Posts in 2022

  • Securing Admission Controllers

    Wednesday, January 19, 2022 in Blog

    Author: Rory McCune (Aqua Security) Admission control is a key part of Kubernetes security, alongside authentication and authorization. Webhook admission controllers are extensively used to help improve the security of Kubernetes clusters in a …

    Read more

  • Meet Our Contributors - APAC (India region)

    Monday, January 10, 2022 in Blog

    Authors & Interviewers: Anubhav Vardhan, Atharva Shinde, Avinesh Tripathi, Debabrata Panigrahi, Kunal Verma, Pranshu Srivastava, Pritish Samal, Purneswar Prasad, Vedant Kakde Editor: Priyanka Saggu Good day, everyone 👋 Welcome to the first …

    Read more

  • Kubernetes is Moving on From Dockershim: Commitments and Next Steps

    Friday, January 07, 2022 in Blog

    Authors: Sergey Kanzhelev (Google), Jim Angel (Google), Davanum Srinivas (VMware), Shannon Kularathna (Google), Chris Short (AWS), Dawn Chen (Google) Kubernetes is removing dockershim in the upcoming v1.24 release. We're excited to reaffirm our …

    Read more

Posts in 2021

  • Kubernetes-in-Kubernetes and the WEDOS PXE bootable server farm

    Wednesday, December 22, 2021 in Blog

    Author: Andrei Kvapil (WEDOS) When you own two data centers, thousands of physical servers, virtual machines and hosting for hundreds of thousands sites, Kubernetes can actually simplify the management of all these things. As practice has shown, by …

    Read more

  • Using Admission Controllers to Detect Container Drift at Runtime

    Tuesday, December 21, 2021 in Blog

    Author: Saifuding Diliyaer (Box) Illustration by Munire Aireti At Box, we use Kubernetes (K8s) to manage hundreds of micro-services that enable Box to stream data at a petabyte scale. When it comes to the deployment process, we run kube-applier as …

    Read more

  • What's new in Security Profiles Operator v0.4.0

    Friday, December 17, 2021 in Blog

    Authors: Jakub Hrozek, Juan Antonio Osorio, Paulo Gomes, Sascha Grunert The Security Profiles Operator (SPO) is an out-of-tree Kubernetes enhancement to make the management of seccomp, SELinux and AppArmor profiles easier and more convenient. We're …

    Read more

  • Kubernetes 1.23: StatefulSet PVC Auto-Deletion (alpha)

    Thursday, December 16, 2021 in Blog

    Author: Matthew Cary (Google) Kubernetes v1.23 introduced a new, alpha-level policy for StatefulSets that controls the lifetime of PersistentVolumeClaims (PVCs) generated from the StatefulSet spec template for cases when they should be deleted …

    Read more

  • Kubernetes 1.23: Prevent PersistentVolume leaks when deleting out of order

    Wednesday, December 15, 2021 in Blog

    Author: Deepak Kinni (VMware) PersistentVolume (or PVs for short) are associated with Reclaim Policy. The Reclaim Policy is used to determine the actions that need to be taken by the storage backend on deletion of the PV. Where the reclaim policy is …

    Read more

  • Kubernetes 1.23: Kubernetes In-Tree to CSI Volume Migration Status Update

    Friday, December 10, 2021 in Blog

    Author: Jiawei Wang (Google) The Kubernetes in-tree storage plugin to Container Storage Interface (CSI) migration infrastructure has already been beta since v1.17. CSI migration was introduced as alpha in Kubernetes v1.14. Since then, SIG Storage and …

    Read more

  • Kubernetes 1.23: Pod Security Graduates to Beta

    Thursday, December 09, 2021 in Blog

    Authors: Jim Angel (Google), Lachlan Evenson (Microsoft) With the release of Kubernetes v1.23, Pod Security admission has now entered beta. Pod Security is a built-in admission controller that evaluates pod specifications against a predefined set of …

    Read more