Kubernetes policy driven resource optimization with Kyverno
Member post originally published on Nirmata’s blog by Boris Kurktchiev Introduction As organizations increasingly turn to Kubernetes to deploy and manage containerized applications, they face unique challenges in efficiently allocating resources. The dynamic nature of Kubernetes…
Cloud Native Live: Policy-Based Resource Optimization with Kyverno
Kyverno is a cloud native policy engine with many use cases for securing and automating Kubernetes clusters and workloads. In this session, Jim Bugwadia, a Kyverno maintainer and co-founder at Nirmata will introduce Kyverno and then…
Applying the DRY principle to Kyverno policies
Member post originally published on the Nirmata Blog by Jim Bugwadia The Don’t Repeat Yourself (DRY) principle of software development advocates avoiding repetition of code that is likely to change. Replacing similar code with reusable abstractions makes software…
Cloud Native Live: Kyverno’s report server – a new approach to policy report management
Managing policy and governance in busy Kubernetes clusters was difficult due to the high volume of policy reports, cluster policy reports, and ephemeral reports generated by Kyverno. This caused overloading of the API server and etcd,…
CNCF On demand webinar: Zero trust in practice with Istio and Kyverno
As cyber threats continue to grow in number and complexity, it’s becoming increasingly important to adopt security measures that can keep up. One such approach is Zero Trust (NIST SP800-207*), a security model that assumes the…
Cloud Native Live: Cloud Native Policy as code with Kyverno!
Platform engineering teams are chartered with deliver self-service but often struggle with automating complex security concerns. In this session, you will learn how to leverage Kyverno, a cloud native policy as code solution, to build and…
Project post originally published on Kyverno’s blog Kyverno 1.12 released with new alternative report server, Global Context Entry, Kyverno JSON in CLI, performance optimizations, enhanced ValidatingAdmissionPolicy and PolicyException support, and tons more! The Kyverno team is…
Generating Kubernetes ValidatingAdmissionPolicies from Kyverno policies
Project post originally published on Kyverno’s blog by Mariam Fahmy In the previous blog post, we discussed writing Common Expression Language (CEL) expressions in Kyverno policies for resource validation. CEL was first introduced to Kubernetes for the Validation rules…
Cloud Native Live: Kyverno 1.12 and beyond!
The Kyverno project provides tools for cloud native policy and governance. In this session, Kyverno maintainers Shuting and Mariam will discuss new features in the 1.12 release, as well as the roadmap for upcoming releases.
Securing OpenTofu with Nirmata powered by Kyverno
Member post originally published on Nirmata’s blog by Anusha Hegde As Infrastructure as Code (IaC) continues to gain popularity among DevOps practitioners for its efficiency and scalability, the recent Terraform license ambiguity has prompted the emergence…