Posts in 2022
SIG Node CI Subproject Celebrates Two Years of Test Improvements
By Sergey Kanzhelev (Google), Elana Hashman (Red Hat) | Wednesday, February 16, 2022 in Blog
Ensuring the reliability of SIG Node upstream code is a continuous effort that takes a lot of behind-the-scenes effort from many contributors. There are frequent releases of Kubernetes, base operating systems, container runtimes, and test …
Spotlight on SIG Multicluster
By Dewan Ahmed (Aiven), Chris Short (AWS) | Monday, February 07, 2022 in Blog
Introduction SIG Multicluster is the SIG focused on how Kubernetes concepts are expanded and used beyond the cluster boundary. Historically, Kubernetes resources only interacted within that boundary - KRU or Kubernetes Resource Universe (not an …
Securing Admission Controllers
By Rory McCune (Aqua Security) | Wednesday, January 19, 2022 in Blog
Admission control is a key part of Kubernetes security, alongside authentication and authorization. Webhook admission controllers are extensively used to help improve the security of Kubernetes clusters in a variety of ways including restricting the …
Meet Our Contributors - APAC (India region)
Monday, January 10, 2022 in Blog
Authors & Interviewers: Anubhav Vardhan, Atharva Shinde, Avinesh Tripathi, Debabrata Panigrahi, Kunal Verma, Pranshu Srivastava, Pritish Samal, Purneswar Prasad, Vedant Kakde Editor: Priyanka Saggu Good day, everyone 👋 Welcome to the first …
Kubernetes is Moving on From Dockershim: Commitments and Next Steps
By Sergey Kanzhelev (Google), Jim Angel (Google), Davanum Srinivas (VMware), Shannon Kularathna (Google), Chris Short (AWS), Dawn Chen (Google) | Friday, January 07, 2022 in Blog
Kubernetes is removing dockershim in the upcoming v1.24 release. We're excited to reaffirm our community values by supporting open source container runtimes, enabling a smaller kubelet, and increasing engineering velocity for teams using Kubernetes. …
Posts in 2021
Kubernetes-in-Kubernetes and the WEDOS PXE bootable server farm
By Andrei Kvapil (WEDOS) | Wednesday, December 22, 2021 in Blog
When you own two data centers, thousands of physical servers, virtual machines and hosting for hundreds of thousands sites, Kubernetes can actually simplify the management of all these things. As practice has shown, by using Kubernetes, you can …
Using Admission Controllers to Detect Container Drift at Runtime
By Saifuding Diliyaer (Box) | Tuesday, December 21, 2021 in Blog
Illustration by Munire Aireti At Box, we use Kubernetes (K8s) to manage hundreds of micro-services that enable Box to stream data at a petabyte scale. When it comes to the deployment process, we run kube-applier as part of the GitOps workflows with …
What's new in Security Profiles Operator v0.4.0
By Jakub Hrozek, Juan Antonio Osorio, Paulo Gomes, Sascha Grunert | Friday, December 17, 2021 in Blog
The Security Profiles Operator (SPO) is an out-of-tree Kubernetes enhancement to make the management of seccomp, SELinux and AppArmor profiles easier and more convenient. We're happy to announce that we recently released v0.4.0 of the operator, which …
Kubernetes 1.23: StatefulSet PVC Auto-Deletion (alpha)
By Matthew Cary (Google) | Thursday, December 16, 2021 in Blog
Kubernetes v1.23 introduced a new, alpha-level policy for StatefulSets that controls the lifetime of PersistentVolumeClaims (PVCs) generated from the StatefulSet spec template for cases when they should be deleted automatically when the StatefulSet …
Kubernetes 1.23: Prevent PersistentVolume leaks when deleting out of order
By Deepak Kinni (VMware) | Wednesday, December 15, 2021 in Blog
PersistentVolume (or PVs for short) are associated with Reclaim Policy. The Reclaim Policy is used to determine the actions that need to be taken by the storage backend on deletion of the PV. Where the reclaim policy is Delete, the expectation is …