The lockc project provides mandatory access controls (MAC) for container workloads. Its goal is to improve the current state of container/host isolation. The lockc team believes that container engines and runtimes do not provide enough isolation from the host, which I describe later in the “Why do we need it?” Section. In this blog post, I’ll provide an introduction to lockc, discuss why you need it and show you how to try it out for yourself.

Rancher Desktop has been in development for just over a year with the open question: when do we have a 1.0.0 stable release? Along the way the scope has expanded, it was ported to run in more places and the development team has grown. All of this happened as we worked out if Rancher Desktop would be useful for people, what features people want to use and what are good ways to build it. We are finally ready to answer that 1.0.0 question.

Cloud platforms are not new — they have been around for a few years. And containers have been around even longer. Together, they have changed the way we think about software. Since the creation of these technologies, we have focused on platforms and apps. And who could blame anyone? Containers and Kubernetes let us do things that were unheard of only a few years ago.

Epinio, the application development engine for Kubernetes, is meant to take you from app to URL in one step. It does that by either applying buildpacks to your app or using a pre-built docker image. Epinio installs into any Kubernetes cluster to bring your application from source code to deployment and allow for developers and operators to work better together.