Posts in 2017
Kubernetes 1.7: Security Hardening, Stateful Application Updates and Extensibility
By Aparna Sinha (Google), Ihor Dvoretskyi (Mirantis) | Friday, June 30, 2017 in Blog
This article is by Aparna Sinha and Ihor Dvoretskyi, on behalf of the Kubernetes 1.7 release team. Today we’re announcing Kubernetes 1.7, a milestone release that adds security, storage and extensibility features motivated by widespread production …
Draft: Kubernetes container development made easy
By Brendan Burns (Microsoft Azure) | Wednesday, May 31, 2017 in Blog
About a month ago Microsoft announced the acquisition of Deis to expand our expertise in containers and Kubernetes. Today, I’m excited to announce a new open source project derived from this newly expanded Azure team: Draft. While by now the …
Managing microservices with the Istio service mesh
Wednesday, May 31, 2017 in Blog
Today’s post is by the Istio team showing how you can get visibility, resiliency, security and control for your microservices in Kubernetes. Services are at the core of modern software architecture. Deploying a series of modular, small …
Kubespray Ansible Playbooks foster Collaborative Kubernetes Ops
By Rob Hirschfeld (RackN) | Friday, May 19, 2017 in Blog
Why Kubespray? Making Kubernetes operationally strong is a widely held priority and I track many deployment efforts around the project. The incubated Kubespray project is of particular interest for me because it uses the popular Ansible toolset to …
Kubernetes: a monitoring guide
By Jean-Mathieu Saponaro (Datadog) | Friday, May 19, 2017 in Blog
Container technologies are taking the infrastructure world by storm. While containers solve or simplify infrastructure management processes, they also introduce significant complexity in terms of orchestration. That’s where Kubernetes comes to our …
Dancing at the Lip of a Volcano: The Kubernetes Security Process - Explained
By Brandon Philips (CoreOS), Jess Frazelle (Google) | Thursday, May 18, 2017 in Blog
Software running on servers underpins ever growing amounts of the world's commerce, communications, and physical infrastructure. And nearly all of these systems are connected to the internet; which means vital security updates must be applied …
How Bitmovin is Doing Multi-Stage Canary Deployments with Kubernetes in the Cloud and On-Prem
By Daniel Hoelbling-Inzko (Bitmovin) | Friday, April 21, 2017 in Blog
Running a large scale video encoding infrastructure on multiple public clouds is tough. At Bitmovin, we have been doing it successfully for the last few years, but from an engineering perspective, it’s neither been enjoyable nor particularly fun. So …
RBAC Support in Kubernetes
By Jacob Simpson (Google), Greg Castle (Google), CJ Cullen (Google) | Thursday, April 06, 2017 in Blog
Editor’s note: this post is part of a series of in-depth articles on what's new in Kubernetes 1.6 One of the highlights of the Kubernetes 1.6 release is the RBAC authorizer feature moving to beta. RBAC, Role-based access control, is an authorization …
Configuring Private DNS Zones and Upstream Nameservers in Kubernetes
By Bowei Du (Google), Matthew DeLio (Google) | Tuesday, April 04, 2017 in Blog
Editor’s note: this post is part of a series of in-depth articles on what's new in Kubernetes 1.6 Many users have existing domain name zones that they would like to integrate into their Kubernetes DNS namespace. For example, hybrid-cloud users may …
Advanced Scheduling in Kubernetes
By Ian Lewis (Google), David Oppenheimer (Google) | Friday, March 31, 2017 in Blog
Editor’s note: this post is part of a series of in-depth articles on what's new in Kubernetes 1.6 The Kubernetes scheduler’s default behavior works well for most cases -- for example, it ensures that pods are only placed on nodes that have sufficient …