Posts in 2021
-
Quality-of-Service for Memory Resources
By Tim Xu (Tencent Cloud) | Friday, November 26, 2021 in Blog
Kubernetes v1.22, released in August 2021, introduced a new alpha feature that improves how Linux nodes implement memory resource requests and limits. In prior releases, Kubernetes did not support memory quality guarantees. For example, if you set …
-
Dockershim removal is coming. Are you ready?
By Sergey Kanzhelev (Google) | Friday, November 12, 2021 in Blog
Reviewers: Davanum Srinivas, Elana Hashman, Noah Kantrowitz, Rey Lejano. Poll closed This poll closed on January 7, 2022. Last year we announced that Kubernetes' dockershim component (which provides a built-in integration for Docker Engine) is …
-
Non-root Containers And Devices
By Mikko Ylinen (Intel) | Tuesday, November 09, 2021 in Blog
The user/group ID related security settings in Pod's securityContext trigger a problem when users want to deploy containers that use accelerator devices (via Kubernetes Device Plugins) on Linux. In this blog post I talk about the problem and describe …
-
Announcing the 2021 Steering Committee Election Results
By Kaslin Fields | Monday, November 08, 2021 in Blog
The 2021 Steering Committee Election is now complete. The Kubernetes Steering Committee consists of 7 seats, 4 of which were up for election in 2021. Incoming committee members serve a term of 2 years, and all members are elected by the Kubernetes …
-
Use KPNG to Write Specialized kube-proxiers
By Lars Ekman (Ericsson) | Monday, October 18, 2021 in Blog
The post will show you how to create a specialized service kube-proxy style network proxier using Kubernetes Proxy NG kpng without interfering with the existing kube-proxy. The kpng project aims at renewing the the default Kubernetes Service …
-
Introducing ClusterClass and Managed Topologies in Cluster API
By Fabrizio Pandini (VMware) | Friday, October 08, 2021 in Blog
The Cluster API community is happy to announce the implementation of ClusterClass and Managed Topologies, a new feature that will greatly simplify how you can provision, upgrade, and operate multiple Kubernetes clusters in a declarative way. A little …
-
A Closer Look at NSA/CISA Kubernetes Hardening Guidance
By Jim Angel (Google), Pushkar Joglekar (VMware), Savitha Raghunathan (Red Hat) | Tuesday, October 05, 2021 in Blog
Disclaimer The open source tools listed in this article are to serve as examples only and are in no way a direct recommendation from the Kubernetes community or authors. Background USA's National Security Agency (NSA) and the Cybersecurity and …
-
How to Handle Data Duplication in Data-Heavy Kubernetes Environments
By Augustinas Stirbis (CAST AI) | Wednesday, September 29, 2021 in Blog
Why Duplicate Data? It’s convenient to create a copy of your application with a copy of its state for each team. For example, you might want a separate database copy to test some significant schema changes or develop other disruptive operations like …
-
Spotlight on SIG Node
By Dewan Ahmed (Red Hat) | Monday, September 27, 2021 in Blog
Introduction In Kubernetes, a Node is a representation of a single machine in your cluster. SIG Node owns that very important Node component and supports various subprojects such as Kubelet, Container Runtime Interface (CRI) and more to support how …
-
Introducing Single Pod Access Mode for PersistentVolumes
By Chris Henzie (Google) | Monday, September 13, 2021 in Blog
Last month's release of Kubernetes v1.22 introduced a new ReadWriteOncePod access mode for PersistentVolumes and PersistentVolumeClaims. With this alpha feature, Kubernetes allows you to restrict volume access to a single pod in the cluster. What are …