Posts in 2021
-
Non-root Containers And Devices
Tuesday, November 09, 2021 in Blog
Author: Mikko Ylinen (Intel) The user/group ID related security settings in Pod's securityContext trigger a problem when users want to deploy containers that use accelerator devices (via Kubernetes Device Plugins) on Linux. In this blog post I talk …
-
Announcing the 2021 Steering Committee Election Results
Monday, November 08, 2021 in Blog
Author: Kaslin Fields The 2021 Steering Committee Election is now complete. The Kubernetes Steering Committee consists of 7 seats, 4 of which were up for election in 2021. Incoming committee members serve a term of 2 years, and all members are …
-
Use KPNG to Write Specialized kube-proxiers
Monday, October 18, 2021 in Blog
Author: Lars Ekman (Ericsson) The post will show you how to create a specialized service kube-proxy style network proxier using Kubernetes Proxy NG kpng without interfering with the existing kube-proxy. The kpng project aims at renewing the the …
-
Introducing ClusterClass and Managed Topologies in Cluster API
Friday, October 08, 2021 in Blog
Author: Fabrizio Pandini (VMware) The Cluster API community is happy to announce the implementation of ClusterClass and Managed Topologies, a new feature that will greatly simplify how you can provision, upgrade, and operate multiple Kubernetes …
-
A Closer Look at NSA/CISA Kubernetes Hardening Guidance
Tuesday, October 05, 2021 in Blog
Authors: Jim Angel (Google), Pushkar Joglekar (VMware), and Savitha Raghunathan (Red Hat) Disclaimer The open source tools listed in this article are to serve as examples only and are in no way a direct recommendation from the Kubernetes community or …
-
How to Handle Data Duplication in Data-Heavy Kubernetes Environments
Wednesday, September 29, 2021 in Blog
Authors: Augustinas Stirbis (CAST AI) Why Duplicate Data? It’s convenient to create a copy of your application with a copy of its state for each team. For example, you might want a separate database copy to test some significant schema changes or …
-
Spotlight on SIG Node
Monday, September 27, 2021 in Blog
Author: Dewan Ahmed, Red Hat Introduction In Kubernetes, a Node is a representation of a single machine in your cluster. SIG Node owns that very important Node component and supports various subprojects such as Kubelet, Container Runtime Interface …
-
Introducing Single Pod Access Mode for PersistentVolumes
Monday, September 13, 2021 in Blog
Author: Chris Henzie (Google) Last month's release of Kubernetes v1.22 introduced a new ReadWriteOncePod access mode for PersistentVolumes and PersistentVolumeClaims. With this alpha feature, Kubernetes allows you to restrict volume access to a …
-
Alpha in Kubernetes v1.22: API Server Tracing
Friday, September 03, 2021 in Blog
Authors: David Ashpole (Google) In distributed systems, it can be hard to figure out where problems are. You grep through one component's logs just to discover that the source of your problem is in another component. You search there only to discover …
-
Kubernetes 1.22: A New Design for Volume Populators
Monday, August 30, 2021 in Blog
Authors: Ben Swartzlander (NetApp) Kubernetes v1.22, released earlier this month, introduced a redesigned approach for volume populators. Originally implemented in v1.18, the API suffered from backwards compatibility issues. Kubernetes v1.22 includes …