Posts in 2021
Introducing ClusterClass and Managed Topologies in Cluster API
By Fabrizio Pandini (VMware) | Friday, October 08, 2021 in Blog
The Cluster API community is happy to announce the implementation of ClusterClass and Managed Topologies, a new feature that will greatly simplify how you can provision, upgrade, and operate multiple Kubernetes clusters in a declarative way. A little …
A Closer Look at NSA/CISA Kubernetes Hardening Guidance
By Jim Angel (Google), Pushkar Joglekar (VMware), Savitha Raghunathan (Red Hat) | Tuesday, October 05, 2021 in Blog
Disclaimer The open source tools listed in this article are to serve as examples only and are in no way a direct recommendation from the Kubernetes community or authors. Background USA's National Security Agency (NSA) and the Cybersecurity and …
How to Handle Data Duplication in Data-Heavy Kubernetes Environments
By Augustinas Stirbis (CAST AI) | Wednesday, September 29, 2021 in Blog
Why Duplicate Data? It’s convenient to create a copy of your application with a copy of its state for each team. For example, you might want a separate database copy to test some significant schema changes or develop other disruptive operations like …
Spotlight on SIG Node
By Dewan Ahmed (Red Hat) | Monday, September 27, 2021 in Blog
Introduction In Kubernetes, a Node is a representation of a single machine in your cluster. SIG Node owns that very important Node component and supports various subprojects such as Kubelet, Container Runtime Interface (CRI) and more to support how …
Introducing Single Pod Access Mode for PersistentVolumes
By Chris Henzie (Google) | Monday, September 13, 2021 in Blog
Last month's release of Kubernetes v1.22 introduced a new ReadWriteOncePod access mode for PersistentVolumes and PersistentVolumeClaims. With this alpha feature, Kubernetes allows you to restrict volume access to a single pod in the cluster. What are …
Alpha in Kubernetes v1.22: API Server Tracing
By David Ashpole (Google) | Friday, September 03, 2021 in Blog
In distributed systems, it can be hard to figure out where problems are. You grep through one component's logs just to discover that the source of your problem is in another component. You search there only to discover that you need to enable debug …
Kubernetes 1.22: A New Design for Volume Populators
By Ben Swartzlander (NetApp) | Monday, August 30, 2021 in Blog
Kubernetes v1.22, released earlier this month, introduced a redesigned approach for volume populators. Originally implemented in v1.18, the API suffered from backwards compatibility issues. Kubernetes v1.22 includes a new API field called …
Minimum Ready Seconds for StatefulSets
By Ravi Gudimetla (Red Hat), Maciej Szulik (Red Hat) | Friday, August 27, 2021 in Blog
This blog describes the notion of Availability for StatefulSet workloads, and a new alpha feature in Kubernetes 1.22 which adds minReadySeconds configuration for StatefulSets. What problems does this solve? Prior to Kubernetes 1.22 release, once a …
Enable seccomp for all workloads with a new v1.22 alpha feature
By Sascha Grunert (Red Hat) | Wednesday, August 25, 2021 in Blog
This blog post is about a new Kubernetes feature introduced in v1.22, which adds an additional security layer on top of the existing seccomp support. Seccomp is a security mechanism for Linux processes to filter system calls (syscalls) based on a set …
Alpha in v1.22: Windows HostProcess Containers
By Brandon Smith (Microsoft) | Monday, August 16, 2021 in Blog
Kubernetes v1.22 introduced a new alpha feature for clusters that include Windows nodes: HostProcess containers. HostProcess containers aim to extend the Windows container model to enable a wider range of Kubernetes cluster management scenarios. …