Dragonfly integrates nydus for image acceleration practice
Guest post originally published on the Dragonfly blog by Gaius Introduce definition Dragonfly has been selected and put into production use by many Internet companies since its open source in 2017, and entered CNCF in October 2018,…
LitmusChaos expands adoption, contributors, and announces 3.0 Beta
Post by LitmusChaos maintainers Cloud native adoption continues to increase, and it is not a surprise that new challenges are arising that are associated with the scale. The modern DevOps ecosystem driven by cloud native technologies…
Congratulations to the 27 Summer LFX Program CNCF interns!
After an exciting Spring term, 36 interns have graduated from the latest LFX mentorship program funded by CNCF! 15 of CNCF’s Graduated, Incubating, and Sandbox projects joined this round with projects including Chaos Mesh, Kubernetes, KubeEdge…
Improving CNCF security posture with independent security audits
When Policy meets Execution Community post by Amir Montazery, Managing Director, Open Source Technology Improvement Fund In this blog post, we present an overview of independent audits conducted at the end of 2021 and first half…
Improving Security by Fuzzing the CNCF landscape
By Chris Aniszczyk (CNCF), Adam Korczynski (Ada Logics), David Korczynski (Ada Logics) In this blog post we present an overview of the state of fuzzing across CNCF projects. This is based on efforts and work that…
How to run untrusted containers in Kubernetes
Guest post originally published on the SIGHUP blog by Alessandro Lo Manto The IT world is adopting container-based infrastructures more and more every day. However, the advantages, disadvantages and even the limitations are not clear to…
My first in-person KubeCon + CloudNativeCon
Community post by Rishit Dagli This year I got a chance to attend my first in-person KubeCon + CloudNativeCon in Valencia, Spain under the generous Dan Kohn scholarship by CNCF and Linux Foundation. Throwback to when…
OSTIF’s audit of CRI-O is complete – high severity issues found and fixed
Community post originally published on the OSTIF blog Open Source Technology Improvement Fund is thrilled to report the results of a security audit of CRI-O. CRI-O is an open source software (OSS) project that is an implementation of the Kubernetes Container…
Ada Logics: CRI-O holistic security audit engagement
Community post originally on the Ada Logics blog by David Korczynski, Security Research & Security Engineering and Adam Korczynski, Security Engineering & Security Automation, Ada Logics Ada Logics Ltd. recently performed a holistic security audit of CRI-O….
ZDNet: “Kubernetes 1.24 Stargazer: An exceptional release with two major changes”
Kubernetes, everyone’s favorite container orchestrator, in its latest release, Kubernetes 1.24 Stargazer, has made two major changes: The developers dropped support for the Docker Engine container runtime and added supply chain security via Sigstore. First, don’t…