YOU ARE AT:DevicesContainer security enhanced with Kubernetes 1.8

Container security enhanced with Kubernetes 1.8

Kubernetes 1.8 focuses on boosting existing features

Version 1.8 of the open source Kubernetes container orchestration and management platform was recently released with an emphasis on updating existing features. Marking the third update this year, the new platform takes aim at enhancing security, workload support and extensibility improvements.

Kubernetes is the most popular container orchestration and management platform on the market today. With Kubernetes, developers can deploy container clusters with enhanced cloud native features, and IT professionals can handle an organization’s cloud providers and data centers through a single interface. According to a recent report by RedMonk, an estimated 54% of Fortune 100 companies currently run Kubernetes in one form or another.

“The momentum within the community continues to grow as organizations embrace Kubernetes as the leading platform for container orchestration, and this release continues the Kubernetes community’s commitment to security and extensibility with work on stabilizing existing features, even as new ones are added,” wrote CoreOS Engineer Eric Chiang in a company blogpost.

Kubernetes 1.8 comes with a host of updates and upgrades. Among these is the stable status of role-based access control (RBAC), which provides administrators control access to the Kubernetes API. In addition, RBAC includes beta support for filtering outbound traffic through network policy and inbound traffic through a pod.

Kubernetes 1.8 offers another security feature available in beta called advanced auditing, which provides enhanced auditing of Kubernetes clusters for better security. “This feature introduces formatted audit logs, policies to control what’s audited, and a webhook to send events to external services,” Chiang wrote. “Audit events can now be configured to include entire request payloads, aggregated in a central location.”

Workload APIs have been promoted to beta in the latest release as well, enabling the abstraction needed to manage applications launched on Kubernetes, according to the blog post. This includes the latest versions of Deployment, DaemonSet, ReplicaSet and StatefulSet. Workload APIs can be used to transfer workloads to Kubernetes and develop cloud native applications.

Finally, Custom Resource Definitions (CRDs), an new API object intended to replace the existing Third Party Resource (TPR) extension mechanism, has added schema validation in alpha. The company said this will make it easier for developers to transfer their work to Kubernetes without having to rewrite the underlying code.

ABOUT AUTHOR

Nathan Cranford
Nathan Cranford
Nathan Cranford joined RCR Wireless News as a Technology Writer in 2017. Prior to his current position, he served as a content producer for GateHouse Media, and as a freelance science and tech reporter. His work has been published by a myriad of news outlets, including COEUS Magazine, dailyRx News, The Oklahoma Daily, Texas Writers Journal and VETTA Magazine. Nathan earned a bachelor’s from the University of Oklahoma in 2013. He lives in Austin, Texas.