Tag: Kubernetes

Introduction Amazon Elastic Kubernetes Service (Amazon EKS) is a managed container service to run and scale Kubernetes applications in the cloud or on-premises. Kubernetes Ingress is an API resource that allows you manage external or internal HTTP(S) access to Kubernetes services running in a cluster. The AWS Load Balancer Controller in Amazon EKS creates Application […]

Introduction Amazon EKS Anywhere (Amazon EKS-A) allows customers to run containerized workloads on customer-managed hardware. Amazon EKS-A cluster upgrades are performed in place using a rolling process (similar to Kubernetes Deployments). Upgrades can only happen one minor version at a time (e.g., version 1.20 to 1.21) and Control plane components will be upgraded before worker […]

Per Microsoft documentation: Windows-based networks commonly use Active Directory (AD) to facilitate authentication and authorization between users, computers, and other network resources. Enterprise application developers often design their apps to be AD-integrated and run on domain-joined servers to take advantage of Integrated Windows Authentication, which makes it easy for users and other services to automatically […]

This blog post was co-written by Jim Bugwadia, Co-founder and CEO, Nirmata. This post is a follow-up to our previous blog, Implementing Pod Security Standards in Amazon EKS. Introduction Pods are the fundamental unit of execution in Kubernetes. In this post, we’ll look at how Kyverno can be used to manage pod security for Amazon […]

Introduction As the move to cloud native architectures continues to accelerate, one of the common challenges we hear from our customers is that adopting security best practices in Kubernetes clusters can be challenging. One area in particular that has come up in conversations often is how best to encrypt data in transit. This data encryption […]

Introduction Microservices architectures make applications easier to scale and faster to develop, which enables innovation and accelerating time-to-market for new features. For business applications with multiple clients (web, mobile, desktop, and smart devices), the application programming interface (API) Gateway microservices design pattern is helpful for adding centralized control and security. Containers and serverless are two […]

Introduction The Exposing Kubernetes Applications series focuses on ways to expose applications running in a Kubernetes cluster for external access. In Part 1, we explored Service and Ingress resource types that define two ways to control the inbound traffic in a Kubernetes cluster. We discussed handling of these resource types via Service and Ingress controllers, […]

Introduction The Exposing Kubernetes Applications series focuses on ways to expose applications running in a Kubernetes cluster for external access. In Part 1 of the series, we explored Service and Ingress resource types that define two ways to control the inbound traffic in a Kubernetes cluster. We discussed the handling of these resource types via […]

Introduction The Exposing Kubernetes Applications series focuses on ways to expose applications running in a Kubernetes cluster for external access. In this Part 1 of the series, we explore Service and Ingress resource types that define two ways to control the inbound traffic in a Kubernetes cluster. We discuss the handling of these resource types […]

Introduction Securely adopting Kubernetes includes preventing unwanted changes to clusters. Unwanted changes can disrupt cluster operations and even compromise cluster integrity. Introducing pods that lack correct security configurations is an example of an unwanted cluster change. To control pod security, Kubernetes provided Pod Security Policy (PSP) resources. PSPs specify a set of security settings that […]