?\n---\r?\n?/) + if (!match) { + continue + } + + const newline = source.includes('\r\n') ? '\r\n' : '\n' + const frontmatterText = match[1] + const body = source.slice(match[0].length) + + const frontmatter = yaml.load(frontmatterText, { schema: yaml.JSON_SCHEMA }) || {} + const inferredTags = inferTags(frontmatter, body, file) + const existingTags = normalizeTags(frontmatter.tags) + let mergedTags = mergeTags(inferredTags, existingTags) + + if (!mergedTags.some(tag => CONTENT_TYPE_TAGS.includes(tag.toLowerCase()))) { + mergedTags = mergeTags(['technical-deep-dive'], mergedTags) + } + + const updatedFrontmatter = replaceTagsBlock(frontmatterText, mergedTags, newline) + if (updatedFrontmatter === frontmatterText) { + continue + } + + modified += 1 + outputRows.push({ file: path.relative(process.cwd(), file), tags: mergedTags }) + + if (!DRY_RUN) { + const normalizedBody = body.replace(/^\r?\n/, '') + const updated = `---${newline}${updatedFrontmatter}${newline}---${newline}${normalizedBody}` + await fs.writeFile(file, updated, 'utf8') + } + } + + console.log(`Blog posts scanned: ${blogFiles.length}`) + console.log(`Files ${DRY_RUN ? 'to update' : 'updated'}: ${modified}`) + for (const row of outputRows) { + console.log(`${row.file}: ${row.tags.join(', ')}`) + } +} + +function inferTags(frontmatter, body, filePath) { + const title = `${frontmatter.title || ''} ${frontmatter.linkTitle || ''}`.toLowerCase() + const slug = filePath.replaceAll('\\', '/').toLowerCase() + const bodyPreview = body.slice(0, 1400).toLowerCase() + const focusText = `${title}\n${String(frontmatter.newsSubtitle || '')}\n${slug}\n${bodyPreview}` + const tags = [] + + if (includesAny(title, ['community meeting', 'kubecon', 'promcon', 'hackathon', 'conference']) || includesAny(slug, ['community-meeting', 'kubecon', 'promcon', 'hackathon'])) { + tags.push('community-event') + } + + if (/\bv\d+\.\d+(\.\d+)?\b/.test(title) || includesAny(title, [' release ', 'released'])) { + tags.push('release-notes') + tags.push('feature-announcement') + } + + if (includesAny(title, ['announcing', 'announcement', 'introducing', 'new in', 'enhanced', 'enhancing', 'unleashing', 'integrates', 'now supports', 'supports'])) { + tags.push('feature-announcement') + } + + if (includesAny(title, ['case study', 'case-study']) || (includesAny(title, ['migrating']) && includesAny(focusText, ['production']))) { + tags.push('case-study') + } + + if (includesAny(title, ['tutorial', 'how to', 'getting started']) || includesAny(slug, ['getting-started'])) { + tags.push('tutorial') + } + + if (includesAny(title, ['anniversary', 'years of', 'happy anniversary'])) { + tags.push('milestone') + } + + if (includesAny(title, ['deep dive'])) { + tags.push('technical-deep-dive') + } + + applyRules(tags, focusText, DOMAIN_RULES) + applyRules(tags, focusText, COMPONENT_RULES) + applyRules(tags, focusText, CLOUD_RULES) + applyRules(tags, focusText, PROJECT_RULES) + + return uniqueCaseInsensitive(tags) +} + +function applyRules(target, text, rules) { + for (const rule of rules) { + if (includesAny(text, rule.keywords)) { + target.push(rule.tag) + } + } +} + +function includesAny(text, keywords) { + return keywords.some(keyword => containsKeyword(text, keyword)) +} + +function containsKeyword(text, keyword) { + const value = keyword.trim().toLowerCase() + if (!value) { + return false + } + + if (value.includes(' ') || value.includes('-')) { + return text.includes(value) + } + + const pattern = new RegExp(`(^|[^a-z0-9])${escapeRegExp(value)}([^a-z0-9]|$)`, 'i') + return pattern.test(text) +} + +function escapeRegExp(value) { + return value.replace(/[.*+?^${}()|[\]\\]/g, '\\$&') +} + +function normalizeTags(raw) { + if (Array.isArray(raw)) { + return raw + .filter(value => typeof value === 'string') + .map(value => canonicalizeTag(value)) + .filter(Boolean) + } + + if (typeof raw === 'string') { + return raw + .split(',') + .map(value => canonicalizeTag(value)) + .filter(Boolean) + } + + return [] +} + +function canonicalizeTag(value) { + const trimmed = String(value || '').trim() + if (!trimmed) { + return '' + } + + const key = trimmed.toLowerCase() + return TAG_ALIASES[key] || trimmed +} + +function mergeTags(inferredTags, existingTags) { + const merged = uniqueCaseInsensitive([...inferredTags, ...existingTags]) + const byLower = new Map(merged.map(tag => [tag.toLowerCase(), tag])) + + const ordered = [] + for (const tag of TAXONOMY_ORDER) { + if (byLower.has(tag)) { + ordered.push(tag) + byLower.delete(tag) + } + } + + for (const tag of merged) { + const key = tag.toLowerCase() + if (byLower.has(key)) { + ordered.push(tag) + byLower.delete(key) + } + } + + return ordered +} + +function uniqueCaseInsensitive(values) { + const result = [] + const seen = new Set() + + for (const value of values) { + if (typeof value !== 'string') { + continue + } + + const normalized = value.trim() + if (!normalized) { + continue + } + + const key = normalized.toLowerCase() + if (seen.has(key)) { + continue + } + + seen.add(key) + result.push(normalized) + } + + return result +} + +function replaceTagsBlock(frontmatterText, tags, newline) { + const lines = frontmatterText.split(/\r?\n/) + const tagLines = ['tags:', ...tags.map(tag => ` - ${tag}`)] + + let start = -1 + for (let index = 0; index < lines.length; index += 1) { + if (/^tags\s*:\s*/i.test(lines[index])) { + start = index + break + } + } + + if (start >= 0) { + let end = start + 1 + while (end < lines.length) { + const line = lines[end] + if (/^[A-Za-z0-9_-]+\s*:\s*/.test(line)) { + break + } + end += 1 + } + + lines.splice(start, end - start, ...tagLines) + } else { + let insertAt = lines.length + while (insertAt > 0 && lines[insertAt - 1].trim() === '') { + insertAt -= 1 + } + lines.splice(insertAt, 0, ...tagLines) + } + + return lines.join(newline) +} + +async function collectMarkdownFiles(root) { + const entries = await fs.readdir(root, { withFileTypes: true }) + const files = [] + + for (const entry of entries) { + const fullPath = path.join(root, entry.name) + if (entry.isDirectory()) { + files.push(...await collectMarkdownFiles(fullPath)) + } else if (entry.isFile() && entry.name.endsWith('.md')) { + files.push(fullPath) + } + } + + return files +} + +main().catch(error => { + console.error(error) + process.exit(1) +}) diff --git a/hack/preview.sh b/hack/preview.sh index 89d5db188..b8c54cf7a 100755 --- a/hack/preview.sh +++ b/hack/preview.sh @@ -13,4 +13,4 @@ if [ -z "$GITHUB_OAUTH_TOKEN" ]; then fi docker build -t gardener-documentation:dev --load --secret id=GITHUB_OAUTH_TOKEN . -docker run --rm -p 5173:5173 gardener-documentation:dev +docker run --rm -p "5173:5173" gardener-documentation:dev diff --git a/website/archived/blog/2018/06.11-Frontend-HTTPS.md b/website/archived/blog/2018/06.11-Frontend-HTTPS.md index 2afb61214..c01f34fb5 100644 --- a/website/archived/blog/2018/06.11-Frontend-HTTPS.md +++ b/website/archived/blog/2018/06.11-Frontend-HTTPS.md @@ -2,7 +2,7 @@ title: Frontend HTTPS authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-06-11 archivedate: 2018-07-11 diff --git a/website/archived/blog/2019/06.11-Cluster-Overprovisioning.md b/website/archived/blog/2019/06.11-Cluster-Overprovisioning.md index 2915a0152..434c96a39 100644 --- a/website/archived/blog/2019/06.11-Cluster-Overprovisioning.md +++ b/website/archived/blog/2019/06.11-Cluster-Overprovisioning.md @@ -2,7 +2,7 @@ title: Cluster Overprovisioning authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2019-06-11 archivedate: 2019-07-11 diff --git a/website/archived/blog/2019/06.11-Manually-Adding-a-Node-to-an-Existing-Cluster.md b/website/archived/blog/2019/06.11-Manually-Adding-a-Node-to-an-Existing-Cluster.md index 049090771..2c02ed06f 100644 --- a/website/archived/blog/2019/06.11-Manually-Adding-a-Node-to-an-Existing-Cluster.md +++ b/website/archived/blog/2019/06.11-Manually-Adding-a-Node-to-an-Existing-Cluster.md @@ -2,7 +2,7 @@ title: Manually Adding a Node to an Existing Cluster authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2019-06-11 archivedate: 2019-07-11 diff --git a/website/archived/contribute/code/30_deploy_seed_into_aks/_index.md b/website/archived/contribute/code/30_deploy_seed_into_aks/_index.md index b7d0793d4..fbde3c111 100644 --- a/website/archived/contribute/code/30_deploy_seed_into_aks/_index.md +++ b/website/archived/contribute/code/30_deploy_seed_into_aks/_index.md @@ -16,7 +16,7 @@ setup. # High Level Overview In this example we'll follow these steps to create a Seed cluster on AKS: -- [Deploying the Gardener and a Seed into an AKS cluster](#deploying-the-gardener-and-a-seed-into-an-aks-cluster) +- [Deploying the previous Gardener versions and a Seed into an AKS cluster](#deploying-the-previous-gardener-versions-and-a-seed-into-an-aks-cluster) - [High Level Overview](#high-level-overview) - [Prerequisites](#prerequisites) - [AWS credentials for Route 53 Hosted Zone](#aws-credentials-for-route-53-hosted-zone) diff --git a/website/blog/2018/06/06.11-anti-patterns.md b/website/blog/2018/06/06.11-anti-patterns.md index 00917c108..b66434e59 100644 --- a/website/blog/2018/06/06.11-anti-patterns.md +++ b/website/blog/2018/06/06.11-anti-patterns.md @@ -2,12 +2,14 @@ title: Anti Patterns authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-06-11 archivedate: 2018-07-11 +tags: + - technical-deep-dive + - node-management --- - ![](./images/blog-antipattern.png) ## Running as Root User diff --git a/website/blog/2018/06/06.11-auditing-kubernetes-for-secure-setup.md b/website/blog/2018/06/06.11-auditing-kubernetes-for-secure-setup.md index 976a1f14f..b8a42f463 100644 --- a/website/blog/2018/06/06.11-auditing-kubernetes-for-secure-setup.md +++ b/website/blog/2018/06/06.11-auditing-kubernetes-for-secure-setup.md @@ -2,12 +2,15 @@ title: Auditing Kubernetes for Secure Setup authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-06-11 archivedate: 2018-07-11 +tags: + - technical-deep-dive + - security + - networking --- - In summer 2018, the [Gardener project team](https://github.com/gardener/gardener) asked [Kinvolk](https://kinvolk.io/) to execute several penetration tests in its role as a third-party contractor. The goal of this ongoing work is to increase the security of all Gardener stakeholders in the open source community. Following the Gardener architecture, the control plane of a Gardener managed shoot cluster resides in the corresponding seed cluster. This is a [Control-Plane-as-a-Service](https://kubernetes.io/blog/2018/05/17/gardener/#kubernetes-control-plane) with a [network air gap](https://kubernetes.io/blog/2018/05/17/gardener/#network-air-gap). ![teaser](./images/teaser.svg) diff --git a/website/blog/2018/06/06.11-big-things-come-in-small-packages.md b/website/blog/2018/06/06.11-big-things-come-in-small-packages.md index 1528a6023..fe8fb4912 100644 --- a/website/blog/2018/06/06.11-big-things-come-in-small-packages.md +++ b/website/blog/2018/06/06.11-big-things-come-in-small-packages.md @@ -2,12 +2,13 @@ title: Big Things Come in Small Packages authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-06-11 archivedate: 2018-07-11 +tags: + - technical-deep-dive --- - Microservices tend to use smaller runtimes but you can **use what you have** today - and this can be a **problem in Kubernetes**. Switching your architecture from a monolith to microservices has many advantages, both in the way you write software and the way it is used throughout its lifecycle. In this post, my attempt is to cover one problem which does not get as much attention and discussion - **size of the technology stack**. diff --git a/website/blog/2018/06/06.11-hardening-the-gardener-community-setup.md b/website/blog/2018/06/06.11-hardening-the-gardener-community-setup.md index 6fbdcaeb6..7e20e5fc0 100644 --- a/website/blog/2018/06/06.11-hardening-the-gardener-community-setup.md +++ b/website/blog/2018/06/06.11-hardening-the-gardener-community-setup.md @@ -2,10 +2,11 @@ title: Hardening the Gardener Community Setup authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-06-11 archivedate: 2018-07-11 +tags: + - technical-deep-dive --- - The [Gardener project team](https://github.com/gardener/gardener) has analyzed the impact of the Gardener [CVE-2018-2475](https://groups.google.com/forum/#!topic/gardener/Pom2Y70cDpw) and the [Kubernetes CVE-2018-1002105](https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88) on the Gardener Community Setup. Following some recommendations it is possible to mitigate both vulnerabilities. diff --git a/website/blog/2018/06/06.11-kubernetes-is-available-in-docker-for-mac-17-12-ce.md b/website/blog/2018/06/06.11-kubernetes-is-available-in-docker-for-mac-17-12-ce.md index 82df3a2d0..fe2191270 100644 --- a/website/blog/2018/06/06.11-kubernetes-is-available-in-docker-for-mac-17-12-ce.md +++ b/website/blog/2018/06/06.11-kubernetes-is-available-in-docker-for-mac-17-12-ce.md @@ -2,10 +2,12 @@ title: Kubernetes is Available in Docker for Mac 17.12 CE authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-06-11 archivedate: 2018-07-11 +tags: + - technical-deep-dive --- diff --git a/website/blog/2018/06/06.11-namespace-isolation.md b/website/blog/2018/06/06.11-namespace-isolation.md index ba0acb576..c58b8d3a3 100644 --- a/website/blog/2018/06/06.11-namespace-isolation.md +++ b/website/blog/2018/06/06.11-namespace-isolation.md @@ -2,12 +2,14 @@ title: Namespace Isolation authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-06-11 archivedate: 2018-07-11 +tags: + - technical-deep-dive + - networking --- - ...or **DENY all traffic from other namespaces** You can configure a **NetworkPolicy** to deny all traffic from other namespaces while allowing all traffic coming from the same namespace the pod is deployed to. There are many reasons why you may choose to configure Kubernetes network policies: diff --git a/website/blog/2018/06/06.11-namespace-scope.md b/website/blog/2018/06/06.11-namespace-scope.md index 9aa4c6015..4ee95db70 100644 --- a/website/blog/2018/06/06.11-namespace-scope.md +++ b/website/blog/2018/06/06.11-namespace-scope.md @@ -2,12 +2,15 @@ title: Namespace Scope authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-06-11 archivedate: 2018-07-11 +tags: + - technical-deep-dive + - networking + - observability --- - **Should I use:**
  • ❌ one namespace per user/developer?
    • diff --git a/website/blog/2018/06/06.11-readwritemany-dynamically-provisioned-persistent-volumes-using-amazon-efs.md b/website/blog/2018/06/06.11-readwritemany-dynamically-provisioned-persistent-volumes-using-amazon-efs.md index d1a28676e..33b8e02f2 100644 --- a/website/blog/2018/06/06.11-readwritemany-dynamically-provisioned-persistent-volumes-using-amazon-efs.md +++ b/website/blog/2018/06/06.11-readwritemany-dynamically-provisioned-persistent-volumes-using-amazon-efs.md @@ -2,13 +2,16 @@ title: ReadWriteMany - Dynamically Provisioned Persistent Volumes Using Amazon EFS authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-06-11 archivedate: 2018-07-11 +tags: + - technical-deep-dive + - storage + - provider-aws --- - The efs-provisioner allows you to mount EFS storage as PersistentVolumes in Kubernetes. It consists of a container that has access to an AWS EFS resource. The container reads a configmap containing the EFS filesystem ID, the AWS region and the name identifying the efs-provisioner. This name will be used later when you create a storage class. ![](./images/blog-aws-efs.png) diff --git a/website/blog/2018/06/06.11-shared-storage-with-s3-backend.md b/website/blog/2018/06/06.11-shared-storage-with-s3-backend.md index b15375975..3a2299ffd 100644 --- a/website/blog/2018/06/06.11-shared-storage-with-s3-backend.md +++ b/website/blog/2018/06/06.11-shared-storage-with-s3-backend.md @@ -2,18 +2,21 @@ title: Shared Storage with S3 Backend authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-06-11 archivedate: 2018-07-11 +tags: + - technical-deep-dive + - storage + - provider-aws --- - The storage is definitely the most complex and important part of an application setup. Once this part is completed, one of the most problematic parts could be solved. Mounting an S3 bucket into a pod using [FUSE](https://github.com/libfuse/libfuse) allows you to access data stored in S3 via the filesystem. The mount is a pointer to an S3 location, so the data is never synced locally. Once mounted, any pod can read or even write from that directory without the need for explicit keys. ![s3-shared-storage](./images/blog-s3-shared-storage.png) -However, it can be used to import and parse large amounts of data into a database. +Additionally, it can be used to import and parse large amounts of data into a database. Learn more on [Shared S3 Storage](https://github.com/freegroup/kube-s3/blob/master/README.md). diff --git a/website/blog/2018/06/06.11-watching-logs-of-several-pods.md b/website/blog/2018/06/06.11-watching-logs-of-several-pods.md index 9431204f7..6ec1eddb8 100644 --- a/website/blog/2018/06/06.11-watching-logs-of-several-pods.md +++ b/website/blog/2018/06/06.11-watching-logs-of-several-pods.md @@ -2,12 +2,13 @@ title: Watching Logs of Several Pods authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-06-11 archivedate: 2018-07-11 +tags: + - technical-deep-dive --- - One thing that always bothered me was that I couldn't get the logs of several pods at once with `kubectl`. A simple `tail -f ` isn't possible. Certainly, you can use `kubectl logs -f `, but it doesn't help if you want to monitor more than one pod at a time. This is something you really need a lot, at least if you run several instances of a pod behind a `deployment`and you don't have a log viewer service like Kibana set up. diff --git a/website/blog/2018/07/07.11-hibernate-a-cluster-to-save-money.md b/website/blog/2018/07/07.11-hibernate-a-cluster-to-save-money.md index 5144c0c4b..5e5cc339d 100644 --- a/website/blog/2018/07/07.11-hibernate-a-cluster-to-save-money.md +++ b/website/blog/2018/07/07.11-hibernate-a-cluster-to-save-money.md @@ -2,12 +2,14 @@ title: Hibernate a Cluster to Save Money authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-07-11 archivedate: 2018-08-11 +tags: + - technical-deep-dive + - cost-optimization --- - You want to experiment with Kubernetes or set up a customer scenario, but don't want to run the cluster 24 / 7 due to cost reasons? ![teaser-patched-1](./images/teaser-patched-1.svg) diff --git a/website/blog/2018/12/12.22-cookies-are-dangerous.md b/website/blog/2018/12/12.22-cookies-are-dangerous.md index 940a5d09a..199944f23 100644 --- a/website/blog/2018/12/12.22-cookies-are-dangerous.md +++ b/website/blog/2018/12/12.22-cookies-are-dangerous.md @@ -2,12 +2,13 @@ title: Cookies Are Dangerous... authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2018-12-22 archivedate: 2018-12-30 +tags: + - community-event --- - **...they mess up the figure.** ![cookie](images/cookie.jpg) diff --git a/website/blog/2018/12/12.25-gardener-cookies.md b/website/blog/2018/12/12.25-gardener-cookies.md index fab21c585..0cee974dc 100644 --- a/website/blog/2018/12/12.25-gardener-cookies.md +++ b/website/blog/2018/12/12.25-gardener-cookies.md @@ -1,13 +1,18 @@ --- title: Gardener Cookies publishdate: 2018-12-25 +authors: +- name: Andreas Herz + login: finally-fancy + avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 +tags: + - community-event --- - # Green Tea Matcha Cookies For a team event during the Christmas season we decided to completely reinterpret the topic `cookies`. :-) - + Matcha cookies have the delicate flavor and color of green tea. These soft, pillowy and chewy green tea cookies are perfect with tea. And of course they fit perfectly to our logo. @@ -42,3 +47,4 @@ Make sure you get culinary grade matcha powder. You should be able to find this + diff --git a/website/blog/2019/05/05.24-cluster-api-machine-abstractions-kubecon-talk.md b/website/blog/2019/05/05.24-cluster-api-machine-abstractions-kubecon-talk.md index 1d149c755..f0a1659df 100644 --- a/website/blog/2019/05/05.24-cluster-api-machine-abstractions-kubecon-talk.md +++ b/website/blog/2019/05/05.24-cluster-api-machine-abstractions-kubecon-talk.md @@ -5,11 +5,14 @@ newsSubtitle: May 24, 2019 publishdate: 2019-05-24 authors: - name: Vedran Lerenc - email: vedran.lerenc@sap.com + login: vlerenc avatar: https://avatars.githubusercontent.com/vlerenc aliases: ["/blog/2019/05/24/01"] +tags: + - community-event + - node-management + - cluster-api --- - The KubeCon + CloudNativeCon Europe buzz might be settling, but the energy from our deep dive session with the incredible folks at [**SIG Cluster API**](https://github.com/kubernetes-sigs/cluster-api?tab=readme-ov-file#cluster-api) is still palpable! We, from the **Gardener** team, were absolutely thrilled to share the stage and explore the powerful, declarative world of Kubernetes cluster lifecycle management. For those who don't know, Gardener has been on a mission since **2017** to provide a fully managed Kubernetes experience, uniquely running customer control planes as pods within dedicated "seed" clusters, a.k.a. "Kubeception". This approach demanded robust automation for the underlying infrastructure. To solve this, we pioneered the [**Machine Controller Manager**](https://github.com/gardener/machine-controller-manager), introducing the core abstractions you might recognize: `Machine`, `MachineSet`, and `MachineDeployment`. These concepts were born out of real-world needs to declaratively manage VMs and their lifecycles as if they were just another Kubernetes resource. diff --git a/website/blog/2019/06/06.11-feature-flags-in-kubernetes-applications.md b/website/blog/2019/06/06.11-feature-flags-in-kubernetes-applications.md index 51a3d2ef2..10eb8aa3c 100644 --- a/website/blog/2019/06/06.11-feature-flags-in-kubernetes-applications.md +++ b/website/blog/2019/06/06.11-feature-flags-in-kubernetes-applications.md @@ -2,12 +2,14 @@ title: Feature Flags in Kubernetes Applications authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2019-06-11 archivedate: 2019-07-11 +tags: + - technical-deep-dive + - observability --- - Feature flags are used to change the behavior of a program at runtime without forcing a restart. Although they are essential in a native cloud environment, they cannot be implemented without significant effort on some platforms. Kubernetes has made this trivial. Here we will implement them through labels and annotations, but you can also implement them by connecting directly to the Kubernetes API Server. diff --git a/website/blog/2019/06/06.11-organizing-access-using-kubeconfig-files.md b/website/blog/2019/06/06.11-organizing-access-using-kubeconfig-files.md index d63a7c79f..e2e896fcb 100644 --- a/website/blog/2019/06/06.11-organizing-access-using-kubeconfig-files.md +++ b/website/blog/2019/06/06.11-organizing-access-using-kubeconfig-files.md @@ -2,12 +2,13 @@ title: Organizing Access Using kubeconfig Files authors: - name: Andreas Herz - email: andreas.herz@sap.com + login: finally-fancy avatar: https://avatars1.githubusercontent.com/u/1155039?v=4 publishdate: 2019-06-11 archivedate: 2019-07-11 +tags: + - technical-deep-dive --- - The kubectl command-line tool uses `kubeconfig` files to find the information it needs in order to choose a cluster and communicate with its API server. ![teaser](./images/teaser-1.svg) diff --git a/website/blog/2020/05/05.11-new-website-same-green-flower.md b/website/blog/2020/05/05.11-new-website-same-green-flower.md index bc7995168..c2dbaf9e5 100644 --- a/website/blog/2020/05/05.11-new-website-same-green-flower.md +++ b/website/blog/2020/05/05.11-new-website-same-green-flower.md @@ -3,8 +3,13 @@ title: New Website, Same Green Flower publishdate: 2020-05-11 archivedate: 2020-06-11 aliases: ["/blog/2020/05/11/00"] +authors: +- name: Georgi Pavlov + login: former-member + avatar: https://github.com/identicons/formermember.png +tags: + - technical-deep-dive --- - The [Gardener project website](https://gardener.cloud) just received a serious facelift. Here are some of the highlights: - **A completely new landing page**, emphasizing both on Gardener's value proposition and the open community behind it. @@ -27,3 +32,4 @@ I hope you will like it. Let us know what you think about it. Feel free to leave **Go ahead and help us spread the word: https://gardener.cloud** + diff --git a/website/blog/2020/08/08.06-gardener-v1.8.0-released.md b/website/blog/2020/08/08.06-gardener-v1.8.0-released.md index c02621dae..cf3cc14a8 100644 --- a/website/blog/2020/08/08.06-gardener-v1.8.0-released.md +++ b/website/blog/2020/08/08.06-gardener-v1.8.0-released.md @@ -6,11 +6,16 @@ publishdate: 2020-08-06 archivedate: 2020-10-31 authors: - name: Rafael Franzke - email: rafael.franzke@sap.com + login: rfranzke avatar: https://avatars2.githubusercontent.com/u/19169361?s=460&v=4 aliases: ["/blog/2020/08/06/00"] +tags: + - feature-announcement + - release-notes + - networking + - observability + - node-management --- - Even if we are in the midst of the summer holidays, a new Gardener release came out yesterday: v1.8.0! It's main themes are the large change of our logging stack to Loki (which was already explained in detail on a [blog post on grafana.com](https://grafana.com/blog/2020/07/15/gardener-saps-kubernetes-as-a-service-open-source-project-is-moving-its-logging-stack-to-loki/)), more configuration options to optimize the utilization of a shoot, node-local DNS, new project roles, and significant improvements for the Kubernetes client that Gardener uses to interact with the many different clusters. ## Notable Changes diff --git a/website/blog/2020/09/09.11-gardener-v1.9-and-v1.10-released.md b/website/blog/2020/09/09.11-gardener-v1.9-and-v1.10-released.md index 2b2e6c9f4..796be98d7 100644 --- a/website/blog/2020/09/09.11-gardener-v1.9-and-v1.10-released.md +++ b/website/blog/2020/09/09.11-gardener-v1.9-and-v1.10-released.md @@ -6,11 +6,20 @@ publishdate: 2020-09-11 archivedate: 2020-11-19 authors: - name: Rafael Franzke - email: rafael.franzke@sap.com + login: rfranzke avatar: https://avatars2.githubusercontent.com/u/19169361?s=460&v=4 aliases: ["/blog/2020/09/11/00"] +tags: + - feature-announcement + - release-notes + - security + - observability + - storage + - node-management + - extensions + - provider-azure + - provider-openstack --- - Summer holidays aren't over yet, still, the Gardener community was able to release two new minor versions in the past weeks. Despite being limited in capacity these days, we were able to reach some major milestones, like adding Kubernetes v1.19 support and the long-delayed automated gardenlet certificate rotation. Whilst we continue to work on topics related to scalability, robustness, and better observability, we agreed to adjust our focus a little more into the areas of development productivity, code quality and unit/integration testing for the upcoming releases. diff --git a/website/blog/2020/10/10.19-gardener-integrates-with-kubevirt.md b/website/blog/2020/10/10.19-gardener-integrates-with-kubevirt.md index daf533fdd..e098e1093 100644 --- a/website/blog/2020/10/10.19-gardener-integrates-with-kubevirt.md +++ b/website/blog/2020/10/10.19-gardener-integrates-with-kubevirt.md @@ -6,20 +6,21 @@ publishdate: 2020-10-19 archivedate: 2020-12-19 authors: - name: Stoyan Rachev - email: s.rachev@sap.com + login: stoyanr avatar: https://avatars3.githubusercontent.com/u/1867702?v=4 - name: Donka Dimitrova - email: donka.dimitrova@sap.com + login: donistz avatar: https://avatars1.githubusercontent.com/u/42462598?v=4 - name: Marcin Franczyk - email: marcin0franczyk@gmail.com + login: mfranczy avatar: https://avatars1.githubusercontent.com/u/27352691?v=4 - name: Moath Qasim - email: moad.qassem@gmail.com + login: moadqassem avatar: https://avatars0.githubusercontent.com/u/4427629?v=4 aliases: ["/blog/2020/10/19/00"] +tags: + - feature-announcement --- - The Gardener team is happy to announce that [Gardener](https://gardener.cloud) now offers support for an additional, often requested, infrastructure/virtualization technology, namely [KubeVirt](https://kubevirt.io/)! Gardener can now provide [Kubernetes-conformant](https://github.com/cncf/k8s-conformance) clusters using KubeVirt managed Virtual Machines in the environment of your choice. This integration has been tested and works with any qualified Kubernetes (provider) cluster that is compatibly configured to host the required KubeVirt components, in particular for example [Red Hat OpenShift Virtualization](https://www.openshift.com/blog/openshift-virtualization-containers-kvm-and-your-vms). Gardener enables Kubernetes consumers to centralize and operate efficiently homogenous Kubernetes clusters across different IaaS providers and even private environments. This way the same cloud-based application version can be hosted and operated by its vendor or consumer on a variety of infrastructures. When a new customer or your development team demands for a new infrastructure provider, Gardener helps you to quickly and easily on-board your workload. Furthermore, on this new infrastructure, Gardener keeps the seamless Kubernetes management experience for your Kubernetes operators, while upholding the consistency of the CI/CD pipeline of your software development team. diff --git a/website/blog/2020/10/10.19-shoot-reconciliation-details.md b/website/blog/2020/10/10.19-shoot-reconciliation-details.md index 2ed88cc79..52523f4be 100644 --- a/website/blog/2020/10/10.19-shoot-reconciliation-details.md +++ b/website/blog/2020/10/10.19-shoot-reconciliation-details.md @@ -5,11 +5,13 @@ newsSubtitle: October 23, 2020 publishdate: 2020-10-19 authors: - name: Daniel Foehr - email: daniel.foehr@sap.com + login: danielfoehrKn avatar: https://avatars3.githubusercontent.com/u/33809186?s=400&u=92ab34a3539c11c498710aed9ddd1749032b36cb&v=4 aliases: ["/blog/2020/10/23/00"] +tags: + - technical-deep-dive + - extensions --- - Do you want to understand how Gardener creates and updates Kubernetes clusters (Shoots)? Well, it's complicated, but if you are not afraid of large diagrams and are a visual learner like me, this might be useful to you. diff --git a/website/blog/2020/11/11.04-gardener-v1.11-and-v1.12-released.md b/website/blog/2020/11/11.04-gardener-v1.11-and-v1.12-released.md index 343005e3f..77ff52d6b 100644 --- a/website/blog/2020/11/11.04-gardener-v1.11-and-v1.12-released.md +++ b/website/blog/2020/11/11.04-gardener-v1.11-and-v1.12-released.md @@ -6,11 +6,15 @@ publishdate: 2020-11-04 archivedate: 2020-11-25 authors: - name: Tim Usner - email: tim.usner@sap.com + login: timuthy avatar: https://avatars2.githubusercontent.com/u/40451181?s=460&u=4df34635cf86b924700ef4152ec8462eeaa35721&v=4 aliases: ["/blog/2020/11/04/00"] +tags: + - feature-announcement + - release-notes + - security + - networking --- - Two months after our last Gardener release update, we are happy again to present release v1.11 and v1.12 in this blog post. Control plane migration, load balancer consolidation, and new security features are just a few topics we progressed with. As always, a detailed list of features, improvements, and bug fixes can be found in the [release notes](https://github.com/gardener/gardener/releases) of each release. If you are going to update from a previous Gardener version, please take the time to go through the action items in the release notes. ## Notable Changes in v1.12 diff --git a/website/blog/2020/11/11.20-case-study-migrating-etcd-volumes-in-production.md b/website/blog/2020/11/11.20-case-study-migrating-etcd-volumes-in-production.md index e05b86036..113cc1129 100644 --- a/website/blog/2020/11/11.20-case-study-migrating-etcd-volumes-in-production.md +++ b/website/blog/2020/11/11.20-case-study-migrating-etcd-volumes-in-production.md @@ -7,11 +7,15 @@ publishdate: 2020-11-20 archivedate: 2020-12-31 authors: - name: Gerrit Schwerthelm - email: gerrit.schwerthelm@x-cellent.com + login: Gerrit91 avatar: https://avatars0.githubusercontent.com/u/15035165?s=460&u=c595c06cc88ee6e13de3dc818f556b7f66618aab&v=4 aliases: ["/blog/2020/11/20/00"] +tags: + - case-study + - storage + - etcd + - provider-metal-stack --- - > [!NOTE] > This is a guest commentary from [metal-stack](https://metal-stack.io/).

    metal-stack is a software that provides an API for provisioning and managing physical servers in the data center. To categorize this product, the terms "Metal-as-a-Service" (MaaS) or "bare metal cloud" are commonly used. diff --git a/website/blog/2020/11/11.23-gardener-v1.13-released.md b/website/blog/2020/11/11.23-gardener-v1.13-released.md index ab9968bab..4d0af3b68 100644 --- a/website/blog/2020/11/11.23-gardener-v1.13-released.md +++ b/website/blog/2020/11/11.23-gardener-v1.13-released.md @@ -6,11 +6,13 @@ publishdate: 2020-11-23 archivedate: 2021-01-22 authors: - name: Rafael Franzke - email: rafael.franzke@sap.com + login: rfranzke avatar: https://avatars2.githubusercontent.com/u/19169361?s=460&v=4 aliases: ["/blog/2020/11/23/00"] +tags: + - feature-announcement + - release-notes --- - Dear community, we're happy to announce a new minor release of Gardener, in fact, the 16th in 2020! v1.13 came out just today after a couple of weeks of code improvements and feature implementations. As usual, this blog post provides brief summaries for the most notable changes that we introduce with this version. diff --git a/website/blog/2020/12/12.03-stackit-kubernetes-engine-with-gardener.md b/website/blog/2020/12/12.03-stackit-kubernetes-engine-with-gardener.md index 0dc8eb2a3..ff0fd7cba 100644 --- a/website/blog/2020/12/12.03-stackit-kubernetes-engine-with-gardener.md +++ b/website/blog/2020/12/12.03-stackit-kubernetes-engine-with-gardener.md @@ -6,11 +6,14 @@ publishdate: 2020-12-03 archivedate: 2021-12-03 authors: - name: Timo Lakner - email: timo.lakner@mail.schwarz + login: tlakner avatar: https://avatars1.githubusercontent.com/u/2589228?s=400&v=4 aliases: ["/blog/2020/12/03/03", "/blog/2020-12-03/03"] +tags: + - technical-deep-dive + - networking + - storage --- - [STACKIT](https://stackit.de/en/) is a digital brand of Europe’s biggest retailer, the Schwarz Group, which consists of Lidl, Kaufland, as well as production and recycling companies. Following the industry trend, the Schwarz Group is in the process of a digital transformation. STACKIT enables this transformation by helping to modernize the internal IT of the company branches. ## What is STACKIT and the STACKIT Kubernetes Engine (SKE)? diff --git a/website/blog/2021/01/01.25-machine-controller-manager.md b/website/blog/2021/01/01.25-machine-controller-manager.md index 5e6188c32..b4a5db84e 100644 --- a/website/blog/2021/01/01.25-machine-controller-manager.md +++ b/website/blog/2021/01/01.25-machine-controller-manager.md @@ -6,11 +6,13 @@ publishdate: 2021-01-25 archivedate: 2021-02-25 authors: - name: Samarth S Deyagond - email: samarth.deyagond@sap.com + login: axiomsamarth avatar: https://avatars.githubusercontent.com/u/32246441?s=460&u=2e611ee3c06533c3ec9d73e0557bab1432446657&v=4 aliases: ["/blog/2021/01/25/01"] +tags: + - technical-deep-dive + - node-management --- - Kubernetes is a cloud-native enabler built around the principles for a resilient, manageable, observable, highly automated, loosely coupled system. We know that Kubernetes is infrastructure agnostic with the help of a provider specific [Cloud Controller Manager](https://kubernetes.io/docs/concepts/architecture/cloud-controller/). But Kubernetes has explicitly externalized the management of the nodes. Once they appear - correctly configured - in the cluster, Kubernetes can use them. If nodes fail, Kubernetes can't do anything about it, external tooling is required. But every tool, every provider is different. So, why not elevate node management to a first class Kubernetes citizen? Why not create a Kubernetes native resource that manages machines just like pods? Such an approach is brought to you by the [Machine Controller Manager](https://github.com/gardener/machine-controller-manager) (aka MCM), which, of course, is an open sourced project. MCM gives you the following benefits: - seamlessly manage machines/nodes with a declarative API (of course, across different cloud providers) diff --git a/website/blog/2021/02/02.01-happy-anniversary-gardener.md b/website/blog/2021/02/02.01-happy-anniversary-gardener.md index dde550385..6324af59f 100644 --- a/website/blog/2021/02/02.01-happy-anniversary-gardener.md +++ b/website/blog/2021/02/02.01-happy-anniversary-gardener.md @@ -6,14 +6,16 @@ publishdate: 2021-02-01 archivedate: 2021-03-01 authors: - name: Vasu Chandrasekhara - email: vasu.chandrasekhara@sap.com + login: vasu1124 avatar: https://avatars.githubusercontent.com/u/11454395?s=400&u=9496275f0718d81bea32068dccb4d9c2d848e592&v=4 - name: Tim Usner - email: tim.usner@sap.com + login: timuthy avatar: https://avatars.githubusercontent.com/u/40451181?s=400&u=4df34635cf86b924700ef4152ec8462eeaa35721&v=4 aliases: ["/blog/2021/01/30/00"] +tags: + - milestone + - storage --- - Happy New Year Gardeners! As we greet 2021, we also celebrate Gardener’s third anniversary. Gardener was born with its first open source [commit](https://github.com/gardener/gardener/commit/d9619d01845db8c7105d27596fdb7563158effe1) diff --git a/website/blog/2021/09/09.12-navigating-cloud-native-security.md b/website/blog/2021/09/09.12-navigating-cloud-native-security.md index 4252beb5d..78b9a594d 100644 --- a/website/blog/2021/09/09.12-navigating-cloud-native-security.md +++ b/website/blog/2021/09/09.12-navigating-cloud-native-security.md @@ -5,11 +5,15 @@ newsSubtitle: September 12, 2021 publishdate: 2021-09-12 authors: - name: Vedran Lerenc - email: vedran.lerenc@sap.com + login: vlerenc avatar: https://avatars.githubusercontent.com/vlerenc aliases: ["/blog/2021/09/12/01"] +tags: + - technical-deep-dive + - security + - node-management + - provider-azure --- - The cloud-native landscape is constantly evolving, bringing immense benefits in agility and scale. However, with this evolution comes a complex and ever-changing threat landscape. Recently, a [significant vulnerability was reported by Unit 42 concerning Azure Container Instances (ACI)](https://unit42.paloaltonetworks.com/azure-container-instances), a service designed to run containers in a multi-tenant environment. This incident offers valuable lessons for the entire community, and we at Gardener believe in sharing insights that can help strengthen collective security. This particular vulnerability underscores the critical importance of vigilance, timely patching, and defense-in-depth, principles we have long championed within the Gardener project. diff --git a/website/blog/2022/02/02.17-gardener-community-meeting-february.md b/website/blog/2022/02/02.17-gardener-community-meeting-february.md index f71ec8ae7..b1f3d3b7b 100644 --- a/website/blog/2022/02/02.17-gardener-community-meeting-february.md +++ b/website/blog/2022/02/02.17-gardener-community-meeting-february.md @@ -5,11 +5,14 @@ newsSubtitle: February 17, 2022 publishdate: 2022-02-17 authors: - name: Nikolay Boshnakov - email: nikolay.boshnakov@sap.com + login: n-boshnakov avatar: https://avatars.githubusercontent.com/u/25197046?s=400&u=56175926393a77892662001f0dca5a439d1e771f&v=4 aliases: ["/blog/2022/02/17/01"] +tags: + - community-event + - security + - gardenctl --- - ## Presenters This community call was led by [Holger Kosser](https://github.com/holgerkoser), [Lukas Gross](https://github.com/grolu) and [Peter Sutter](https://github.com/petersutter). @@ -18,7 +21,7 @@ This community call was led by [Holger Kosser](https://github.com/holgerkoser), Watch the recording of our February 2022 Community call to see how to get started with the gardenctl-v2 and watch a walkthrough for gardenctl-v2 features. You'll learn about targeting, secure shoot cluster access, SSH, and how to use cloud provider CLIs natively. -The session is led by Lukas Gross, who begins by giving some information on the motivations behind creating a new version of gardenctl - providing secure access to shoot clustes, enabling direct usage of kubectl and cloud provider CLIs and managing cloud provider resources for SSH access. +The session is led by Lukas Gross, who begins by giving some information on the motivations behind creating a new version of gardenctl - providing secure access to shoot clusters, enabling direct usage of kubectl and cloud provider CLIs and managing cloud provider resources for SSH access. Holger Kosser then takes over in order to delve deeper into the concepts behind the implementation of gardenctl-2, going over Targeting, Gardenlogin and Cloud Provider CLIs. After that, Peter Sutter does the first demo, where he presents the main features in gardenctl-2. diff --git a/website/blog/2022/03/03.23-gardener-community-meeting-march.md b/website/blog/2022/03/03.23-gardener-community-meeting-march.md index 3240d3e47..aef578eef 100644 --- a/website/blog/2022/03/03.23-gardener-community-meeting-march.md +++ b/website/blog/2022/03/03.23-gardener-community-meeting-march.md @@ -5,11 +5,15 @@ newsSubtitle: March 25, 2022 publishdate: 2022-03-23 authors: - name: Nikolay Boshnakov - email: nikolay.boshnakov@sap.com + login: n-boshnakov avatar: https://avatars.githubusercontent.com/u/25197046?s=400&u=56175926393a77892662001f0dca5a439d1e771f&v=4 aliases: ["/blog/2022/03/25/01"] +tags: + - community-event + - extensions + - provider-aws + - provider-azure --- - ## Presenters This community call was led by [Tim Ebert](https://github.com/timebertt) and [Rafael Franzke](https://github.com/rfranzke). @@ -36,3 +40,4 @@ If you are left with any questions regarding the content, you might find the ans ## Recording {{< youtube id="nV_JI8YWwY4" title="Deploying and Developing Gardener Locally (Without Any External Infrastructure!)" >}} + diff --git a/website/blog/2022/06/06.17-gardener-community-meeting-june.md b/website/blog/2022/06/06.17-gardener-community-meeting-june.md index de91cebaa..824168bb2 100644 --- a/website/blog/2022/06/06.17-gardener-community-meeting-june.md +++ b/website/blog/2022/06/06.17-gardener-community-meeting-june.md @@ -5,11 +5,13 @@ newsSubtitle: June 17, 2022 publishdate: 2022-06-17 authors: - name: Nikolay Boshnakov - email: nikolay.boshnakov@sap.com + login: n-boshnakov avatar: https://avatars.githubusercontent.com/u/25197046?s=400&u=56175926393a77892662001f0dca5a439d1e771f&v=4 aliases: ["/blog/2022/06/17/01"] +tags: + - community-event + - extensions --- - ## Presenters This community call was led by [Jens Schneider](https://github.com/jensac) and Lothar Gesslein. @@ -32,3 +34,4 @@ If you are left with any questions regarding the content, you might find the ans ## Recording {{< youtube id="nG2FRYL05mc" title="Gardener Extension Development - From scratch to the gardener-extension-shoot-flux" >}} + diff --git a/website/blog/2022/10/10.06-gardener-community-meeting-october.md b/website/blog/2022/10/10.06-gardener-community-meeting-october.md index e41fdddbb..5da92d835 100644 --- a/website/blog/2022/10/10.06-gardener-community-meeting-october.md +++ b/website/blog/2022/10/10.06-gardener-community-meeting-october.md @@ -5,11 +5,16 @@ newsSubtitle: October 6, 2022 publishdate: 2022-10-06 authors: - name: Nikolay Boshnakov - email: nikolay.boshnakov@sap.com + login: n-boshnakov avatar: https://avatars.githubusercontent.com/u/25197046?s=400&u=56175926393a77892662001f0dca5a439d1e771f&v=4 aliases: ["/blog/2022/10/06/01"] +tags: + - community-event + - security + - networking + - high-availability + - observability --- - ## Presenters This community call was led by [Raymond de Jong](https://github.com/raymonddejong). @@ -31,3 +36,4 @@ If you are left with any questions regarding the content, you might find the ans ## Recording {{< youtube id="46nCdVA-rsc" title="Cilium / Isovalent Presentation" >}} + diff --git a/website/blog/2022/10/10.20-gardener-community-meeting-october-2.md b/website/blog/2022/10/10.20-gardener-community-meeting-october-2.md index 748929913..3030fb09e 100644 --- a/website/blog/2022/10/10.20-gardener-community-meeting-october-2.md +++ b/website/blog/2022/10/10.20-gardener-community-meeting-october-2.md @@ -5,11 +5,14 @@ newsSubtitle: October 20, 2022 publishdate: 2022-10-20 authors: - name: Nikolay Boshnakov - email: nikolay.boshnakov@sap.com + login: n-boshnakov avatar: https://avatars.githubusercontent.com/u/25197046?s=400&u=56175926393a77892662001f0dca5a439d1e771f&v=4 aliases: ["/blog/2022/10/20/01"] +tags: + - community-event + - observability + - extensions --- - ## Presenters This community call was led by [Pawel Palucki](https://github.com/ppalucki) and [Alexander D. Kanevskiy](https://github.com/kad). @@ -29,3 +32,4 @@ If you are left with any questions regarding the content, you might find the ans ## Recording {{< youtube id="5a_A3furzlg" title="Get more computing power in Gardener with CRI-resource-manager" >}} + diff --git a/website/blog/2023/03/03-27-high-availability-and-zone-outage-toleration.md b/website/blog/2023/03/03-27-high-availability-and-zone-outage-toleration.md index 69411e9f0..25964cfe3 100644 --- a/website/blog/2023/03/03-27-high-availability-and-zone-outage-toleration.md +++ b/website/blog/2023/03/03-27-high-availability-and-zone-outage-toleration.md @@ -5,11 +5,15 @@ newsSubtitle: March 27, 2023 publishdate: 2023-03-27 authors: - name: Vedran Lerenc - email: vedran.lerenc@sap.com + login: vlerenc avatar: https://avatars.githubusercontent.com/u/4974203 aliases: ["/blog/2023/03/27/01"] +tags: + - technical-deep-dive + - networking + - high-availability + - storage --- - Developing highly available workload that can tolerate a zone outage is no trivial task. In this blog, we will explore various recommendations to get closer to that goal. While many recommendations are general enough, the examples are specific in how to achieve this in a [Gardener](https://gardener.cloud)-managed cluster and where/how to tweak the different control plane components. If you do not use Gardener, it may be still a worthwhile read as most settings can be influenced with most of the Kubernetes providers. First however, what is a zone outage? It sounds like a clear-cut "thing", but it isn't. There are many things that can go haywire. Here are some examples: diff --git a/website/blog/2024/04/04-05-kubecon-cloudnativecon-europe-2024-highlights.md b/website/blog/2024/04/04-05-kubecon-cloudnativecon-europe-2024-highlights.md index 0cc056b6a..ed6338e95 100644 --- a/website/blog/2024/04/04-05-kubecon-cloudnativecon-europe-2024-highlights.md +++ b/website/blog/2024/04/04-05-kubecon-cloudnativecon-europe-2024-highlights.md @@ -5,11 +5,13 @@ newsSubtitle: April 05, 2024 publishdate: 2024-04-05 authors: - name: Rafael Franzke - email: rafael.franzke@sap.com + login: rfranzke avatar: https://avatars.githubusercontent.com/u/19169361 aliases: ["/blog/2024/04/05/01"] +tags: + - community-event + - security --- - ![KubeCon EU 2024 Keynote Room](images/kubecon-eu2024.png "KubeCon EU 2024 Keynote Room") KubeCon + CloudNativeCon Europe 2024, recently held in Paris, was a testament to the robustness of the open-source community and its pivotal role in driving advancements in AI and cloud-native technologies. With a record attendance of over +12,000 participants, the conference underscored the ubiquity of cloud-native architectures and the business opportunities they provide. diff --git a/website/blog/2024/04/04-18-spinkube-gardener-shoot-cluster.md b/website/blog/2024/04/04-18-spinkube-gardener-shoot-cluster.md index 03dedfe3c..5af5df2ac 100644 --- a/website/blog/2024/04/04-18-spinkube-gardener-shoot-cluster.md +++ b/website/blog/2024/04/04-18-spinkube-gardener-shoot-cluster.md @@ -5,11 +5,15 @@ newsSubtitle: April 18, 2024 publishdate: 2024-04-18 authors: - name: Dimitar Mirchev - email: dimitar.mirchev@sap.com + login: dimityrmirchev avatar: https://avatars.githubusercontent.com/dimityrmirchev aliases: ["/blog/2024/04/18/02"] +tags: + - technical-deep-dive + - helm + - provider-aws + - provider-azure --- - With the rising popularity of [WebAssembly (WASM)](https://webassembly.org/) and [WebAssembly System Interface (WASI)](https://wasi.dev/) comes a variety of integration possibilities. WASM is now not only suitable for the browser, but can be also utilized for running workloads on the server. In this post we will explore how you can get started writing serverless applications powered by [SpinKube](https://www.spinkube.dev/) on a Gardener Shoot cluster. This post is inspired by a similar tutorial that goes through the steps of [Deploying the Spin Operator on Azure Kubernetes Service](https://www.spinkube.dev/docs/spin-operator/tutorials/deploy-on-azure-kubernetes-service/). Keep in mind that this post does not aim to define a production environment. It is meant to show that Gardener Shoot clusters are able to run WebAssembly workloads, giving users the chance to experiment and explore this cutting-edge technology. ## Prerequisites diff --git a/website/blog/2024/04/04-22-gardener's-registry-cache-extension-another-cost-saving-win-and-more.md b/website/blog/2024/04/04-22-gardener's-registry-cache-extension-another-cost-saving-win-and-more.md index ba97abb76..f45070dec 100644 --- a/website/blog/2024/04/04-22-gardener's-registry-cache-extension-another-cost-saving-win-and-more.md +++ b/website/blog/2024/04/04-22-gardener's-registry-cache-extension-another-cost-saving-win-and-more.md @@ -5,11 +5,17 @@ newsSubtitle: April 22, 2024 publishdate: 2024-04-22 authors: - name: Ismail Alidzhikov - email: ismail.alidzhikov@sap.com + login: ialidzhikov avatar: https://avatars.githubusercontent.com/u/9372594 aliases: ["/blog/2024/04/22/01"] +tags: + - technical-deep-dive + - cost-optimization + - networking + - storage + - node-management + - extensions --- - ## Use Cases In Kubernetes, on every Node the container runtime daemon pulls the container images that are configured in the Pods' specifications running on the corresponding Node. Although these container images are cached on the Node's file system after the initial pull operation, there are imperfections with this setup. diff --git a/website/blog/2024/05/05-21-innovation-unleashed-a-deep-dive-into-the-5th-gardener-community-hackathon.md b/website/blog/2024/05/05-21-innovation-unleashed-a-deep-dive-into-the-5th-gardener-community-hackathon.md index 5c819211b..d94f8dc19 100644 --- a/website/blog/2024/05/05-21-innovation-unleashed-a-deep-dive-into-the-5th-gardener-community-hackathon.md +++ b/website/blog/2024/05/05-21-innovation-unleashed-a-deep-dive-into-the-5th-gardener-community-hackathon.md @@ -5,11 +5,15 @@ newsSubtitle: May 21, 2024 publishdate: 2024-05-21 authors: - name: Rafael Franzke - email: rafael.franzke@sap.com + login: rfranzke avatar: https://avatars.githubusercontent.com/u/19169361 aliases: ["/blog/2024/05/21/01"] +tags: + - technical-deep-dive + - community-event + - security + - helm --- - ![Hackathon 2024/05 Team](images/hackathon202405-team.jpg "Hackathon 2024/05 Team") The Gardener community recently concluded its [5th Hackathon](https://github.com/gardener-community/hackathon/blob/main/2024-05_Schelklingen/README.md), a week-long event that brought together multiple companies to collaborate on common topics of interest. The Hackathon, held at [Schlosshof Freizeitheim](https://www.schlosshof-info.de/) in [Schelklingen, Germany](https://maps.app.goo.gl/28FZXpzZLjgaKNef9), was a testament to the power of collective effort and open-source, producing a tremendous number of results in a short time and moving the Gardener project forward with innovative solutions. diff --git a/website/blog/2024/10/10-24-gardener-kubecon-cloudnativecon-na-2024-announcement.md b/website/blog/2024/10/10-24-gardener-kubecon-cloudnativecon-na-2024-announcement.md index a8a615ef1..8f5aacb5e 100644 --- a/website/blog/2024/10/10-24-gardener-kubecon-cloudnativecon-na-2024-announcement.md +++ b/website/blog/2024/10/10-24-gardener-kubecon-cloudnativecon-na-2024-announcement.md @@ -5,11 +5,15 @@ newsSubtitle: Oct 24, 2024 publishdate: 2024-10-24 authors: - name: Tim Usner - email: tim.usner@sap.com + login: timuthy avatar: https://avatars.githubusercontent.com/u/40451181 aliases: ["/blog/2024/10/24/01"] +tags: + - community-event + - security + - provider-aws + - provider-azure --- - [KubeCon + CloudNativeCon NA](https://events.linuxfoundation.org/kubecon-cloudnativecon-north-america/) is just around the corner, taking place this year amidst the stunning backdrop of the Rocky Mountains in Salt Lake City, Utah. This year, we're thrilled to announce that the [Gardener open-source project](https://gardener.cloud/) will have its own booth at the event. diff --git a/website/blog/2024/11/11-06-promcon-eu-2024.md b/website/blog/2024/11/11-06-promcon-eu-2024.md index 138f82efe..e22b5828e 100644 --- a/website/blog/2024/11/11-06-promcon-eu-2024.md +++ b/website/blog/2024/11/11-06-promcon-eu-2024.md @@ -5,14 +5,16 @@ newsSubtitle: November 06, 2024 publishdate: 2024-11-01 authors: - name: Christoph Kleineweber - email: c.kleineweber@sap.com + login: chrkl avatar: https://avatars.githubusercontent.com/u/318416 - name: Jeremy Rickards - email: jeremy.rickards@sap.com + login: rickardsjp avatar: https://avatars.githubusercontent.com/u/9338170 aliases: ["/blog/2024/11/06/01"] +tags: + - community-event + - observability --- - ## Overview Many innovative observability and application performance management (APM) products and services were released over the last few years. They often adopt or enhance concepts that Prometheus invented more than a decade ago. However, Prometheus, as an open-source project, has never lost its importance in this fast-moving industry and is the core of Gardener's monitoring stack. diff --git a/website/blog/2024/11/11-09-demo.md b/website/blog/2024/11/11-09-demo.md index 9cdac94dc..5a3f771eb 100644 --- a/website/blog/2024/11/11-09-demo.md +++ b/website/blog/2024/11/11-09-demo.md @@ -5,23 +5,25 @@ newsSubtitle: November 09, 2024 publishdate: 2024-11-09 authors: - name: Istvan Ballok - email: istvan.zoltan.ballok@sap.com + login: istvanballok avatar: https://avatars.githubusercontent.com/u/23032437 - name: Victor Herrero Otal - email: victor.herrero.otal@sap.com + login: vicwicker avatar: https://avatars.githubusercontent.com/u/4339456 - name: Holger Koser - email: holger.koser@sap.com + login: holgerkoser avatar: https://avatars.githubusercontent.com/u/1574023 - name: Peter Sutter - email: peter.sutter@sap.com + login: petersutter avatar: https://avatars.githubusercontent.com/u/5526658 - name: Rafael Franzke - email: rafael.franzke@sap.com + login: rfranzke avatar: https://avatars.githubusercontent.com/u/19169361 aliases: ["/blog/2024/11/09/01"] +tags: + - feature-announcement + - getting-started --- - We're thrilled to announce the launch of our [new Gardener demo environment](https://demo.gardener.cloud)! This interactive playground is designed to provide you with a hands-on experience of Gardener, our open-source project that offers a Kubernetes-based solution for managing Kubernetes clusters across various cloud providers uniformly. diff --git a/website/blog/2024/12/12-08-unleashing-potential-highlights-from-the-6th-gardener-community-hackathon.md b/website/blog/2024/12/12-08-unleashing-potential-highlights-from-the-6th-gardener-community-hackathon.md index 88cb2a017..f3bc9b57d 100644 --- a/website/blog/2024/12/12-08-unleashing-potential-highlights-from-the-6th-gardener-community-hackathon.md +++ b/website/blog/2024/12/12-08-unleashing-potential-highlights-from-the-6th-gardener-community-hackathon.md @@ -5,11 +5,14 @@ newsSubtitle: December 08, 2024 publishdate: 2024-12-08 authors: - name: Rafael Franzke - email: rafael.franzke@sap.com + login: rfranzke avatar: https://avatars.githubusercontent.com/u/19169361 aliases: ["/blog/2024/12/08/01"] +tags: + - feature-announcement + - community-event + - networking --- - ![Hackathon 2024/12 Team](images/hackathon202412-team.jpg "Hackathon 2024/12 Team") The [6th Gardener Community Hackathon](https://github.com/gardener-community/hackathon/blob/main/2024-12_Schelklingen/README.md), hosted at [Schlosshof Freizeitheim](https://www.schlosshof-info.de/) in [Schelklingen, Germany](https://maps.app.goo.gl/28FZXpzZLjgaKNef9) in December 2024, was a hub of creativity and collaboration. Developers of various companies joined forces to explore new frontiers of the Gardener project. Here's a rundown of the key outcomes: diff --git a/website/blog/2025/03/03-18-gardener-kubecon-cloudnativecon-europe-2025-announcement.md b/website/blog/2025/03/03-18-gardener-kubecon-cloudnativecon-europe-2025-announcement.md index f8a4adf2b..f1dbec337 100644 --- a/website/blog/2025/03/03-18-gardener-kubecon-cloudnativecon-europe-2025-announcement.md +++ b/website/blog/2025/03/03-18-gardener-kubecon-cloudnativecon-europe-2025-announcement.md @@ -5,11 +5,18 @@ newsSubtitle: Mar 18, 2025 publishdate: 2025-03-18 authors: - name: Sonu Kumar Singh - email: sonu.kumar.singh02@sap.com + login: acumino avatar: https://avatars.githubusercontent.com/acumino aliases: ["/blog/2025/03/18/01"] +tags: + - community-event + - security + - networking + - provider-aws + - provider-azure + - provider-gcp + - provider-openstack --- - # Gardener at KubeCon + CloudNativeCon Europe, London 2025 The open-source project [Gardener](https://gardener.cloud/) is set to showcase its cutting-edge Kubernetes-as-a-Service (KaaS) capabilities at [KubeCon + CloudNativeCon Europe](https://events.linuxfoundation.org/kubecon-cloudnativecon-europe/) 2025 in London. diff --git a/website/blog/2025/04/04-17-leaner-clusters-lower-bills.md b/website/blog/2025/04/04-17-leaner-clusters-lower-bills.md index 96622f5f8..7da9860a4 100644 --- a/website/blog/2025/04/04-17-leaner-clusters-lower-bills.md +++ b/website/blog/2025/04/04-17-leaner-clusters-lower-bills.md @@ -5,11 +5,15 @@ newsSubtitle: April 17, 2025 publishdate: 2025-04-17 authors: - name: Vedran Lerenc - email: vedran.lerenc@sap.com + login: vlerenc avatar: https://avatars.githubusercontent.com/vlerenc aliases: ["/blog/2025/04/17/01"] +tags: + - technical-deep-dive + - cost-optimization + - node-management + - apeiro --- - As organizations embrace Kubernetes for managing containerized applications at scale, the underlying infrastructure costs, particularly for compute resources, become a critical factor. Gardener, the open-source Kubernetes management platform, empowers organizations like SAP, STACKIT, T-Systems, and others (see [adopters](https://gardener.cloud/adopter)) to operate tens of thousands of Kubernetes clusters efficiently across diverse environments. Gardener's role as a core technology in initiatives like [NeoNephos](https://neonephos.org/projects), aimed at advancing digital autonomy in Europe (see [KubeCon London 2025 Keynote](https://www.youtube.com/watch?v=85MDID9Ju04&t=621s) and [press announcement](https://linuxfoundation.eu/newsroom/the-linux-foundation-announces-the-launch-of-neonephos-to-advance-digital-autonomy-in-europe)), further underscores the need for cost-effective and sustainable operations. At the heart of Gardener's architecture is the concept of "Kubeception" (see [readme](https://github.com/gardener/gardener?tab=readme-ov-file#gardener) and [architecture](https://github.com/gardener/gardener/blob/master/docs/concepts/architecture.md)): Gardener runs *on* Kubernetes (called a **runtime cluster**), facilitates access *through* a self-managed node-less Kubernetes cluster (called the **garden cluster**), manages Kubernetes control planes as pods *within* self-managed Kubernetes clusters that provide high scalability to Gardener (called **seed clusters**), and *provisions* end-user Kubernetes clusters (called **shoot clusters**). Therefore, optimizing Gardener's own Kubernetes-related resource consumption directly translates into cost savings across all these layers, benefiting both Gardener service providers and the end-users consuming the managed clusters. @@ -322,3 +326,4 @@ Optimizing Kubernetes compute costs at scale is a complex but rewarding endeavor 6. **Accurate Overheads:** Measure and tailor `kube-reserved` based on actual system usage patterns rather than static formulas. These efforts have yielded substantial cost reductions for operating Gardener itself and, by extension, for all Gardener adopters running managed Kubernetes clusters. We hope sharing our journey provides valuable insights for your own optimization efforts, whether you're just starting or looking to refine your existing strategies. + diff --git a/website/blog/2025/05/05-12-gardener-neonephos.md b/website/blog/2025/05/05-12-gardener-neonephos.md index ed9db91e7..8f9e13c17 100644 --- a/website/blog/2025/05/05-12-gardener-neonephos.md +++ b/website/blog/2025/05/05-12-gardener-neonephos.md @@ -5,11 +5,13 @@ newsSubtitle: May 12, 2025 publishdate: 2025-05-12 authors: - name: Vedran Lerenc - email: vedran.lerenc@sap.com + login: vlerenc avatar: https://avatars.githubusercontent.com/vlerenc aliases: ["/blog/2025/05/12/01"] +tags: + - technical-deep-dive + - apeiro --- - The Kubernetes ecosystem is dynamic, offering a wealth of tools to manage the complexities of modern cloud-native applications. For enterprises seeking to provision and manage Kubernetes clusters efficiently, securely, and at scale, a robust and comprehensive solution is paramount. Gardener, born from years of managing tens of thousands of clusters efficiently across diverse platforms and in demanding environments, stands out as a fully open-source choice for delivering fully managed Kubernetes Clusters as a Service. It already empowers organizations like SAP, STACKIT, T-Systems, and others (see [adopters](https://gardener.cloud/adopter)) and has become a core technology for [NeoNephos](https://neonephos.org/projects), a project aimed at advancing digital autonomy in Europe (see [KubeCon London 2025 Keynote](https://www.youtube.com/watch?v=85MDID9Ju04&t=621s) and [press announcement](https://neonephos.org/press/2025/the-linux-foundation-announces-the-launch-of-neonephos-to-advance-digital-autonomy-in-europe/)). ### The Gardener Approach: An Architecture Forged by Experience @@ -79,3 +81,4 @@ Gardener's operational maturity is a direct reflection of its long evolution, sh For enterprises and organizations seeking a comprehensive, truly open-source solution for managing the full lifecycle of Kubernetes clusters at scale, Gardener offers a compelling proposition. Its mature architecture, rich feature set, operational robustness, built-in enterprise governance capabilities, and commitment to the open-source community provide a solid foundation for running demanding Kubernetes workloads with confidence. This makes it a suitable technical underpinning for ambitious projects like NeoNephos, contributing to a future of greater digital autonomy. We invite you to explore [Gardener](https://gardener.cloud/) and discover how it can empower your enterprise-grade and -scale Kubernetes journey. + diff --git a/website/blog/2025/05/05-19-enhanced-network-flexibility-gardener-now-supports-cidr-overlap-for-non-ha-shoots.md b/website/blog/2025/05/05-19-enhanced-network-flexibility-gardener-now-supports-cidr-overlap-for-non-ha-shoots.md index 694d031a9..cd353161e 100644 --- a/website/blog/2025/05/05-19-enhanced-network-flexibility-gardener-now-supports-cidr-overlap-for-non-ha-shoots.md +++ b/website/blog/2025/05/05-19-enhanced-network-flexibility-gardener-now-supports-cidr-overlap-for-non-ha-shoots.md @@ -5,12 +5,14 @@ newsSubtitle: May 19, 2025 publishdate: 2025-05-19 authors: - avatar: https://avatars.githubusercontent.com/domdom82 - email: Dominik.Froehlich@sap.com login: domdom82 name: Dominik Froehlich aliases: ["/blog/2025/05/19/enhanced-network-flexibility-gardener-now-supports-cidr-overlap-for-non-ha-shoots"] +tags: + - feature-announcement + - networking + - node-management --- - Gardener is continually evolving to offer greater flexibility and efficiency in managing Kubernetes clusters. A significant enhancement has been introduced that addresses a common networking challenge: the requirement for completely disjoint network CIDR blocks between a shoot cluster and its seed cluster. Now, Gardener allows for IPv4 network overlap in specific scenarios, providing users with more latitude in their network planning. ### Addressing IP Address Constraints diff --git a/website/blog/2025/05/05-19-enhanced-node-management-introducing-in-place-updates-in-gardener.md b/website/blog/2025/05/05-19-enhanced-node-management-introducing-in-place-updates-in-gardener.md index 17d01df21..a05e3cefc 100644 --- a/website/blog/2025/05/05-19-enhanced-node-management-introducing-in-place-updates-in-gardener.md +++ b/website/blog/2025/05/05-19-enhanced-node-management-introducing-in-place-updates-in-gardener.md @@ -5,19 +5,19 @@ newsSubtitle: May 19, 2025 publishdate: 2025-05-19 authors: - avatar: https://avatars.githubusercontent.com/shafeeqes - email: shafeeque.e.s@sap.com login: shafeeqes name: Shafeeque E S - avatar: https://avatars.githubusercontent.com/ary1992 login: ary1992 name: Ashish Ranjan Yadav - avatar: https://avatars.githubusercontent.com/acumino - email: sonu.kumar.singh02@sap.com login: acumino name: Sonu Kumar Singh aliases: ["/blog/2025/05/19/enhanced-node-management-introducing-in-place-updates-in-gardener"] +tags: + - feature-announcement + - node-management --- - Gardener is committed to providing efficient and flexible Kubernetes cluster management. Traditionally, updates to worker pool configurations, such as machine image or Kubernetes minor version changes, trigger a rolling update. This process involves replacing existing nodes with new ones, which is a robust approach for many scenarios. However, for environments with physical or bare-metal nodes, or stateful workloads sensitive to node replacement, or if the virtual machine type is scarce, this can introduce challenges like extended update times and potential disruptions. To address these needs, Gardener now introduces **In-Place Node Updates**. This new capability allows certain updates to be applied directly to existing worker nodes without requiring their replacement, significantly reducing disruption and speeding up update processes for compatible changes. diff --git a/website/blog/2025/05/05-19-gardener-dashboard-180-streamlined-credentials-enhanced-cluster-views-and-real-time-updates.md b/website/blog/2025/05/05-19-gardener-dashboard-180-streamlined-credentials-enhanced-cluster-views-and-real-time-updates.md index dd8aa3ba2..05b437410 100644 --- a/website/blog/2025/05/05-19-gardener-dashboard-180-streamlined-credentials-enhanced-cluster-views-and-real-time-updates.md +++ b/website/blog/2025/05/05-19-gardener-dashboard-180-streamlined-credentials-enhanced-cluster-views-and-real-time-updates.md @@ -8,8 +8,12 @@ authors: login: grolu name: Lukas Gross aliases: ["/blog/2025/05/19/gardener-dashboard-180-streamlined-credentials-enhanced-cluster-views-and-real-time-updates"] +tags: + - feature-announcement + - cost-optimization + - security + - dashboard --- - Gardener Dashboard version 1.80 introduces several significant enhancements aimed at improving user experience, credentials management, and overall operational efficiency. These updates bring more clarity to credential handling, a smoother experience for managing large numbers of clusters, and a move towards a more reactive interface. ### Unified and Enhanced Credentials Management diff --git a/website/blog/2025/05/05-21-fine-tuning-kube-proxy-readiness-ensuring-accurate-health-checks-during-node-scale-down.md b/website/blog/2025/05/05-21-fine-tuning-kube-proxy-readiness-ensuring-accurate-health-checks-during-node-scale-down.md index c0a854ed4..df516e48e 100644 --- a/website/blog/2025/05/05-21-fine-tuning-kube-proxy-readiness-ensuring-accurate-health-checks-during-node-scale-down.md +++ b/website/blog/2025/05/05-21-fine-tuning-kube-proxy-readiness-ensuring-accurate-health-checks-during-node-scale-down.md @@ -5,12 +5,15 @@ newsSubtitle: May 21, 2025 publishdate: 2025-05-21 authors: - avatar: https://avatars.githubusercontent.com/ScheererJ - email: johannes.scheerer@sap.com login: ScheererJ name: Johannes Scheerer aliases: ["/blog/2025/05/21/fine-tuning-kube-proxy-readiness-ensuring-accurate-health-checks-during-node-scale-down"] +tags: + - technical-deep-dive + - networking + - node-management + - provider-gcp --- - Gardener has recently refined how it determines the readiness of `kube-proxy` components within managed Kubernetes clusters. This adjustment leads to more accurate system health reporting, especially during node scale-down operations orchestrated by `cluster-autoscaler`. ### The Challenge: kube-proxy Readiness During Node Scale-Down @@ -39,4 +42,4 @@ By adapting its `kube-proxy` readiness checks, Gardener continues to refine its * **GitHub Pull Request:** [gardener/gardener#12015](https://github.com/gardener/gardener/pull/12015) * **Recording of the presentation segment:** [Watch on YouTube (starts at the relevant section)](https://youtu.be/ssvXpPliOY0?t=1151) * **Upstream KEP:** [KEP-3836: Kube-proxy improved ingress connectivity reliability](https://github.com/alexanderConstantinescu/kubernetes-enhancements/blob/e3d8adae9cf79338add2149db0900e47a4c64338/keps/sig-network/3836-kube-proxy-improved-ingress-connectivity-reliability/README.md?plain=1#L105-L107) -* **Upstream Kubernetes PR:** [kubernetes/kubernetes#116470](https://github.com/kubernetes/kubernetes/pull/116470) \ No newline at end of file +* **Upstream Kubernetes PR:** [kubernetes/kubernetes#116470](https://github.com/kubernetes/kubernetes/pull/116470) diff --git a/website/blog/2025/05/05-21-new-in-gardener-forceful-redeployment-of-gardenlets-for-enhanced-operational-control.md b/website/blog/2025/05/05-21-new-in-gardener-forceful-redeployment-of-gardenlets-for-enhanced-operational-control.md index edf6cb93c..65c8eea0f 100644 --- a/website/blog/2025/05/05-21-new-in-gardener-forceful-redeployment-of-gardenlets-for-enhanced-operational-control.md +++ b/website/blog/2025/05/05-21-new-in-gardener-forceful-redeployment-of-gardenlets-for-enhanced-operational-control.md @@ -5,12 +5,14 @@ newsSubtitle: May 21, 2025 publishdate: 2025-05-21 authors: - avatar: https://avatars.githubusercontent.com/shafeeqes - email: shafeeque.e.s@sap.com login: shafeeqes name: Shafeeque E S aliases: ["/blog/2025/05/21/new-in-gardener-forceful-redeployment-of-gardenlets-for-enhanced-operational-control"] +tags: + - feature-announcement + - security + - node-management --- - Gardener continues to enhance its operational capabilities, and a recent improvement introduces a much-requested feature for managing gardenlets: the ability to forcefully trigger their redeployment. This provides operators with greater control and a streamlined recovery path for specific scenarios. ### The Standard gardenlet Lifecycle diff --git a/website/blog/2025/05/05-21-streamlined-node-onboarding-introducing-gardenadm-token-and-gardenadm-join.md b/website/blog/2025/05/05-21-streamlined-node-onboarding-introducing-gardenadm-token-and-gardenadm-join.md index 18194b893..856226dd6 100644 --- a/website/blog/2025/05/05-21-streamlined-node-onboarding-introducing-gardenadm-token-and-gardenadm-join.md +++ b/website/blog/2025/05/05-21-streamlined-node-onboarding-introducing-gardenadm-token-and-gardenadm-join.md @@ -5,12 +5,14 @@ newsSubtitle: May 21, 2025 publishdate: 2025-05-21 authors: - avatar: https://avatars.githubusercontent.com/rfranzke - email: rafael.franzke@sap.com + login: rfranzke login: rfranzke name: Rafael Franzke aliases: ["/blog/2025/05/21/streamlined-node-onboarding-introducing-gardenadm-token-and-gardenadm-join"] +tags: + - feature-announcement + - node-management --- - Gardener continues to enhance its `gardenadm` tool, simplifying the management of autonomous Shoot clusters. Recently, new functionalities have been introduced to streamline the process of adding worker nodes to these clusters: the `gardenadm token` command suite and the corresponding `gardenadm join` command. These additions offer a more convenient and Kubernetes-native experience for cluster expansion. ### Managing Bootstrap Tokens with `gardenadm token` diff --git a/website/blog/2025/06/06-17-taking-gardener-to-the-next-level-highlights-from-the-7th-gardener-community-hackathon-in-schelklingen.md b/website/blog/2025/06/06-17-taking-gardener-to-the-next-level-highlights-from-the-7th-gardener-community-hackathon-in-schelklingen.md index 648cd5260..61c66e1aa 100644 --- a/website/blog/2025/06/06-17-taking-gardener-to-the-next-level-highlights-from-the-7th-gardener-community-hackathon-in-schelklingen.md +++ b/website/blog/2025/06/06-17-taking-gardener-to-the-next-level-highlights-from-the-7th-gardener-community-hackathon-in-schelklingen.md @@ -5,12 +5,12 @@ newsSubtitle: June 17, 2025 publishdate: 2025-06-17 authors: - avatar: https://avatars.githubusercontent.com/marc1404 - email: marc.vornetran@sap.com login: marc1404 name: Marc Vornetran aliases: ["/blog/2025/06/06-17-taking-gardener-to-the-next-level-highlights-from-the-7th-gardener-community-hackathon-in-schelklingen"] +tags: + - community-event --- - # Taking Gardener to the Next Level: Highlights from the 7th Gardener Community Hackathon in Schelklingen The latest "Hack The Garden" event, held in June 2025 at [Schlosshof in Schelklingen](https://schlosshof-info.de/), brought together members of the Gardener community for an intensive week of collaboration, coding, and problem-solving. diff --git a/website/blog/2025/06/06-18-enabling-seamless-ipv4-to-dual-stack-migration-for-kubernetes-clusters-on-gcp.md b/website/blog/2025/06/06-18-enabling-seamless-ipv4-to-dual-stack-migration-for-kubernetes-clusters-on-gcp.md index 28b9cf3b0..130f74827 100644 --- a/website/blog/2025/06/06-18-enabling-seamless-ipv4-to-dual-stack-migration-for-kubernetes-clusters-on-gcp.md +++ b/website/blog/2025/06/06-18-enabling-seamless-ipv4-to-dual-stack-migration-for-kubernetes-clusters-on-gcp.md @@ -5,12 +5,15 @@ newsSubtitle: June 25, 2025 publishdate: 2025-06-25 authors: - avatar: https://avatars.githubusercontent.com/DockToFuture - email: sebastian.stauch@sap.com login: DockToFuture name: Sebastian Stauch aliases: ["/blog/2025/06/25/enabling-seamless-ipv4-to-dual-stack-migration-for-kubernetes-clusters-on-gcp"] +tags: + - technical-deep-dive + - networking + - node-management + - provider-gcp --- - Gardener continues to enhance its networking capabilities, now offering a streamlined migration path for existing IPv4-only shoot clusters on Google Cloud Platform (GCP) to dual-stack (IPv4 and IPv6). This allows clusters to leverage the benefits of IPv6 networking while maintaining IPv4 compatibility. ### The Shift to Dual-Stack: What Changes? @@ -52,4 +55,4 @@ Before initiating the migration, please note the following: This enhancement provides a clear path for Gardener users on GCP to adopt IPv6, paving the way for future-ready network architectures. -For further details, you can refer to the [official pull request](https://github.com/gardener/gardener-extension-provider-gcp/pull/1010) and the [relevant segment of the developer talk](https://youtu.be/HguO_KY86ac?t=82). Additional documentation can also be found within the [Gardener documentation](https://gardener.cloud/docs/gardener/networking/dual-stack-networking-migration/). \ No newline at end of file +For further details, you can refer to the [official pull request](https://github.com/gardener/gardener-extension-provider-gcp/pull/1010) and the [relevant segment of the developer talk](https://youtu.be/HguO_KY86ac?t=82). Additional documentation can also be found within the [Gardener documentation](https://gardener.cloud/docs/gardener/networking/dual-stack-networking-migration/). diff --git a/website/blog/2025/06/06-18-enhanced-extension-management-introducing-autoenable-and-clustercompatibility.md b/website/blog/2025/06/06-18-enhanced-extension-management-introducing-autoenable-and-clustercompatibility.md index 1bdc483ca..d97e5fe14 100644 --- a/website/blog/2025/06/06-18-enhanced-extension-management-introducing-autoenable-and-clustercompatibility.md +++ b/website/blog/2025/06/06-18-enhanced-extension-management-introducing-autoenable-and-clustercompatibility.md @@ -8,8 +8,10 @@ authors: login: timuthy name: Tim Usner aliases: ["/blog/2025/06/18/enhanced-extension-management-introducing-autoenable-and-clustercompatibility"] +tags: + - feature-announcement + - extensions --- - Gardener's extension mechanism has been enhanced with two new fields in the `ControllerRegistration` and `operatorv1alpha1.Extension` APIs, offering operators more granular control and improved safety when managing extensions. These changes, detailed in [PR #11982](https://github.com/gardener/gardener/pull/11982), introduce `autoEnable` and `clusterCompatibility` for resources of `kind: Extension`. ### Fine-Grained Automatic Enablement with `autoEnable` diff --git a/website/blog/2025/06/06-18-enhanced-internal-traffic-management-l7-load-balancing-for-kube-apiservers-in-gardener.md b/website/blog/2025/06/06-18-enhanced-internal-traffic-management-l7-load-balancing-for-kube-apiservers-in-gardener.md index 5d8d99906..f482d150e 100644 --- a/website/blog/2025/06/06-18-enhanced-internal-traffic-management-l7-load-balancing-for-kube-apiservers-in-gardener.md +++ b/website/blog/2025/06/06-18-enhanced-internal-traffic-management-l7-load-balancing-for-kube-apiservers-in-gardener.md @@ -8,8 +8,10 @@ authors: login: oliver-goetz name: "Oliver G\xF6tz" aliases: ["/blog/2025/06/18/enhanced-internal-traffic-management-l7-load-balancing-for-kube-apiservers-in-gardener"] +tags: + - feature-announcement + - networking --- - Gardener continuously evolves to optimize performance and reliability. A recent improvement focuses on how internal control plane components communicate with `kube-apiserver` instances, introducing cluster-internal Layer 7 (L7) load balancing to ensure better resource distribution and system stability. ### The Challenge: Unbalanced Internal Load on kube-apiservers diff --git a/website/blog/2025/06/06-18-gardener-enhances-observability-with-opentelemetry-integration-for-logging.md b/website/blog/2025/06/06-18-gardener-enhances-observability-with-opentelemetry-integration-for-logging.md index 4f41aaa1b..780971a39 100644 --- a/website/blog/2025/06/06-18-gardener-enhances-observability-with-opentelemetry-integration-for-logging.md +++ b/website/blog/2025/06/06-18-gardener-enhances-observability-with-opentelemetry-integration-for-logging.md @@ -5,16 +5,16 @@ newsSubtitle: June 18, 2025 publishdate: 2025-06-18 authors: - avatar: https://avatars.githubusercontent.com/nickytd - email: nickytd@gmail.com login: nickytd name: Niki Dokovski - avatar: https://avatars.githubusercontent.com/rrhubenov - email: rrhubenov@gmail.com login: rrhubenov name: Rado Hubenov aliases: ["/blog/2025/06/18/gardener-enhances-observability-with-opentelemetry-integration-for-logging"] +tags: + - technical-deep-dive + - observability --- - Gardener is advancing its observability capabilities by integrating OpenTelemetry, starting with log collection and processing. This strategic move, outlined in [GEP-34: OpenTelemetry Operator And Collectors](https://github.com/gardener/gardener/pull/11861), lays the groundwork for a more standardized, flexible, and powerful observability framework in line with Gardener's [Observability 2.0 vision](https://github.com/gardener/logging/blob/master/docs/observability-2.0/Observability%202.0.md). ### The Drive Towards Standardization diff --git a/website/blog/2025/06/06-25-enhanced-health-checks-for-node-rolling-updates.md b/website/blog/2025/06/06-25-enhanced-health-checks-for-node-rolling-updates.md index 061f04e2e..2f86616b4 100644 --- a/website/blog/2025/06/06-25-enhanced-health-checks-for-node-rolling-updates.md +++ b/website/blog/2025/06/06-25-enhanced-health-checks-for-node-rolling-updates.md @@ -8,8 +8,10 @@ authors: login: RadaBDimitrova name: Rada Dimitrova aliases: ["/blog/2025/06/25/enhanced-health-checks-for-node-rolling-updates"] +tags: + - feature-announcement + - node-management --- - For operators managing Kubernetes clusters, clear and accurate health status is essential for stability and efficient troubleshooting. A recent enhancement to Gardener's `shoot-care` controller improves the precision of health checks during one of the most common operational tasks: rolling updates of worker nodes. ### The Challenge with Rolling Update Status diff --git a/website/blog/2025/06/06-25-enhancing-meltdown-protection-with-dependency-watchdog-annotations.md b/website/blog/2025/06/06-25-enhancing-meltdown-protection-with-dependency-watchdog-annotations.md index 60f1b419b..6c8336b6c 100644 --- a/website/blog/2025/06/06-25-enhancing-meltdown-protection-with-dependency-watchdog-annotations.md +++ b/website/blog/2025/06/06-25-enhancing-meltdown-protection-with-dependency-watchdog-annotations.md @@ -8,8 +8,11 @@ authors: login: ashwani2k name: Ashwani Kumar aliases: ["/blog/2025/06/25/enhancing-meltdown-protection-with-dependency-watchdog-annotations"] +tags: + - feature-announcement + - autoscaling + - node-management --- - Gardener's `dependency-watchdog` is a crucial component for ensuring cluster stability. During infrastructure-level outages where worker nodes cannot communicate with the control plane, it activates a "meltdown protection" mechanism. This involves scaling down key control plane components like the `machine-controller-manager` (MCM), `cluster-autoscaler` (CA), and `kube-controller-manager` (KCM) to prevent them from taking incorrect actions based on stale information, such as deleting healthy nodes that are only temporarily unreachable. ### The Challenge: Premature Scale-Up During Reconciliation diff --git a/website/blog/2025/06/06-25-improving-credential-management-for-seed-backups.md b/website/blog/2025/06/06-25-improving-credential-management-for-seed-backups.md index 4be0af225..6a593af50 100644 --- a/website/blog/2025/06/06-25-improving-credential-management-for-seed-backups.md +++ b/website/blog/2025/06/06-25-improving-credential-management-for-seed-backups.md @@ -5,16 +5,18 @@ newsSubtitle: June 25, 2025 publishdate: 2025-06-25 authors: - avatar: https://avatars.githubusercontent.com/dimityrmirchev - email: dimitar.mirchev@sap.com login: dimityrmirchev name: Dimitar Mirchev - avatar: https://avatars.githubusercontent.com/vpnachev - email: vladimir.nachev@sap.com login: vpnachev name: Vladimir Nachev aliases: ["/blog/2025/06/25/improving-credential-management-for-seed-backups"] +tags: + - technical-deep-dive + - security + - storage + - node-management --- - Gardener has introduced a new feature gate, `DoNotCopyBackupCredentials`, to enhance the security and clarity of how backup credentials for managed seeds are handled. This change moves away from an implicit credential-copying mechanism to a more explicit and secure configuration practice. ### The Old Behavior and Its Drawbacks diff --git a/website/blog/2025/06/06-25-introducing-gardenadm-bootstrap-for-autonomous-shoots.md b/website/blog/2025/06/06-25-introducing-gardenadm-bootstrap-for-autonomous-shoots.md index d395f1638..9e0f7fa56 100644 --- a/website/blog/2025/06/06-25-introducing-gardenadm-bootstrap-for-autonomous-shoots.md +++ b/website/blog/2025/06/06-25-introducing-gardenadm-bootstrap-for-autonomous-shoots.md @@ -5,12 +5,13 @@ newsSubtitle: June 25, 2025 publishdate: 2025-06-25 authors: - avatar: https://avatars.githubusercontent.com/timebertt - email: timebertt@gmail.com login: timebertt name: Tim Ebert aliases: ["/blog/2025/06/25/introducing-gardenadm-bootstrap-for-autonomous-shoots"] +tags: + - feature-announcement + - node-management --- - Gardener is enhancing its capabilities to support autonomous Shoot clusters, a model where the control plane runs on dedicated nodes within the cluster itself rather than on a separate Seed cluster. This approach is ideal for edge, air-gapped, or self-hosted Gardener environments. A new command-line tool, `gardenadm`, is being developed to streamline the creation and management of these clusters, as outlined in [GEP-28](https://github.com/gardener/gardener/tree/master/docs/proposals/28-autonomous-shoot-clusters.md). A significant step forward is the new `gardenadm bootstrap` command, which implements the "medium-touch" provisioning scenario. diff --git a/website/blog/2025/06/06-30-getting-started-with-opentelemetry-on-gardener-shoot-cluster.md b/website/blog/2025/06/06-30-getting-started-with-opentelemetry-on-gardener-shoot-cluster.md index b1ee164ab..ca8289570 100644 --- a/website/blog/2025/06/06-30-getting-started-with-opentelemetry-on-gardener-shoot-cluster.md +++ b/website/blog/2025/06/06-30-getting-started-with-opentelemetry-on-gardener-shoot-cluster.md @@ -5,12 +5,14 @@ newsSubtitle: June 30, 2025 publishdate: 2025-06-30 authors: - avatar: https://avatars.githubusercontent.com/nickytd - email: nickytd@gmail.com login: nickytd name: Niki Dokovski aliases: ["/blog/2025/06/30/getting-started-with-opentelemetry-on-gardener-shoot-cluster"] +tags: + - tutorial + - security + - observability --- - In this blog post, we will explore how to set up an [OpenTelemetry](https://opentelemetry.io/) based observability stack on a Gardener shoot cluster. OpenTelemetry is an open-source observability framework that provides a set of APIs, SDKs, agents, and instrumentation to collect telemetry data from applications and systems. It provides a unified approach for collecting, processing, and exporting telemetry data such as traces, metrics, and logs. In addition, it gives flexibility in designing observability stacks, helping avoid vendor lock-in and allowing users to choose the most suitable tools for their use cases. diff --git a/website/blog/2025/07/07-16-enhancing-data-protection-with-immutable-backup-buckets.md b/website/blog/2025/07/07-16-enhancing-data-protection-with-immutable-backup-buckets.md index 70be95f83..d844a8615 100644 --- a/website/blog/2025/07/07-16-enhancing-data-protection-with-immutable-backup-buckets.md +++ b/website/blog/2025/07/07-16-enhancing-data-protection-with-immutable-backup-buckets.md @@ -8,8 +8,13 @@ authors: login: ishan16696 name: Ishan Tyagi aliases: ["/blog/2025/07/16/enhancing-data-protection-with-immutable-backup-buckets"] +tags: + - feature-announcement + - security + - storage + - etcd + - extensions --- - Gardener has introduced support for immutable backup buckets, a critical feature for enhancing the security and resilience of your Kubernetes clusters. This new capability leverages native cloud provider features to protect your etcd backups from accidental or malicious deletion and modification, helping you meet stringent security and compliance requirements. ### What Are Immutable Backup Buckets? diff --git a/website/blog/2025/07/07-30-enhanced-network-flexibility-cidr-overlap-now-supported-for-ha-shoots.md b/website/blog/2025/07/07-30-enhanced-network-flexibility-cidr-overlap-now-supported-for-ha-shoots.md index ff4051c53..7f58f4348 100644 --- a/website/blog/2025/07/07-30-enhanced-network-flexibility-cidr-overlap-now-supported-for-ha-shoots.md +++ b/website/blog/2025/07/07-30-enhanced-network-flexibility-cidr-overlap-now-supported-for-ha-shoots.md @@ -5,12 +5,15 @@ newsSubtitle: July 30, 2025 publishdate: 2025-07-30 authors: - avatar: https://avatars.githubusercontent.com/domdom82 - email: Dominik.Froehlich@sap.com login: domdom82 name: Dominik Froehlich aliases: ["/blog/2025/07/30/enhanced-network-flexibility-cidr-overlap-now-supported-for-ha-shoots"] +tags: + - feature-announcement + - networking + - node-management + - extensions --- - Gardener continues to enhance its networking capabilities, offering users greater flexibility in managing their cluster landscapes. A significant advancement is the extension of IPv4 network overlap support to Shoot clusters with high-availability (HA) control planes. Previously a feature exclusive to non-HA Shoots, this update allows both single-stack IPv4 and dual-stack Shoots to utilize pod, service, and node network ranges that overlap with the networks of their Seed cluster. ### Disentangling Networks with Double NAT diff --git a/website/blog/2025/08/08-04-cluster-api-provider-gardener.md b/website/blog/2025/08/08-04-cluster-api-provider-gardener.md index 98b906d7d..830785071 100644 --- a/website/blog/2025/08/08-04-cluster-api-provider-gardener.md +++ b/website/blog/2025/08/08-04-cluster-api-provider-gardener.md @@ -12,11 +12,13 @@ authors: name: Tobias Schlicht aliases: ["/blog/2025/08/04/announcing-cluster-api-provider-gardener"] tags: - - Cluster API - - CAPI - - GAPI - - CAPGa - - KCP + - feature-announcement + - cluster-api + - capi + - gapi + - capga + - kcp + - apeiro --- ## Announcing cluster-api-provider-gardener: Manage Gardener Clusters with Cluster API @@ -140,3 +142,5 @@ The long-term goal is to support CAPGa within a centrally managed _Platform Mesh ### Contributing We encourage anyone interested to try out CAPGa and share their experiences. If you encounter issues or have ideas for improvements, please open an issue or a pull request in the [GitHub repository](https://github.com/gardener/cluster-api-provider-gardener). Contributions are very welcome. + + diff --git a/website/blog/2025/08/08-13-keeping-track-of-your-resources-with-inventory.md b/website/blog/2025/08/08-13-keeping-track-of-your-resources-with-inventory.md index d0c847fe0..ceb76b2c5 100644 --- a/website/blog/2025/08/08-13-keeping-track-of-your-resources-with-inventory.md +++ b/website/blog/2025/08/08-13-keeping-track-of-your-resources-with-inventory.md @@ -5,10 +5,16 @@ newsSubtitle: Aug 13, 2025 publishdate: 2025-08-13 authors: - avatar: https://avatars.githubusercontent.com/dnaeon - email: dnaeon@gmail.com login: dnaeon name: Marin Atanasov Nikolov aliases: [/blog/2025/08/13/getting-started-with-gardener-inventory] +tags: + - technical-deep-dive + - cost-optimization + - provider-aws + - provider-azure + - provider-gcp + - provider-openstack --- Running Kubernetes clusters at scale comes with its own challenges. diff --git a/website/blog/2025/08/08-27-enabling-node-local-dns-without-node-rollouts.md b/website/blog/2025/08/08-27-enabling-node-local-dns-without-node-rollouts.md index 93e6f52e4..cfec7c400 100644 --- a/website/blog/2025/08/08-27-enabling-node-local-dns-without-node-rollouts.md +++ b/website/blog/2025/08/08-27-enabling-node-local-dns-without-node-rollouts.md @@ -5,12 +5,15 @@ newsSubtitle: August 27, 2025 publishdate: 2025-08-27 authors: - avatar: https://avatars.githubusercontent.com/ScheererJ - email: johannes.scheerer@sap.com login: ScheererJ name: Johannes Scheerer aliases: ["/blog/2025/08/27/enabling-node-local-dns-without-node-rollouts"] +tags: + - technical-deep-dive + - cost-optimization + - networking + - node-management --- - The `node-local-dns` feature in Kubernetes significantly improves DNS reliability and performance by running a dedicated caching agent on each cluster node. However, enabling or disabling this feature in Gardener historically required a full, time-consuming rolling update of all worker nodes. A recent enhancement streamlines this process, improving operational efficiency and reducing disruption. ### The Challenge: Disruptive Configuration Changes diff --git a/website/blog/2025/08/08-27-new-emergency-brake-for-gardener-shoot-reconciliations.md b/website/blog/2025/08/08-27-new-emergency-brake-for-gardener-shoot-reconciliations.md index 219fe96a8..ff1b0407e 100644 --- a/website/blog/2025/08/08-27-new-emergency-brake-for-gardener-shoot-reconciliations.md +++ b/website/blog/2025/08/08-27-new-emergency-brake-for-gardener-shoot-reconciliations.md @@ -8,8 +8,9 @@ authors: login: LucaBernstein name: Luca Bernstein aliases: ["/blog/2025/08/27/new-emergency-brake-for-gardener-shoot-reconciliations"] +tags: + - technical-deep-dive --- - In large-scale Kubernetes landscapes, ensuring stability during updates is paramount. A faulty configuration or update can propagate quickly, potentially impacting numerous clusters. To provide operators with a powerful tool to mitigate such risks, Gardener has introduced an emergency stop mechanism for `Shoot` reconciliations. ### How It Works diff --git a/website/blog/2025/09/09-05-ipv6-update.md b/website/blog/2025/09/09-05-ipv6-update.md index 583f9155e..fcdd39923 100644 --- a/website/blog/2025/09/09-05-ipv6-update.md +++ b/website/blog/2025/09/09-05-ipv6-update.md @@ -7,10 +7,12 @@ authors: - avatar: https://avatars.githubusercontent.com/ScheererJ login: ScheererJ name: Johannes Scheerer - email: johannes.scheerer@sap.com aliases: ["/blog/2025/09/05/ipv6-update"] +tags: + - technical-deep-dive + - networking + - extensions --- - The internet is built on the Internet Protocol (IP), and for decades, its fourth version, IPv4, has been the bedrock of global connectivity. However, the explosive growth of the internet, a phenomenon that began in the 1990s, made it clear that the 32-bit address space of IPv4 was finite and rapidly depleting. The long-foreseen solution, IPv6, with its vast 128-bit address space, has been around for nearly 30 years, but its adoption has been a slow and steady marathon rather than a sprint. Today, the need for IPv6 is no longer a distant future concern; it's a present-day reality driven by market forces, technological evolution, and even government mandates. At Gardener, we've been on a multi-year journey to integrate IPv6 deeply and thoughtfully into our managed Kubernetes offerings. diff --git a/website/blog/2025/09/09-10-explicit-internal-dns-configuration-for-seeds.md b/website/blog/2025/09/09-10-explicit-internal-dns-configuration-for-seeds.md index b296f32e8..a5e81aa63 100644 --- a/website/blog/2025/09/09-10-explicit-internal-dns-configuration-for-seeds.md +++ b/website/blog/2025/09/09-10-explicit-internal-dns-configuration-for-seeds.md @@ -8,8 +8,11 @@ authors: login: dimityrmirchev name: Dimitar Mirchev aliases: ["/blog/2025/09/10/explicit-internal-dns-configuration-for-seeds"] +tags: + - technical-deep-dive + - security + - networking --- - Gardener's DNS management capabilities have been enhanced to provide a more explicit, secure, and flexible method for configuring internal DNS for `Seed` clusters. This change moves away from a global, label-based secret selection to a direct configuration within the `Seed` API. ### A New API for Per-Seed Configuration @@ -41,4 +44,4 @@ This enhancement is the first step in improving DNS configuration management. A **For more details, you can check out the following resources:** * [Recording of the Talk](https://youtu.be/aUCxInp-yaA?t=1109) -* [GitHub Pull Request #12663](https://github.com/gardener/gardener/pull/12663) \ No newline at end of file +* [GitHub Pull Request #12663](https://github.com/gardener/gardener/pull/12663) diff --git a/website/blog/2025/09/09-10-modernizing-gardeners-logging-stack-with-opentelemetry.md b/website/blog/2025/09/09-10-modernizing-gardeners-logging-stack-with-opentelemetry.md index c29fe67c4..32c7fc241 100644 --- a/website/blog/2025/09/09-10-modernizing-gardeners-logging-stack-with-opentelemetry.md +++ b/website/blog/2025/09/09-10-modernizing-gardeners-logging-stack-with-opentelemetry.md @@ -6,10 +6,13 @@ publishdate: 2025-09-10 authors: - avatar: https://avatars.githubusercontent.com/rrhubenov login: rrhubenov - name: rhubenov + name: Radoslav Hubenov aliases: ["/blog/2025/09/10/modernizing-gardeners-logging-stack-with-opentelemetry"] +tags: + - technical-deep-dive + - observability + - storage --- - Gardener is introducing a significant enhancement to its logging architecture for shoot clusters. By enabling the new `OpenTelemetryCollector` feature gate, shoots will be instrumented with the power and flexibility of the [OpenTelemetry Collector](https://opentelemetry.io/docs/collector/) to process and route shoot logs. This marks a key step in the evolution of Gardener's observability stack, as outlined in [GEP-34](https://github.com/gardener/gardener/blob/master/docs/proposals/34-observability2.0-opentelemtry-operator-and-collectors.md). ### A More Flexible Logging Pipeline @@ -40,3 +43,4 @@ This update is a foundational move towards a more powerful, flexible, and standa * **[GitHub Pull Request #12568](https://github.com/gardener/gardener/pull/12568)** * **[GEP-34: Observability 2.0 - OpenTelemetry Operator and Collectors](https://github.com/gardener/gardener/blob/master/docs/proposals/34-observability2.0-opentelemtry-operator-and-collectors.md)** * **[OpenTelemetry Collector Documentation](https://opentelemetry.io/docs/collector/)** + diff --git a/website/blog/2025/10/10-08-efs-filestore-csi-drivers.md b/website/blog/2025/10/10-08-efs-filestore-csi-drivers.md index c44874953..f5fbf370e 100644 --- a/website/blog/2025/10/10-08-efs-filestore-csi-drivers.md +++ b/website/blog/2025/10/10-08-efs-filestore-csi-drivers.md @@ -8,8 +8,15 @@ authors: login: hebelsan name: Alexander Hebel aliases: ["/blog/2025/10/08/new-shared-file-storage-options-on-aws-and-gcp"] +tags: + - technical-deep-dive + - security + - networking + - storage + - node-management + - provider-aws + - provider-gcp --- - Gardener continues to expand its storage capabilities, now offering integrated support for managed Network File System (NFS) services on Amazon Web Services (AWS) and Google Cloud Platform (GCP). These additions provide a straightforward way to provision shared, persistent storage with `ReadWriteMany` access for workloads that require concurrent access from multiple pods. ### AWS Elastic File System (EFS) Support @@ -41,7 +48,8 @@ spec: enabled: true # id: fs-12345678 # Optional: Use an existing EFS file system ``` -> [!NOTE] + +> [!NOTE] > When using this feature, the instance metadata setting `httpTokens` must not be set to `required`, as this would prevent the driver from accessing the necessary metadata. ### GCP Filestore Support @@ -78,4 +86,4 @@ Once enabled, a `StorageClass` named `csi-filestore` becomes available for provi To learn more, you can explore the original pull requests and the recording from our developer meeting: * **Talk Recording:** [EFS + Filestore CSI Drivers](https://youtu.be/mqSwkR8TmuE?t=1174) * **AWS EFS Pull Request:** [gardener-extension-provider-aws #1174](https://github.com/gardener/gardener-extension-provider-aws/pull/1174) -* **GCP Filestore Pull Request:** [gardener-extension-provider-gcp #1095](https://github.com/gardener/gardener-extension-provider-gcp/pull/1095) \ No newline at end of file +* **GCP Filestore Pull Request:** [gardener-extension-provider-gcp #1095](https://github.com/gardener/gardener-extension-provider-gcp/pull/1095) diff --git a/website/blog/2025/10/10-22-extensible-advertised-addresses-for-shoots.md b/website/blog/2025/10/10-22-extensible-advertised-addresses-for-shoots.md index bdb9bc7fa..a227f2e0d 100644 --- a/website/blog/2025/10/10-22-extensible-advertised-addresses-for-shoots.md +++ b/website/blog/2025/10/10-22-extensible-advertised-addresses-for-shoots.md @@ -5,12 +5,15 @@ newsSubtitle: October 22, 2025 publishdate: 2025-10-22 authors: - avatar: https://avatars.githubusercontent.com/dnaeon - email: dnaeon@gmail.com login: dnaeon name: Marin Atanasov Nikolov aliases: ["/blog/2025/10/22/enhanced-endpoint-discovery-with-extensible-advertised-addresses"] +tags: + - feature-announcement + - security + - observability + - extensions --- - Gardener has introduced a new feature that enhances the discoverability of services running within a Shoot's control plane. While the `.status.advertisedAddresses` field in the `Shoot` resource has always provided key endpoints like the API server URL, it now supports extension by other components. ### The Challenge of Endpoint Discovery diff --git a/website/blog/2025/10/10-22-useunifiedhttpproxy-feature-gate.md b/website/blog/2025/10/10-22-useunifiedhttpproxy-feature-gate.md index 9afe0124c..0261fda8d 100644 --- a/website/blog/2025/10/10-22-useunifiedhttpproxy-feature-gate.md +++ b/website/blog/2025/10/10-22-useunifiedhttpproxy-feature-gate.md @@ -8,8 +8,9 @@ authors: login: hown3d name: Lukas Hoehl aliases: ["/blog/2025/10/22/unifying-http-proxy-infrastructure-in-gardener"] +tags: + - technical-deep-dive --- - Gardener is simplifying its networking infrastructure by moving towards a single, unified entrypoint for all HTTP CONNECT proxy traffic. This change, introduced as part of [GEP-30](https://github.com/gardener/gardener/blob/master/docs/proposals/30-apiserver-proxy.md), aims to streamline configuration and reduce complexity. ### The `UseUnifiedHTTPProxyPort` Feature Gate diff --git a/website/blog/2025/10/10-27-unifying-dns-behavior-custom-coredns-configurations-now-supported-in-node-local-dns.md b/website/blog/2025/10/10-27-unifying-dns-behavior-custom-coredns-configurations-now-supported-in-node-local-dns.md index ca884ee65..99d716084 100644 --- a/website/blog/2025/10/10-27-unifying-dns-behavior-custom-coredns-configurations-now-supported-in-node-local-dns.md +++ b/website/blog/2025/10/10-27-unifying-dns-behavior-custom-coredns-configurations-now-supported-in-node-local-dns.md @@ -5,12 +5,14 @@ newsSubtitle: October 27, 2025 publishdate: 2025-10-27 authors: - avatar: https://avatars.githubusercontent.com/DockToFuture - email: sebastian.stauch@sap.com login: DockToFuture name: Sebastian Stauch aliases: ["/blog/2025/10/27/unifying-dns-behavior-custom-coredns-configurations-now-supported-in-node-local-dns"] +tags: + - technical-deep-dive + - networking + - node-management --- - Gardener is committed to making `node-local-dns` a standard feature across all shoot clusters to enhance DNS performance and reliability. A recent enhancement ensures that enabling this feature is a seamless experience, even for clusters with specialized DNS configurations. Gardener now supports applying custom CoreDNS rules directly within `node-local-dns`. ### The Challenge: Inconsistent DNS Resolution diff --git a/website/blog/2025/11/11-12-gardener-ai-conformance.md b/website/blog/2025/11/11-12-gardener-ai-conformance.md index fc53b3b42..4148edf5b 100644 --- a/website/blog/2025/11/11-12-gardener-ai-conformance.md +++ b/website/blog/2025/11/11-12-gardener-ai-conformance.md @@ -4,10 +4,13 @@ linkTitle: "Gardener Achieves CNCF AI Conformance for Kubernetes" newsSubtitle: November 12, 2025 publishdate: 2025-11-12 authors: -- email: vedran.lerenc@sap.com +- name: Vedran Lerenc + login: vlerenc + avatar: https://avatars.githubusercontent.com/vlerenc aliases: ["/blog/2025/11/12/gardener-ai-conformance"] +tags: + - technical-deep-dive --- - We are happy to announce that Gardener is one of the first Kubernetes offerings to report official AI Conformance, as defined by the Cloud Native Computing Foundation's (CNCF) Kubernetes AI Conformance Working Group. This significant milestone underscores Gardener's commitment to providing a robust, scalable, and reliable platform for running modern, resource-intensive AI and machine learning (ML) workloads. ### What is Kubernetes AI Conformance? @@ -52,3 +55,4 @@ With Gardener, you can be assured that your Kubernetes clusters are not just cap * [Gardener AI Conformance Submission](https://github.com/gardener/gardener-ai-conformance) * [Gardener NVIDIA GPU Operator Installation Guide](https://github.com/gardener/gardener-ai-conformance/blob/main/v1.33/NVIDIA-GPU-Operator.md) * [Gardener AI Conformance Requirements and Demonstration](https://github.com/gardener/gardener-ai-conformance/tree/main/v1.33) + diff --git a/website/blog/2025/11/11-13-promcon-eu-2025.md b/website/blog/2025/11/11-13-promcon-eu-2025.md index 1d369a7d1..e9b08453f 100644 --- a/website/blog/2025/11/11-13-promcon-eu-2025.md +++ b/website/blog/2025/11/11-13-promcon-eu-2025.md @@ -11,8 +11,10 @@ authors: login: rickardsjp name: Jeremy Rickards aliases: ["/blog/2025/11/12/promcon-eu-2025"] +tags: + - community-event + - observability --- - PromCon EU 2025, the 10th annual conference for Prometheus users and developers, took place on October 21st and 22nd. After being held in Berlin for two years, the event was kindly hosted by Google in Munich again this year. Since Prometheus and related tools are the core of Gardener's monitoring stack, we were excited to attend, connect with the community, and learn about the latest developments in the Prometheus ecosystem. ![alt text](images/promcon2025.jpeg) diff --git a/website/blog/2026/01/01-28-introducing-automated-credential-rotation.md b/website/blog/2026/01/01-28-introducing-automated-credential-rotation.md index cb6b2fc11..0937b4593 100644 --- a/website/blog/2026/01/01-28-introducing-automated-credential-rotation.md +++ b/website/blog/2026/01/01-28-introducing-automated-credential-rotation.md @@ -8,8 +8,14 @@ authors: login: AleksandarSavchev name: Aleksandar Savchev aliases: ["/blog/2026/01/28/introducing-automated-credential-rotation"] +tags: + - feature-announcement + - security + - observability + - storage + - node-management + - etcd --- - Maintaining a strong security posture is crucial for any Kubernetes environment. A key aspect of this is the regular rotation of credentials. To simplify this essential task and reduce operational overhead, Gardener now supports the automatic rotation of several critical credentials during a `Shoot` cluster's maintenance window. ### Enhanced Security, Effortlessly diff --git a/website/blog/2026/02/02-18-enhanced-security-for-helm-deployments-gardener-adds-custom-ca-support-for-oci-registries.md b/website/blog/2026/02/02-18-enhanced-security-for-helm-deployments-gardener-adds-custom-ca-support-for-oci-registries.md index d308a351d..d3c903ac0 100644 --- a/website/blog/2026/02/02-18-enhanced-security-for-helm-deployments-gardener-adds-custom-ca-support-for-oci-registries.md +++ b/website/blog/2026/02/02-18-enhanced-security-for-helm-deployments-gardener-adds-custom-ca-support-for-oci-registries.md @@ -5,12 +5,15 @@ newsSubtitle: February 18, 2026 publishdate: 2026-02-18 authors: - avatar: https://avatars.githubusercontent.com/shafeeqes - email: shafeeque.e.s@sap.com login: shafeeqes name: Shafeeque E S aliases: ["/blog/2026/02/18/enhanced-security-for-helm-deployments-gardener-adds-custom-ca-support-for-oci-registries"] +tags: + - feature-announcement + - security + - helm + - extensions --- - Gardener continues to enhance its security and flexibility, particularly for users operating in air-gapped environments or utilizing private infrastructure. A new feature now allows operators to specify a custom Certificate Authority (CA) bundle when pulling Helm charts from OCI registries. This is a significant improvement for environments where registries are secured with custom or self-signed TLS certificates. ## The Challenge of Private Registries diff --git a/website/blog/2026/02/02-18-seamlessly-switch-calicos-overlay-network-in-gardener.md b/website/blog/2026/02/02-18-seamlessly-switch-calicos-overlay-network-in-gardener.md index 5c091ee12..350a23a71 100644 --- a/website/blog/2026/02/02-18-seamlessly-switch-calicos-overlay-network-in-gardener.md +++ b/website/blog/2026/02/02-18-seamlessly-switch-calicos-overlay-network-in-gardener.md @@ -5,12 +5,13 @@ newsSubtitle: February 18, 2026 publishdate: 2026-02-18 authors: - avatar: https://avatars.githubusercontent.com/DockToFuture - email: sebastian.stauch@sap.com login: DockToFuture name: Sebastian Stauch aliases: ["/blog/2026/02/18/seamlessly-switch-calicos-overlay-network-in-gardener"] +tags: + - technical-deep-dive + - networking --- - Switching networking configurations in a live Kubernetes cluster is a delicate operation where timing is everything. A common scenario for Gardener operators is transitioning a cluster's Calico networking from an overlay mode (like IPIP) to a non-overlay, native routing mode. Previously, this switch could lead to temporary network disruptions. We're happy to announce a new feature that ensures this transition is seamless and free of downtime. ### The Challenge: A Race for Routes diff --git a/website/blog/2026/02/02-18-simplify-multi-cluster-configuration-with-static-manifest-propagation.md b/website/blog/2026/02/02-18-simplify-multi-cluster-configuration-with-static-manifest-propagation.md index 84511a3bd..b5b112bd8 100644 --- a/website/blog/2026/02/02-18-simplify-multi-cluster-configuration-with-static-manifest-propagation.md +++ b/website/blog/2026/02/02-18-simplify-multi-cluster-configuration-with-static-manifest-propagation.md @@ -5,12 +5,16 @@ newsSubtitle: February 18, 2026 publishdate: 2026-02-18 authors: - avatar: https://avatars.githubusercontent.com/rfranzke - email: rafael.franzke@sap.com + login: rfranzke login: rfranzke name: Rafael Franzke aliases: ["/blog/2026/02/18/simplify-multi-cluster-configuration-with-static-manifest-propagation"] +tags: + - technical-deep-dive + - security + - node-management + - extensions --- - Managing configurations consistently across a fleet of Kubernetes clusters can be a complex task. Operators often need a straightforward way to deploy baseline resources—such as security policies, resource quotas, or RBAC rules—to all or a subset of their clusters without the overhead of building and maintaining a full-blown extension. Gardener now introduces a new feature that directly addresses this need: **Static Manifest Propagation from Seeds to Shoots**. This enhancement provides a declarative, centralized mechanism for distributing Kubernetes manifests to Shoot clusters. diff --git a/website/blog/index.md b/website/blog/index.md index ba0f26475..b6a327d80 100644 --- a/website/blog/index.md +++ b/website/blog/index.md @@ -5,20 +5,8 @@ outline: false aside: false --- -# Blog - -## Overview - -Here you can find a variety of articles related to Gardener and keep up to date with the latest community calls, features, and highlights! - -## How to Contribute - -If you'd like to create a new blog post, simply follow the steps outlined in the [Documentation Contribution Guide](../documentation/contribute/documentation/_index.md) and add the topic to the [corresponding folder](https://github.com/gardener/documentation/tree/master/website/blog). - -## Posts - diff --git a/website/documentation/contribute/documentation/blog-tags.md b/website/documentation/contribute/documentation/blog-tags.md new file mode 100644 index 000000000..a7532ff31 --- /dev/null +++ b/website/documentation/contribute/documentation/blog-tags.md @@ -0,0 +1,59 @@ +--- +title: Blog Tags Reference +--- + +## Overview + +This page documents the supported blog tags. + +## Tag Format + +Use lowercase kebab-case (`tag-name`) for all tags. + +## Content Type Tags + +- `feature-announcement`: Announces new functionality or notable enhancements. +- `release-notes`: Release-focused updates tied to one or more versions. +- `technical-deep-dive`: Detailed technical analysis and architecture content. +- `case-study`: Practical implementation reports and production stories. +- `community-event`: Community meeting, conference or Hackathon updates. +- `tutorial`: Step-by-step usage guidance. +- `milestone`: Project anniversary or major achievement summaries. + +## Technical Domain Tags + +- `cost-optimization`: Cost efficiency and resource optimization. +- `security`: Authentication, authorization, credential management, and hardening. +- `networking`: DNS, CIDR, connectivity, CNI, and load balancing behavior. +- `high-availability`: Resilience, zone tolerance, and outage handling. +- `observability`: Logging, metrics, telemetry, and monitoring stack topics. +- `storage`: Backups, volumes, persistence, and data durability. +- `autoscaling`: Scaling-related workload or cluster behavior. +- `node-management`: Worker lifecycle, rollouts, and node operations. + +## Component and Technology Tags + +- `dashboard`: Gardener Dashboard features and workflows. +- `gardenctl`: `gardenctl` functionality and usage. +- `etcd`: etcd operations, internals, and backup topics. +- `helm`: Helm or OCI-registry-related workflows. +- `cluster-api`: Cluster API ecosystem and integration topics. +- `extensions`: Gardener extension development and behavior. + +## Cloud Provider Tags + +Use the `provider-` format. + +- `provider-aws` +- `provider-azure` +- `provider-gcp` +- `provider-openstack` +- `provider-metal-stack` + +## Project Relation Tags + +- `apeiro`: Content related to Apeiro concepts or Neonephos. +- `capi`: Cluster API abbreviation. +- `gapi`: Gardener-related Cluster API ecosystem shorthand. +- `capga`: Cluster API Provider Gardener shorthand. +- `kcp`: Kubernetes Control Plane references used in CAPG/GAPI context. diff --git a/website/documentation/contribute/documentation/style-guide/_index.md b/website/documentation/contribute/documentation/style-guide/_index.md index f63a74e0e..fab085f5f 100644 --- a/website/documentation/contribute/documentation/style-guide/_index.md +++ b/website/documentation/contribute/documentation/style-guide/_index.md @@ -10,6 +10,7 @@ These are guidelines, not rules. Use your best judgment, and feel free to propos - [Structure and File Names](#structure-and-file-names) - [Topic Structure](#topic-structure) - [Front Matter](#front-matter) + - [Blogs](#blogs) - [Alerts](#alerts) - [Images](#images) - [General Tips](#general-tips) @@ -31,7 +32,7 @@ The following table summarizes the types of documentation and their mapping to t | Reference | Provide a reference, for example, list all command line options of `gardenctl` and what they are used for. | [Overview of kubectl](https://kubernetes.io/docs/reference/kubectl/overview/) | [Relevant headings](reference_template.md) | Reference | | Task | A step-by-step description that allows users to complete a specific task. | [Upgrading kubeadm clusters](https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/) | [Overview, Prerequisites, Steps, Result](task_template.md) | Complex Task | | Trail | Collection of all other content types to cover a big topic. | [Custom Networking](https://docs.oracle.com/javase/tutorial/networking/TOC.html) | None | Maps | -| Tutorial | A combination of many tasks that allows users to complete an example task with the goal to learn the details of a given feature.| [Deploying Cassandra with a StatefulSet](https://kubernetes.io/docs/tutorials/stateful-application/cassandra/) | Overview, Prerequisites, Tasks, Result | Tutorial | +| Tutorial | A combination of many tasks that allows users to complete an example task with the goal to learn the details of a given feature. | [Deploying Cassandra with a StatefulSet](https://kubernetes.io/docs/tutorials/stateful-application/cassandra/) | Overview, Prerequisites, Tasks, Result | Tutorial | See the [Contributors Guide](../../_index.md) for more details on how to produce and contribute documentation. @@ -94,6 +95,24 @@ While this section will be automatically generated if your topic has a title hea By using a metadata section you can also skip adding a title header or overwrite it in the navigation section. +#### Blogs + +If you are writing a blog, please add this additional metadata so that it can be shown as intended: +```yaml +title: Blog Title +newsSubtitle: October 01, 2025 +authors: +- avatar: + login: + name: +tags: + - + - + - ... +``` + +For more information on the currently used tags, see [Blog Tags Reference](../blog-tags.md). + ### Alerts If you want to add a note, tip or a warning to your topic, use the templates provides in the [Shortcodes](../shortcodes.md#alert) documentation. diff --git a/website/documentation/guides/administer-shoots/gpu.md b/website/documentation/guides/administer-shoots/gpu.md index ad5710fb6..b34261600 100644 --- a/website/documentation/guides/administer-shoots/gpu.md +++ b/website/documentation/guides/administer-shoots/gpu.md @@ -9,7 +9,7 @@ level: intermediate category: Setup scope: app-developer authors: -- email: vedran.lerenc@sap.com +- login: vlerenc --- > [!NOTE] diff --git a/website/documentation/resources/videos/livecheck-readiness.md b/website/documentation/resources/videos/livecheck-readiness.md index a6b1021fb..f69abfcb7 100644 --- a/website/documentation/resources/videos/livecheck-readiness.md +++ b/website/documentation/resources/videos/livecheck-readiness.md @@ -5,4 +5,4 @@ video_id: mxEvAPQRwhw weight: 50 --- -{{< youtube id="mxEvAPQRwhw" title="Readiness != Liveness" >}} \ No newline at end of file +{{< youtube id="mxEvAPQRwhw" title="Readiness != Liveness" >}}