Posts in 2023
-
Consider All Microservices Vulnerable — And Monitor Their Behavior
By David Hadas (IBM Research Labs) | Friday, January 20, 2023 in Blog
This post warns Devops from a false sense of security. Following security best practices when developing and configuring microservices do not result in non-vulnerable microservices. The post shows that although all deployed microservices are …
-
Protect Your Mission-Critical Pods From Eviction With PriorityClass
By Sunny Bhambhani (InfraCloud Technologies) | Thursday, January 12, 2023 in Blog
Kubernetes has been widely adopted, and many organizations use it as their de-facto orchestration engine for running workloads that need to be created and deleted frequently. Therefore, proper scheduling of the pods is key to ensuring that …
-
Kubernetes 1.26: Eviction policy for unhealthy pods guarded by PodDisruptionBudgets
By Filip Křepinský (Red Hat), Morten Torkildsen (Google), Ravi Gudimetla (Apple) | Friday, January 06, 2023 in Blog
Ensuring the disruptions to your applications do not affect its availability isn't a simple task. Last month's release of Kubernetes v1.26 lets you specify an unhealthy pod eviction policy for PodDisruptionBudgets (PDBs) to help you maintain that …
-
Kubernetes v1.26: Retroactive Default StorageClass
By Roman Bednář (Red Hat) | Thursday, January 05, 2023 in Blog
The v1.25 release of Kubernetes introduced an alpha feature to change how a default StorageClass was assigned to a PersistentVolumeClaim (PVC). With the feature enabled, you no longer need to create a default StorageClass first and PVC second to …
-
Kubernetes v1.26: Alpha support for cross-namespace storage data sources
By Takafumi Takahashi (Hitachi Vantara) | Monday, January 02, 2023 in Blog
Kubernetes v1.26, released last month, introduced an alpha feature that lets you specify a data source for a PersistentVolumeClaim, even where the source data belong to a different namespace. With the new feature enabled, you specify a namespace in …
Posts in 2022
-
Kubernetes v1.26: Advancements in Kubernetes Traffic Engineering
By Andrew Sy Kim (Google) | Friday, December 30, 2022 in Blog
Kubernetes v1.26 includes significant advancements in network traffic engineering with the graduation of two features (Service internal traffic policy support, and EndpointSlice terminating conditions) to GA, and a third feature (Proxy terminating …
-
Kubernetes 1.26: Job Tracking, to Support Massively Parallel Batch Workloads, Is Generally Available
By Aldo Culquicondor (Google) | Thursday, December 29, 2022 in Blog
The Kubernetes 1.26 release includes a stable implementation of the Job controller that can reliably track a large amount of Jobs with high levels of parallelism. SIG Apps and WG Batch have worked on this foundational improvement since Kubernetes …
-
Kubernetes v1.26: CPUManager goes GA
By Francesco Romani (Red Hat) | Tuesday, December 27, 2022 in Blog
The CPU Manager is a part of the kubelet, the Kubernetes node agent, which enables the user to allocate exclusive CPUs to containers. Since Kubernetes v1.10, where it graduated to Beta, the CPU Manager proved itself reliable and fulfilled its role of …
-
Kubernetes 1.26: Pod Scheduling Readiness
By Wei Huang (Apple), Abdullah Gharaibeh (Google) | Monday, December 26, 2022 in Blog
Kubernetes 1.26 introduced a new Pod feature: scheduling gates. In Kubernetes, scheduling gates are keys that tell the scheduler when a Pod is ready to be considered for scheduling. What problem does it solve? When a Pod is created, the scheduler …
-
Kubernetes 1.26: Support for Passing Pod fsGroup to CSI Drivers At Mount Time
By Fabio Bertinatto (Red Hat), Hemant Kumar (Red Hat) | Friday, December 23, 2022 in Blog
Delegation of fsGroup to CSI drivers was first introduced as alpha in Kubernetes 1.22, and graduated to beta in Kubernetes 1.25. For Kubernetes 1.26, we are happy to announce that this feature has graduated to General Availability (GA). In this …