Kubernetes governance & the top 5 best practices of K8s deployment
Member post originally published on the Fairwinds blog by Joe Pelletier The widespread adoption of containerized applications has fundamentally changed how organizations develop, deploy, and manage their software infrastructure. Kubernetes is fundamental to this change, because it makes…
Guest post originally published on Weaveworks’ blog Overview Developed by Weaveworks in 2016, Flux CD is a GitOps continuous delivery tool used to streamline and automate application deployments. It started as a small, internal project; now it’s a CNCF-graduated project with a…
Introducing the Wasm landscape (in English and Chinese)
By Chris Aniszczyk, Vivian Hu and Michael Yuan “Containers are the new normal, and WebAssembly is the future.” — CNCF Annual Survey 2022 key findings. Originally created as a secure sandbox to run compiled C/C++ code in…
Kubernetes 1.28: revenge of the sidecars?
Member post originally published on the Buoyant blog by William Morgan A guide to Kubernetes sidecars: what they are, why they exist, and what Kubernetes 1.28 changes If you’re using Kubernetes, you’ve probably heard the term sidecar by now. This…
Verifying images in a private Amazon ECR with Kyverno and IAM Roles for Service Accounts (IRSA)
Community post originally published on GitHub by Shuting Zhao, a maintainer of Kyverno When running workloads in Amazon Elastic Kubernetes Service (EKS), it is essential to ensure supply chain security by verifying container image signatures and other metadata….
Notary Project announces a major release!
Project post originally published on the Notary Project blog by the Notary Project Release Team The Notary Project maintainers are proud to announce a major release, including Notary Project specifications v1.0.0, notation v1.0.0, notation-go v1.0.0, and notation-core-go v1.0.0 which are ready for production…
Beginner’s guide to Kuma service mesh
Guest post originally published on the InfraCloud blog by Sonali Srivastava The concept of service mesh emerged as a response to the growing popularity of cloud native environments, microservices architecture, and Kubernetes. It has its roots in the three-tiered…
Top Kubernetes security tools in 2023
Member post originally published on the ARMO blog by Ben Hirschberg Kubernetes security is a critical part of the app lifecycle, through the build, deployment and runtime stages. Kubernetes runtime environments are dynamic and continuously changing. As clusters are replaced and…
Using Kyverno with Pod Security Admission
Guest post originally published on the Kyverno blog by Kyverno Maintainers Using Pod Security Admission with Kyverno for the best of both worlds. Pod Security Admission (PSA) is the built-in successor to Kubernetes PodSecurityPolicy (PSP) and is enabled by default starting…
Cloud Native Computing Foundation Reaffirms Istio Maturity with Project Graduation
Fast-growing service mesh has added end users, events, features, and maintainers to reach Foundation’s top maturity level SAN FRANCISCO, Calif. – July 12, 2023 – The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native…