- ‣ The United Nations Suffers a Data Breach, Exposing 100,000 Employee Details
- ‣ KubeSphere Extends Collaboration To Amazon Web Services
- ‣ Red Hat To Acquire StackRox and Bring To OpenShift Platform
- ‣ DataStax Releases K8ssandra – The Latest Production-Ready Platform for Running Apache Cassandra on Kubernetes
- ‣ AWS Launches Location Service, Opening New Opportunities For Developers
- ‣ GDPR Violations Lead To $66,000 Fine for Swedish University
- ‣ CloudLinux To Invest A Million Dollars Annually In Project Lenix
- ‣ Google Launches Machine Query Language in General Availability for Cloud Monitoring
- ‣ AWS Launches Service Workbench for Researchers
- ‣ AWS Batch Support Now Available for AWS Fargate
- ‣ Highest-Rated Cloud Computing Companies to Work For in 2021
- ‣ Mirantis Launches k0s - The Smallest, Simplest Kubernetes Distro
- ‣ AWS Fault Injection Simulator Improves Cloud Chaos Engineering
- ‣ China claims it’s quantum computer is 100 trillion times faster than any supercomputer
- ‣ Red Hat OpenShift to Support Windows Containers from 2021
- ‣ How Do Teams Automate Security in 2020?
- ‣ Github Releases 2020 State Of The OCTOVERSE Report
- ‣ Twitter Signs Agreement With AWS To Leverage The Public Cloud
CNCF Accepts Kyverno as the Latest Sandbox Project
Nov. 30, 2020, 3:15 p.m. in Kubernetes
Nirmata, a Kubernetes operation and management platform, has announced that CNCF has accepted Kyverno, its Kubernetes-based policy engine, at the sandbox level. Kyverno is described on its official website as a policy engine designed for Kubernetes. With Kyverno, policies are managed as Kubernetes resources, and no new language is required to write policies.
Kyverno helps create policies and runs as a validating and mutating webhook aligned with the Kubernetes API server to provide configuration security.
It can mutate as well as generate resources, which allows users to do fine-grained configuration management, not possible manually.
Nirmata hopes that Kyverno can significantly increase the worldwide use of Kubernetes policy. Many people hesitate to implement Kubernetes policies due to their complexity.
In the future, Kyverno hopes to collaborate with other CNCF sandbox projects like cert-manager.
Nirmata announced the news of the acceptance of Kyverno by CNCF in its official blog post. The post said that the decision to donate Kyverno was taken to promote the adoption of Kubernetes policies. Policy engines are crucial for enterprise Kubernetes management, but their complexity and learning curve hinder many from adopting it.
Kyverno comes with a host of features, including:
- Admission controls: To provide configuration security and block invalid and non-compliant configurations.
- Background scanning: Regularly scans all resources and creates a policy report for each namespace and cluster-wide resources.
- Automated rules for pod controllers: Uses pod policies to automatically generate rules for pod controllers, making Kubernetes policy management easier.
- Dynamic generation of new configurations: It helps enable several use cases by supporting flexible triggers for automatic dynamic regeneration of new configuration resources.
- Synchronize configuration across namespaces: Kyverno allows automatic propagation of changes from a common source by automatically synchronizing configuration changes across namespaces.
Security seems one of the main concerns of enterprises that have already adopted this Kubernetes. Several companies are building tools to resolve critical security issues in Kubernetes. Just like Kyverno helps in securing Kubernetes, there are several other tools like Kube-bench, Kube-hunter, and Project Calico that help in securing networking issues in Kubernetes.
To ensure compliance and apply best practices, policy engines are critical for enterprise Kubernetes management. The complexity and learning-curve of solutions that require a new language and foreign tools have hindered adoption. Kyverno simplifies Kubernetes policy management and allows admins to manage policies and reports as native resources.Jim BugwadiaCo-founder and CEO, Nirmata