Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity

    Kubernetes 1.7 Improves Container Security and API Aggregation

    By
    Sean Michael Kerner
    -
    June 30, 2017
    Share
    Facebook
    Twitter
    Linkedin
      Kubernetes

      The open-source Kubernetes 1.7 release is now available, providing users with new features to help manage and secure container infrastructure.

      Kubernetes 1.7 is the second major release of the open-source container orchestration platform so far in 2017 and follows the Kubernetes 1.6 release that debuted in March at the CloudNative Con/Kubecon event in Berlin, Germany. The Kubernetes project was first developed by Google and has been an open-source project run by the Linux Foundation’s Cloud Native Computing Foundation (CNCF) since July 2015.

      Kubernetes 1.7 includes multiple features that improve security, including the newly stable Network Policy API which helps to enforce rules about which containers pods can connect to each other.

      “Red Hat was very happy to lead the Network Policy stabilization effort so that users could define their own application communication requirements,” Clayton Coleman, architect, Containerized Application Infrastructure at Red Hat, told eWEEK. 

      Coleman said that while working to write a software-defined networking implementation which can realize the NetworkPolicy specification, Red Hat’s developers found inconsistencies, vagueness, and other problems which could have left users with divergent experiences on different platforms or when using different network vendors. Those issues have now been resolved, which is why the Network Policy API is a stable feature in the Kubernetes 1.7 release.

      “We are very excited to see the specification reach general availability, where any compliant networking vendor can run underneath Kubernetes and users can still use application-centric network controls in a common reliable manner on any platform,”  Coleman said.

      Eric Chiang, software engineer at CoreOS commented that having a feature marked as ‘stable’ in a Kubernetes release is an indication that the feature has been ‘battle tested’ and is production ready. 

      “The changes made between 1.6 and 1.7 were small, but network policy becoming a standard and expected component of Kubernetes is a great step forward for the platform’s security,” Chiang told eWEEK.

      While the Network Policy API is now stable, Kubernetes 1.7 is introducing a “secrets” encryption feature that is labelled as an alpha. Secrets refers to tokens and passwords used by Kubernetes to grant access to various resources.

      “Encryption at rest was developed by Red Hatters in close concert with Google,” Coleman said. “It was a key enterprise requirement and we wanted to ensure the community could also leverage the feature.” 

      API Aggregation

      Looking beyond security, Kubernetes 1.7 benefits from the new API aggregation feature that offers the promise of improved extensibility for users. The Kubernetes project documentation explains that the API aggregation layer allows Kubernetes to be extended with additional APIs, beyond what is offered by the core Kubernetes APIs.

      “Aggregation allows large, opinionated features that would otherwise require significant changes to core Kubernetes to be developed externally,” Chiang said. “This means Kubernetes can continue to focus on improving the stability of the platform, while distributions can produce extremely customized solutions without impacting the broader community.”

      APIs in Kubernetes 1.7 also get a boost with the new Custom Resource Definitions (CRD) API model which replaces the existing Third Party Resource (TPR) model. Coleman said the goal with CRD is to provide an easy way to define and retrieve new extensions to the Kubernetes API.

      “We think the features introduced in 1.7 will set the stage for the next phase of Kubernetes’ growth and its growing role in the enterprise,” Coleman said.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×