Blog

Community post originally published on the OSTIF blog Open Source Technology Improvement Fund is thrilled to report the results of a security audit of CRI-O. CRI-O is an open source software (OSS) project that is an implementation of the Kubernetes Container...

Community post originally on the Ada Logics blog by David Korczynski, Security Research & Security Engineering and Adam Korczynski, Security Engineering & Security Automation, Ada Logics Ada Logics Ltd. recently performed a holistic security audit of CRI-O....

Guest post originally published on the Snapt blog by Craig Risi We constantly read about leaks and security attacks that hit well-known applications. Businesses cannot take security for granted. With so much critical data in play,...

Guest post originally published on Humanitec’s blog by Aeris Stewart, Community Manager at Humanitec Here are 5 things you need to know about implementing Kubernetes, based on Humanitec’s 2022 Kubernetes Benchmarking Study. Knowing your way around...

Guest post by Jan Van Bruggen, Developer Relations Lead at itopia In the past decade, we’ve seen the rise, standardization and meme-ification of “as code”: Infrastructure as Code, Monitoring as Code, Policy as Code and soon...

Project post originally published on the Flux blog by Daniel Holbach As the Flux family of projects and its communities are growing, we strive to inform you each month about what has already landed, new possibilities...

Community post from the Kubernetes Community Days Chennai team We are proud to present Kubernetes Community Days Chennai (KCD Chennai), a community-organized event supported by the Cloud Native Computing Foundation (CNCF). It gathers adopters and technologists...

Guest post originally published on the SparkFabrik blog The affirmation of the public cloud in business organizations – and in particular those of a more innovative nature – has had an almost immediate effect, with a new need...

Community post by Uchechukwu Obasi Coming from a background working as a frontend developer at Grafana I’m no stranger to open source performance monitoring. I was part of a team that was responsible for the overall user...

Community post by Max Körbächer, Co-Founder of Liquid Reply, and Leonard Pahlke, Consultant at Liquid Reply We are pleased to announce that we have established a new working group for environmental sustainability. Our mission is to...

Guest post originally published on the Elastisys blog Going live with your application and deploying it to production on Kubernetes means you are exposing it to your end users. You want this to be a successful...

Guest post originally published on the Appaegis blog by Michael Shieh It’s a common practice to set up a bastion server to provide access to the host and then use that as the gateway for SSH...

Project post originally published on the Flux blog by Daniel Holbach It was KubeCon + CloudNativeCon EU 2022 last week and if you weren’t able to attend, this post provides you with everything you need to...

Guest post originally published on the Snapt blog by Iwan Price-Evans Hackers, malware, cybercriminals, and more threaten modern applications constantly. Malicious actors will try to uncover and exploit any vulnerabilities to steal private data, disrupt your...

Guest post originally published on the Scout APM blog by Dave Anderson, CTO, Scout APM Before we dive into the Collector, let’s cover the components that make up the OpenTelemetry project. Scout’s blog post “What is...

Guest post originally published on Xenit’s blog by Philip Laine, DevOps Engineer at Xenit Attempting to debug a Pod and realizing that you can’t install curl due to security settings has to be a meme at...

Guest post originally published on Chronosphere’s blog by Rob Skillington  With the transition from monolith to cloud-native environments, we are seeing an ongoing explosion of metrics data in terms of both volume and cardinality. This is...

Guest post originally published on the Rookout blog by Gedalyah Reback Cloud deployments have gotten more complicated over the years. That’s on them, but it’s not necessarily to a fault – there’s just so much more...

Community post by Alexander Floyd Marshall from TAG Security Almost a year ago the CNCF published its “Software Supply Chain Best Practices” guide, detailing over 50 ways to improve cloud-native software supply chains. That guide referenced...

The CNCF Security Technical Advisory Group (TAG) has just released a refreshed Cloud Native Security Whitepaper v2 to help educate the community about best practices for securing cloud native deployments. The whitepaper intends to provide organizations...