Posts in 2023
- 
				dl.k8s.io to adopt a Content Delivery NetworkBy Arnaud Meukam (VMware), Hannah Aubry (Fastly), Frederico Muñoz (SAS Institute) | Friday, June 09, 2023 in Blog We're happy to announce that dl.k8s.io, home of the official Kubernetes binaries, will soon be powered by Fastly. Fastly is known for its high-performance content delivery network (CDN) designed to deliver content quickly and reliably around the … 
- 
				Using OCI artifacts to distribute security profiles for seccomp, SELinux and AppArmorBy Sascha Grunert | Wednesday, May 24, 2023 in Blog The Security Profiles Operator (SPO) makes managing seccomp, SELinux and AppArmor profiles within Kubernetes easier than ever. It allows cluster administrators to define the profiles in a predefined custom resource YAML, which then gets distributed … 
- 
				Having fun with seccomp profiles on the edgeBy Sascha Grunert | Thursday, May 18, 2023 in Blog The Security Profiles Operator (SPO) is a feature-rich operator for Kubernetes to make managing seccomp, SELinux and AppArmor profiles easier than ever. Recording those profiles from scratch is one of the key features of this operator, which usually … 
- 
				Kubernetes 1.27: KMS V2 Moves to BetaBy Anish Ramasekar, Mo Khan, Rita Zhang (Microsoft) | Tuesday, May 16, 2023 in Blog With Kubernetes 1.27, we (SIG Auth) are moving Key Management Service (KMS) v2 API to beta. What is KMS? One of the first things to consider when securing a Kubernetes cluster is encrypting etcd data at rest. KMS provides an interface for a provider … 
- 
				Kubernetes 1.27: updates on speeding up Pod startupBy Paco Xu (DaoCloud), Sergey Kanzhelev (Google), Ruiwen Zhao (Google) | Monday, May 15, 2023 in Blog How can Pod start-up be accelerated on nodes in large clusters? This is a common issue that cluster administrators may face. This blog post focuses on methods to speed up pod start-up from the kubelet side. It does not involve the creation time of … 
- 
				Kubernetes 1.27: In-place Resource Resize for Kubernetes Pods (alpha)By Vinay Kulkarni (Kubescaler Labs) | Friday, May 12, 2023 in Blog If you have deployed Kubernetes pods with CPU and/or memory resources specified, you may have noticed that changing the resource values involves restarting the pod. This has been a disruptive operation for running workloads... until now. In … 
- 
				Kubernetes 1.27: Avoid Collisions Assigning Ports to NodePort ServicesBy Xu Zhenglun (Alibaba) | Thursday, May 11, 2023 in Blog In Kubernetes, a Service can be used to provide a unified traffic endpoint for applications running on a set of Pods. Clients can use the virtual IP address (or VIP) provided by the Service for access, and Kubernetes provides load balancing for … 
- 
				Kubernetes 1.27: Safer, More Performant Pruning in kubectl applyBy Katrina Verey (independent), Justin Santa Barbara (Google) | Tuesday, May 09, 2023 in Blog Declarative configuration management with the kubectl apply command is the gold standard approach to creating or modifying Kubernetes resources. However, one challenge it presents is the deletion of resources that are no longer needed. In Kubernetes … 
- 
				Kubernetes 1.27: Introducing An API For Volume Group SnapshotsBy Xing Yang (VMware) | Monday, May 08, 2023 in Blog Volume group snapshot is introduced as an Alpha feature in Kubernetes v1.27. This feature introduces a Kubernetes API that allows users to take crash consistent snapshots for multiple volumes together. It uses a label selector to group multiple … 
- 
				Kubernetes 1.27: Quality-of-Service for Memory Resources (alpha)By Dixita Narang (Google) | Friday, May 05, 2023 in Blog Kubernetes v1.27, released in April 2023, introduced changes to Memory QoS (alpha) to improve memory management capabilites in Linux nodes. Support for Memory QoS was initially added in Kubernetes v1.22, and later some limitations around the formula …