Kubernetes Blog

Use KPNG to Write Specialized kube-proxiers

By Lars Ekman (Ericsson) | Monday, October 18, 2021 in Blog

The post will show you how to create a specialized service kube-proxy style network proxier using Kubernetes Proxy NG kpng without interfering with the existing kube-proxy. The kpng project aims at renewing the the default Kubernetes Service …

Introducing ClusterClass and Managed Topologies in Cluster API

By Fabrizio Pandini (VMware) | Friday, October 08, 2021 in Blog

The Cluster API community is happy to announce the implementation of ClusterClass and Managed Topologies, a new feature that will greatly simplify how you can provision, upgrade, and operate multiple Kubernetes clusters in a declarative way. A little …

A Closer Look at NSA/CISA Kubernetes Hardening Guidance

By Jim Angel (Google), Pushkar Joglekar (VMware), Savitha Raghunathan (Red Hat) | Tuesday, October 05, 2021 in Blog

Disclaimer The open source tools listed in this article are to serve as examples only and are in no way a direct recommendation from the Kubernetes community or authors. Background USA's National Security Agency (NSA) and the Cybersecurity and …

How to Handle Data Duplication in Data-Heavy Kubernetes Environments

By Augustinas Stirbis (CAST AI) | Wednesday, September 29, 2021 in Blog

Why Duplicate Data? It’s convenient to create a copy of your application with a copy of its state for each team. For example, you might want a separate database copy to test some significant schema changes or develop other disruptive operations like …

Spotlight on SIG Node

By Dewan Ahmed (Red Hat) | Monday, September 27, 2021 in Blog

Introduction In Kubernetes, a Node is a representation of a single machine in your cluster. SIG Node owns that very important Node component and supports various subprojects such as Kubelet, Container Runtime Interface (CRI) and more to support how …

Introducing Single Pod Access Mode for PersistentVolumes

By Chris Henzie (Google) | Monday, September 13, 2021 in Blog

Last month's release of Kubernetes v1.22 introduced a new ReadWriteOncePod access mode for PersistentVolumes and PersistentVolumeClaims. With this alpha feature, Kubernetes allows you to restrict volume access to a single pod in the cluster. What are …

Alpha in Kubernetes v1.22: API Server Tracing

By David Ashpole (Google) | Friday, September 03, 2021 in Blog

In distributed systems, it can be hard to figure out where problems are. You grep through one component's logs just to discover that the source of your problem is in another component. You search there only to discover that you need to enable debug …

Kubernetes 1.22: A New Design for Volume Populators

By Ben Swartzlander (NetApp) | Monday, August 30, 2021 in Blog

Kubernetes v1.22, released earlier this month, introduced a redesigned approach for volume populators. Originally implemented in v1.18, the API suffered from backwards compatibility issues. Kubernetes v1.22 includes a new API field called …

Minimum Ready Seconds for StatefulSets

By Ravi Gudimetla (Red Hat), Maciej Szulik (Red Hat) | Friday, August 27, 2021 in Blog

This blog describes the notion of Availability for StatefulSet workloads, and a new alpha feature in Kubernetes 1.22 which adds minReadySeconds configuration for StatefulSets. What problems does this solve? Prior to Kubernetes 1.22 release, once a …

Enable seccomp for all workloads with a new v1.22 alpha feature

By Sascha Grunert (Red Hat) | Wednesday, August 25, 2021 in Blog

This blog post is about a new Kubernetes feature introduced in v1.22, which adds an additional security layer on top of the existing seccomp support. Seccomp is a security mechanism for Linux processes to filter system calls (syscalls) based on a set …

Posts in 2021