Posts in 2022

  • Forensic container checkpointing in Kubernetes

    Monday, December 05, 2022 in Blog

    Authors: Adrian Reber (Red Hat) Forensic container checkpointing is based on Checkpoint/Restore In Userspace (CRIU) and allows the creation of stateful copies of a running container without the container knowing that it is being checkpointed. The …

    Read more

  • Finding suspicious syscalls with the seccomp notifier

    Friday, December 02, 2022 in Blog

    Authors: Sascha Grunert Debugging software in production is one of the biggest challenges we have to face in our containerized environments. Being able to understand the impact of the available security options, especially when it comes to …

    Read more

  • Boosting Kubernetes container runtime observability with OpenTelemetry

    Thursday, December 01, 2022 in Blog

    Authors: Sascha Grunert When speaking about observability in the cloud native space, then probably everyone will mention OpenTelemetry (OTEL) at some point in the conversation. That's great, because the community needs standards to rely on for …

    Read more

  • registry.k8s.io: faster, cheaper and Generally Available (GA)

    Monday, November 28, 2022 in Blog

    Authors: Adolfo García Veytia (Chainguard), Bob Killen (Google) Starting with Kubernetes 1.25, our container image registry has changed from k8s.gcr.io to registry.k8s.io. This new registry spreads the load across multiple Cloud Providers & …

    Read more

  • Kubernetes Removals, Deprecations, and Major Changes in 1.26

    Friday, November 18, 2022 in Blog

    Author: Frederico Muñoz (SAS) Change is an integral part of the Kubernetes life-cycle: as Kubernetes grows and matures, features may be deprecated, removed, or replaced with improvements for the health of the project. For Kubernetes v1.26 there are …

    Read more

  • Live and let live with Kluctl and Server Side Apply

    Friday, November 04, 2022 in Blog

    Author: Alexander Block This blog post was inspired by a previous Kubernetes blog post about Advanced Server Side Apply. The author of said blog post listed multiple benefits for applications and controllers when switching to server-side apply (from …

    Read more

  • Server Side Apply Is Great And You Should Be Using It

    Thursday, October 20, 2022 in Blog

    Author: Daniel Smith (Google) Server-side apply (SSA) has now been GA for a few releases, and I have found myself in a number of conversations, recommending that people / teams in various situations use it. So I’d like to write down some of those …

    Read more

  • Current State: 2019 Third Party Security Audit of Kubernetes

    Wednesday, October 05, 2022 in Blog

    Authors (in alphabetical order): Cailyn Edwards (Shopify), Pushkar Joglekar (VMware), Rey Lejano (SUSE) and Rory McCune (DataDog) We expect the brand new Third Party Security Audit of Kubernetes will be published later this month (Oct 2022). In …

    Read more

  • Introducing Kueue

    Tuesday, October 04, 2022 in Blog

    Authors: Abdullah Gharaibeh (Google), Aldo Culquicondor (Google) Whether on-premises or in the cloud, clusters face real constraints for resource usage, quota, and cost management reasons. Regardless of the autoscalling capabilities, clusters have …

    Read more

  • Kubernetes 1.25: alpha support for running Pods with user namespaces

    Monday, October 03, 2022 in Blog

    Authors: Rodrigo Campos (Microsoft), Giuseppe Scrivano (Red Hat) Kubernetes v1.25 introduces the support for user namespaces. This is a major improvement for running secure workloads in Kubernetes. Each pod will have access only to a limited subset …

    Read more