[Podcast] PodCTL – Kube Security, Kube 1.13 and KubeCon

[Podcast] PodCTL  - Kube Security, Kube 1.13 and KubeCon

Heading into the week of KubeCon, we wanted to make sure that listeners had some basics to prepare them for a week of learning and announcements. We discussed the severe Kubernetes bug (Kubernetes Privilege Escalation Flaw) and available patches, all of the new features in Kubernetes 1.13, as some previews of things to expect from […]

Read More...

OpenShift Commons Briefing: Container Deployment and Security Best Practices John Morello (Twistlock) and Dirk Herrmann (Red Hat)

OpenShift Commons Briefing Summary In this briefing, Twistlock’s John Morello and Red Hat’s Dirk Herrmann gave an in-depth look at the recent NIST Special Publication SP800-190 on Container Security and why it matters if you are deploying containers. They covered best practices for achieving the SP800-190 recommendations on OpenShift. Access the slides from this briefing: Container […]

Read More...

Istio on OpenShift: Technology Preview of Service Mesh Now Available

Istio on OpenShift: Technology Preview of Service Mesh Now Available

  We’re happy to announce the availability of our first technology preview of the Red Hat OpenShift Service Mesh, based on the Istio Project. The advancement of application/software development practices combined with technology/practice improvements in software delivery have resulted in a proliferation of application instances within many organizations. Whether these are macro/monoliths, “mini” services, or […]

Read More...

[Podcast] PodCTL #50 – Listener Mailbag Questions

[Podcast] PodCTL #50 - Listener Mailbag Questions

As the community around PodCTL has grown (~8000 weekly listeners) we’ve constantly asked them to give us feedback on topics to discuss and areas where they want to learn. This week we discussed and answered a number of questions about big data and analytics, application deployments, routing security, and storage deployment models. The show will […]

Read More...

Increasing Security of Istio Deployments by Removing the Need for Privileged Containers

Increasing Security of Istio Deployments by Removing the Need for Privileged Containers

With the 1.0 release, Istio is preparing itself for prime time by companies developing container-native applications with a desire for adopting a service mesh solution. However, there is a potential issue that may slow down the adoption rate: Pods that belong to the Istio mesh require elevated privileges in order to function properly. In this […]

Read More...

[Podcast] PodCTL #49 – Security & Service Meshes

[Podcast] PodCTL #49 - Security & Service Meshes

As we use PodCTL to help educate the market on Containers, Kubernetes and associated technologies, we’ve found that Service Meshes (and Istio) are one of the most popular topics. While it’s still a newer technology, just recently achieving v1.0 GA, we find that many people want to learn more. So this week we went deeper […]

Read More...

What OpenShift Online customers should know about L1TF

On Aug. 14, 2018, information was released about another set of “speculative execution” issues with Intel microprocessor hardware known as “L1 Terminal Fault”.  As with earlier issues like Spectre and Meltdown, this information was coordinated with the release of updated software solutions to help mitigate the issue. At the time the embargo was lifted, the […]

Read More...

[Podcast] PodCTL #45 – Container Registries

[Podcast] PodCTL #45 - Container Registries

This week is the One Year Anniversary of the PodCTL podcast! We’ve now got a few teeth coming in and we’re ready for the terrible twos. This week we dug into the role of Container Registries and how they interact with both Kubernetes, but also CI/CD pipelines and security systems (e.g. scanning, image signing, etc.). […]

Read More...