Bewertung: 5 / 5

Stern aktivStern aktivStern aktivStern aktivStern aktiv
Image of an example of offender gaining foothold in a serviceAuthor: David Hadas (IBM Research Labs) This post warns Devops from a false sense of security.Following security best practices when developing and configuring microservices do not result in non-vulnerable microservices.The post shows that although all deployed microservices are vulnerable, there is much that can be done to ensure microservices are not exploited.It explains how analyzing the behavior of clients and services from a security standpoint, named here "Security-Behavior Analysis", can protect the deployed vulnerable microservices.It points to Guard, an open source

Just published by Kubernetes: Read more

Bewertung: 5 / 5

Stern aktivStern aktivStern aktivStern aktivStern aktiv
Author: Sunny Bhambhani (InfraCloud Technologies) Kubernetes has been widely adopted, and many organizations use it as their de-facto orchestration engine for running workloads that need to be created and deleted frequently. Therefore, proper scheduling of the pods is key to ensuring that application pods are up and running within the Kubernetes cluster without any issues.This article delves into the use cases around resource management by leveraging the PriorityClass object to protect mission-critical or high-priority pods from getting evicted and making sure that the application

Just published by Kubernetes: Read more

Bewertung: 5 / 5

Stern aktivStern aktivStern aktivStern aktivStern aktiv
Authors: Filip Křepinský (Red Hat), Morten Torkildsen (Google), Ravi Gudimetla (Apple) Ensuring the disruptions to your applications do not affect its availability isn't a simple task.Last month's release of Kubernetes v1.26 lets you specify an unhealthy pod eviction policy for PodDisruptionBudgets (PDBs) to help you maintain that availability during node management operations.In this article, we will dive deeper into what modifications were introduced for PDBs to give application owners greater flexibility in managing disruptions.

What problems does this solve?

API-initiated eviction of pods respects PodDisruptionBudgets

Just published by Kubernetes: Read more

Bewertung: 5 / 5

Stern aktivStern aktivStern aktivStern aktivStern aktiv
Author: Roman Bednář (Red Hat) The v1.25 release of Kubernetes introduced an alpha feature to change how a default StorageClass was assigned to a PersistentVolumeClaim (PVC).With the feature enabled, you no longer need to create a default StorageClass first and PVC second to assign the class.Additionally, any PVCs without a StorageClass assigned can be updated later.This feature was graduated to beta in Kubernetes 1.26. You can read retroactive default StorageClass assignment in the Kubernetes documentation for more details about how to use that, or you

Just published by Kubernetes: Read more

Bewertung: 5 / 5

Stern aktivStern aktivStern aktivStern aktivStern aktiv
Author: Takafumi Takahashi (Hitachi Vantara) Kubernetes v1.26, released last month, introduced an alpha feature that lets you specify a data source for a PersistentVolumeClaim, even where the source data belong to a different namespace.With the new feature enabled, you specify a namespace in the dataSourceRef field of a new PersistentVolumeClaim.Once Kubernetes checks that access is OK, the new PersistentVolume can populate its data from the storage source specified in that other namespace.Before Kubernetes v1.26, provided your cluster had the AnyVolumeDataSource feature enabled, you could already provision new volumes from

Just published by Kubernetes: Read more