Kubernetes Blog

Quality-of-Service for Memory Resources

By Tim Xu (Tencent Cloud) | Friday, November 26, 2021 in Blog

Kubernetes v1.22, released in August 2021, introduced a new alpha feature that improves how Linux nodes implement memory resource requests and limits. In prior releases, Kubernetes did not support memory quality guarantees. For example, if you set …

Dockershim removal is coming. Are you ready?

By Sergey Kanzhelev (Google) | Friday, November 12, 2021 in Blog

Reviewers: Davanum Srinivas, Elana Hashman, Noah Kantrowitz, Rey Lejano. Poll closed This poll closed on January 7, 2022. Last year we announced that Kubernetes' dockershim component (which provides a built-in integration for Docker Engine) is …

Non-root Containers And Devices

By Mikko Ylinen (Intel) | Tuesday, November 09, 2021 in Blog

The user/group ID related security settings in Pod's securityContext trigger a problem when users want to deploy containers that use accelerator devices (via Kubernetes Device Plugins) on Linux. In this blog post I talk about the problem and describe …

Announcing the 2021 Steering Committee Election Results

By Kaslin Fields | Monday, November 08, 2021 in Blog

The 2021 Steering Committee Election is now complete. The Kubernetes Steering Committee consists of 7 seats, 4 of which were up for election in 2021. Incoming committee members serve a term of 2 years, and all members are elected by the Kubernetes …

Use KPNG to Write Specialized kube-proxiers

By Lars Ekman (Ericsson) | Monday, October 18, 2021 in Blog

The post will show you how to create a specialized service kube-proxy style network proxier using Kubernetes Proxy NG kpng without interfering with the existing kube-proxy. The kpng project aims at renewing the the default Kubernetes Service …

Introducing ClusterClass and Managed Topologies in Cluster API

By Fabrizio Pandini (VMware) | Friday, October 08, 2021 in Blog

The Cluster API community is happy to announce the implementation of ClusterClass and Managed Topologies, a new feature that will greatly simplify how you can provision, upgrade, and operate multiple Kubernetes clusters in a declarative way. A little …

A Closer Look at NSA/CISA Kubernetes Hardening Guidance

By Jim Angel (Google), Pushkar Joglekar (VMware), Savitha Raghunathan (Red Hat) | Tuesday, October 05, 2021 in Blog

Disclaimer The open source tools listed in this article are to serve as examples only and are in no way a direct recommendation from the Kubernetes community or authors. Background USA's National Security Agency (NSA) and the Cybersecurity and …

How to Handle Data Duplication in Data-Heavy Kubernetes Environments

By Augustinas Stirbis (CAST AI) | Wednesday, September 29, 2021 in Blog

Why Duplicate Data? It’s convenient to create a copy of your application with a copy of its state for each team. For example, you might want a separate database copy to test some significant schema changes or develop other disruptive operations like …

Spotlight on SIG Node

By Dewan Ahmed (Red Hat) | Monday, September 27, 2021 in Blog

Introduction In Kubernetes, a Node is a representation of a single machine in your cluster. SIG Node owns that very important Node component and supports various subprojects such as Kubelet, Container Runtime Interface (CRI) and more to support how …

Introducing Single Pod Access Mode for PersistentVolumes

By Chris Henzie (Google) | Monday, September 13, 2021 in Blog

Last month's release of Kubernetes v1.22 introduced a new ReadWriteOncePod access mode for PersistentVolumes and PersistentVolumeClaims. With this alpha feature, Kubernetes allows you to restrict volume access to a single pod in the cluster. What are …

Posts in 2021