Ku­ber­netes 1.8 is all about en­hanc­ing se­cu­rity

OpenSource For You - - Fossbytes -

Ku­ber­netes 1.8 is now out with the prime fo­cus on en­hanc­ing its se­cu­rity. The new ver­sion up­grades the ex­ist­ing net­work­ing sup­port and in­cludes role-based fea­tures to de­liver a more se­cure ex­pe­ri­ence.

First in the list of new fea­tures in Ku­ber­netes 1.8 is role-based ac­cess con­trol (RABC) that lets an ad­min de­fine ac­cess per­mis­sions to var­i­ous re­sources. RABC comes with per­mis­sion ac­cess for re­sources like pods and se­crets that can be granted to one or more users.

The or­ches­tra­tion frame­work al­ready in­cluded a pro­vi­sion for net­work­ing. But with the new ver­sion, devel­op­ers have been pro­vided beta sup­port for fil­ter­ing out­bound traf­fic as well. How­ever, the beta pack­age lim­its fil­ter­ing in both di­rec­tions, and only sup­ports some des­ti­na­tion ports and peers at the ini­tial stage.

The Google team be­hind Ku­ber­netes has up­graded the au­to­matic TLS cer­tifi­cate ro­ta­tion for Kubelet to beta. This helps to au­to­mat­i­cally gen­er­ate unique cer­ti­fi­ca­tions for Kubelet when a cur­rent one ex­pires. The lat­est ver­sion pro­motes au­dit­ing fea­tures from the al­pha to the beta stage. This in­cludes for­mat­ting tools for au­dit logs and fea­tures to con­trol users of each el­e­ment of the clus­ter.

An­other fea­ture that has been pro­moted from al­pha to beta is the set of work­load APIs. This pro­vides a way to or­ches­trate ap­pli­ca­tions based on their over­all be­hav­iour. Work­load APIs can also be used to mon­i­tor the pro­duc­tion sta­tus.

You can find the lat­est Ku­ber­netes re­lease on its of­fi­cial GitHub page.

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.