Bret's Cloud Native DevOps #7


Matt Williams joins my show as co-host. Robusta's on the podcast, talking about better K8s alerts. Docker's new Scout features are next-level CVE reporting for container images. What is ChatGPT really doing?

What's new this week

🔴 Live show: Cloud Native DevOps Q&A with a new co-host!

Thursday Mar 2, 10am Pacific, 1800 UTC

This week's show is dedicated to containers and cloud native DevOps questions.

Matt Williams will be joining me as a co-host. We've decided to join forces for some of my Live shows to liven up the banter and offer additional perspective. Matt is the Evangelist at Infra (a cool RBAC and remote access tool. Check out the Infra episode from last year). He's also an Emcee for DevOps Days Seattle and a former organizer of DevOps Days Boston and Serverless Days Boston. He was also the first Evangelist at Datadog. He has been using containers on Docker and Kubernetes since the projects started. Matt joins us from Bainbridge Island near Seattle. 👋👋👋

🚀 Podcast

Ep 125: Better K8s Prometheus Alerts with Robusta

We are releasing a podcast this week. In this episode, we're talking about improving your Kubernetes alerting on Prometheus with the co-founder of Robusta, Natan Yellin.

To start, this conversation assumes you're using Kubernetes and you're monitoring it with Prometheus. The Prometheus project comes with AlertManager and as Natan explains, AlertManager and Kubernetes have a very specific way of describing events in your clusters. And they aren't always helpful in diagnosing the cause of the event. Robusta acts as a proxy between AlertManager and your chosen notification platform.

Overall, I think Robusta is a great example of a small tool solving a specific problem that a lot of us have in a novel way with an easy to use CLI and configuration. You can fit it into any Kubernetes cluster where you're using Prometheus today.

🫰Next big thing

I know I keep mentioning my next course, but it's my everyday focus right now, so here we go.

Live Course: Automate K8s deploys with GitHub and Argo CD

March 20-31: 90-minute Zoom classes on M-W-F, for 2 weeks

I've been working on some great DevOps-focused GitHub Actions that we'll go through in the course, including better ways to see what's happening to your container images in PRs.

Have you seen Docker's new thing? It's all about continuous CVE reporting and remediation, and it's called Scout.

It has features in Desktop and Hub, and it's great. Docker Captain James Spurin made a video on it this week.

But what if we could also get that CVE status in our PRs with GitHub Actions? It could scan for CVEs, and tell you not just your vulnerability count but also the difference between the PR and where you're trying to merge to.  That's huge to me. Many of us just want to know this when we're requesting a code or infrastructure change:

Does this PR make us less secure or more secure?

This Docker Scout GitHub Action likely won't be released by the time my course starts, but I think it's where a lot of our PR-based workflows are heading. Right now, scanners like Trivy don't give us this easy-to-read information in PRs, and we have to dig into logs to see what failed a scan.

A concept of what a better CVE scanning GitHub Action could do

🐦 Tweet of the week

If you work in tech, people have probably talked to you about ChatGPT. I found this post very helpful in understanding the basic internals of it, so you can sound smart at parties!

👀 In case you missed it

(headlines from last week's newsletter that you can skip if you already read it)

🔴 Learning Docker and Kubernetes: Live Q&A (Ep 204), Feb 23, 2023

Nuno do Carmo from Rancher joined me again and we'll go into all the details of containers on Windows 11. Have you seen Nuno on my live stream before? I always learn something new about WSL and Docker on Windows from him. Nuno's a Docker Captain, CIVO Ambassador, Microsoft MVP, and a big fan of Windows and cloud native.

Where I'm hanging out in social

I'm no longer posting to my Facebook page. I won't miss it. I'm still on Twitter (for now) and I'm also set up on Mastodon at You're likely already in our Discord server, and lately, I spend way more time there as we discuss all sorts of container and DevOps topics.

Thinking of becoming a paying member?

Have you thought about my Membership Subscriptions? Your membership supports all my free content and also get benefits on

★Join my community elsewhere★

New upcoming✴livecourse on CI automation and gitops deployments
Best coupons for my Docker and Kubernetes courses
Chat with me and fellow students on our Discord Server DevOps Fans
Grab some merch at the Loot Box

Glad you're here, and I'll see ya next week 👋