Introducing the Wasm landscape (in English and Chinese)
By Chris Aniszczyk, Vivian Hu and Michael Yuan “Containers are the new normal, and WebAssembly is the future.” — CNCF Annual Survey 2022 key findings. Originally created as a secure sandbox to run compiled C/C++ code in…
Kubernetes 1.28: revenge of the sidecars?
Member post originally published on the Buoyant blog by William Morgan A guide to Kubernetes sidecars: what they are, why they exist, and what Kubernetes 1.28 changes If you’re using Kubernetes, you’ve probably heard the term sidecar by now. This…
Verifying images in a private Amazon ECR with Kyverno and IAM Roles for Service Accounts (IRSA)
Community post originally published on GitHub by Shuting Zhao, a maintainer of Kyverno When running workloads in Amazon Elastic Kubernetes Service (EKS), it is essential to ensure supply chain security by verifying container image signatures and other metadata….
Notary Project announces a major release!
Project post originally published on the Notary Project blog by the Notary Project Release Team The Notary Project maintainers are proud to announce a major release, including Notary Project specifications v1.0.0, notation v1.0.0, notation-go v1.0.0, and notation-core-go v1.0.0 which are ready for production…
Beginner’s guide to Kuma service mesh
Guest post originally published on the InfraCloud blog by Sonali Srivastava The concept of service mesh emerged as a response to the growing popularity of cloud native environments, microservices architecture, and Kubernetes. It has its roots in the three-tiered…
Top Kubernetes security tools in 2023
Member post originally published on the ARMO blog by Ben Hirschberg Kubernetes security is a critical part of the app lifecycle, through the build, deployment and runtime stages. Kubernetes runtime environments are dynamic and continuously changing. As clusters are replaced and…
Using Kyverno with Pod Security Admission
Guest post originally published on the Kyverno blog by Kyverno Maintainers Using Pod Security Admission with Kyverno for the best of both worlds. Pod Security Admission (PSA) is the built-in successor to Kubernetes PodSecurityPolicy (PSP) and is enabled by default starting…
Cloud Native Computing Foundation Reaffirms Istio Maturity with Project Graduation
Fast-growing service mesh has added end users, events, features, and maintainers to reach Foundation’s top maturity level SAN FRANCISCO, Calif. – July 12, 2023 – The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native…
Optimized Kubernetes cluster architecture: considerations and best practices
Guest post originally published on the ARMO blog by Rotem Refael, Director of Engineering, ARMO Kubernetes is a powerful platform for managing containerized applications at scale, but configuring a Kubernetes cluster can be complex and challenging. In this…
Congratulations to 57 CNCF Term 1 LFX Program Mentees!
By Staff A huge number of successful CNCF interns have graduated from this term’s LFX Program: 57! We had a great showing from the CNCF community with involvement across Graduated, Incubating, and Sandbox projects as well as TAGs…