Posts in 2022
Kubernetes 1.26: Introducing Validating Admission Policies
By Joe Betz (Google), Cici Huang (Google) | Tuesday, December 20, 2022 in Blog
In Kubernetes 1.26, the 1st alpha release of validating admission policies is available! Validating admission policies use the Common Expression Language (CEL) to offer a declarative, in-process alternative to validating admission webhooks. CEL was …
Kubernetes 1.26: Device Manager graduates to GA
By Swati Sehgal (Red Hat) | Monday, December 19, 2022 in Blog
The Device Plugin framework was introduced in the Kubernetes v1.8 release as a vendor independent framework to enable discovery, advertisement and allocation of external devices without modifying core Kubernetes. The feature graduated to Beta in …
Kubernetes 1.26: Non-Graceful Node Shutdown Moves to Beta
By Xing Yang (VMware), Ashutosh Kumar (VMware) | Friday, December 16, 2022 in Blog
Kubernetes v1.24 introduced an alpha quality implementation of improvements for handling a non-graceful node shutdown. In Kubernetes v1.26, this feature moves to beta. This feature allows stateful workloads to failover to a different node after the …
Kubernetes 1.26: Alpha API For Dynamic Resource Allocation
By Patrick Ohly (Intel), Kevin Klues (NVIDIA) | Thursday, December 15, 2022 in Blog
Dynamic resource allocation is a new API for requesting resources. It is a generalization of the persistent volumes API for generic resources, making it possible to: access the same resource instance in different pods and containers, attach arbitrary …
Kubernetes 1.26: Windows HostProcess Containers Are Generally Available
By Brandon Smith (Microsoft), Mark Rossetti (Microsoft) | Tuesday, December 13, 2022 in Blog
The long-awaited day has arrived: HostProcess containers, the Windows equivalent to Linux privileged containers, has finally made it to GA in Kubernetes 1.26! What are HostProcess containers and why are they useful? Cluster operators are often faced …
Kubernetes 1.26: We're now signing our binary release artifacts!
By Sascha Grunert | Monday, December 12, 2022 in Blog
The Kubernetes Special Interest Group (SIG) Release is proud to announce that we are digitally signing all release artifacts, and that this aspect of Kubernetes has now reached beta. Signing artifacts provides end users a chance to verify the …
Kubernetes v1.26: Electrifying
By Kubernetes 1.26 Release Team | Friday, December 09, 2022 in Blog
It's with immense joy that we announce the release of Kubernetes v1.26! This release includes a total of 37 enhancements: eleven of them are graduating to Stable, ten are graduating to Beta, and sixteen of them are entering Alpha. We also have twelve …
Forensic container checkpointing in Kubernetes
By Adrian Reber (Red Hat) | Monday, December 05, 2022 in Blog
Forensic container checkpointing is based on Checkpoint/Restore In Userspace (CRIU) and allows the creation of stateful copies of a running container without the container knowing that it is being checkpointed. The copy of the container can be …
Finding suspicious syscalls with the seccomp notifier
By Sascha Grunert | Friday, December 02, 2022 in Blog
Debugging software in production is one of the biggest challenges we have to face in our containerized environments. Being able to understand the impact of the available security options, especially when it comes to configuring our deployments, is …
Boosting Kubernetes container runtime observability with OpenTelemetry
By Sascha Grunert | Thursday, December 01, 2022 in Blog
When speaking about observability in the cloud native space, then probably everyone will mention OpenTelemetry (OTEL) at some point in the conversation. That's great, because the community needs standards to rely on for developing all cluster …