Using Kyverno with Pod Security Admission
Guest post originally published on the Kyverno blog by Kyverno Maintainers Using Pod Security Admission with Kyverno for the best of both worlds. Pod Security Admission (PSA) is the built-in successor to Kubernetes PodSecurityPolicy (PSP) and is enabled by default starting…
PodSecurityPolicy migration with Kyverno
Project post originally published on the Kyverno blog As you’ve probably heard, PodSecurityPolicy (PSP) in Kubernetes is no more. After a deprecation beginning in v1.21, they were finally removed in v1.25. Many organizations out there are still relying on PSPs…
Project post originally published on the Kyverno blog Kyverno 1.10 released with featuring separate controllers, external service calls, Notary support, and tons more! The Kyverno team are proud to announce the release of Kyverno 1.10, a minor release…
Kyverno — verify Kubernetes control plane images
Guest post originally published on Medium by Charles-Edouard Brétéché In this story we are going to deploy a local Kubernetes cluster using kind, then we will deploy Kyverno and use it to verify Kubernetes control plane images signature. What is Kyverno ? Kyverno is an open-source policy engine for Kubernetes that allows you to…
Announcing the Kyverno 1.10 Pre-Release
Project post also on the Nirmata blog by the Kyverno maintainers Kyverno is a policy engine built for Kubernetes that helps secure and automate Kubernetes configurations. In Kubernetes policies are configurations that govern the configuration and runtime behaviors…
Preserving authorship in a GitOps world with Kyverno
Community post originally posted on Neon Mirrors by Chip Zoller It seems just about everyone is doing GitOps in Kubernetes these days. With so many available tools and the maturity of them, it’s hard to avoid it. But…
My first experience with Kyverno: 🤯🤩
Community post originally published on Medium by Mathieu Benoit I wanted (needed?) to give Kyverno a try, to learn more about it. Here we are! When I was attending KubeCon NA 2022, I noticed the maturity and importance of Kyverno. Concrete…
Temporary policy exceptions in Kubernetes with Kyverno
Guest post originally published on the Nirmata blog by Chip Zoller One of the great new features in the recently-released Kyverno 1.9 is something we introduced called Policy Exceptions which decouples the policy itself from the workloads to which it applies. But…
Cross-post from the Kyverno blog Following on the heels of the 1.7 release of Kyverno, the Kyverno team is proud to present version 1.8 which is another huge leap forward not just in terms of features and functionality…
Managing Kyverno policies as OCI Artifacts with OCIRepository sources
Project post originally published on the Flux blog The Flux team has released a new version of Flux v0.32 that includes fantastic features. One of them is OCI Repositories feature that allows us to store and distribute a wide variety of sources…