Kubernetes Pod Security Policies (PSPs) are a critical component of the Kubernetes security puzzle. Pod Security Policies are clusterwide resources that control security sensitive attributes of pod specification and are a mechanism to harden the security posture of your Kubernetes workloads. Kubernetes platform teams or cluster operators can leverage them to control pod creation and limit the capabilities available to specific users, groups or applications.

We are excited to announce the general availability of Calico Enterprise 2.7. With this release, Fortinet’s 400,000 customers can use FortiGate to enforce network security policies into and out of the Kubernetes cluster as well as traffic between pods within the cluster.

There are three popular methods for running Kubernetes on AWS: manually set up everything on EC2 instances, use Kops to manage your cluster, or use Amazon EKS to manage your cluster. Managing a Kubernetes cluster on AWS without any tooling is a complicated process that is not recommended for most administrators, so we will focus on using EKS or Kops. In this blog post, we compare cluster setup, management, and security features for both Kops and EKS to determine which solution you should use.

Helm is the package manager for Kubernetes (like yum, apt and home brew ) that allows easily package, configure, and deploy applications onto Kubernetes clusters. Helm charts are packages (like debs and rpms) It contains pre-configured kubernetes resources such as ConfigMaps, Deployments ,StatefulSet manifests, PersistentVolumes and editable settings for them.

In the first article in this series, we talked about making Kubernetes essential to your DevOps pipeline. We reviewed CI/CD and DevOps and why their relationship with Kubernetes is so powerful. In this article, I’m going to dive into another term in the application development and management mix: GitOps. We’ll cover what GitOps is, how it affects an organization and how it aligns with Kubernetes.

Kubernetes, the de facto container orchestrator, is great and should be part of any DevOps toolkit. But, just as any other open source technology, it’s not a full-fletched ready-to-use platform. To run in prod, you’ll need multiple addtional components such as logging and monitoring or RBAC integration. Check out our interactive Kubernetes architecture presetation to learn about key Kubernetes components and those added by Kublr.

Deployment controllers are a type of Pod controller in Kubernetes. They provide fine-grained control over how its pods are configured, how updates are performed, how many pods should run, and when pods should be terminated. There are many resources available for how to configure basic deployments, but it can be difficult to understand how each option impacts how rolling updates are performed.

Kubernetes is the world’s leading container orchestration platform. Its cloud agnostic status enables you to manage your workloads with ease, whether they reside in the cloud or on-premises. It has reduced the necessity of being locked into services provided by a cloud provider as well as the need for an entire operations team to manage large workloads on-premises on virtualization platforms.

Back in the early days of software development, having multiple developers working on the same application was a tough challenge. That’s why VCS (Version Control System) like Git was created and methodology like Feature Branching was introduced. The basic idea of working per git branch (also known as Feature Branching) is that when you start to work on a feature, you take a branch of your repository (e.g: git) to work on that feature.

Have you ever grown tired of running the same kubectl commands again and again? Well the good folks over at the Kubernetes team understand you. With the addition of custom resources and the operator pattern, you can now make use of extensions, or addons as I like to call them, to the Kubernetes API that help you manage applications and components. Operators follow Kubernetes principles including the control loop.