InfoQ Homepage Containers Content on InfoQ
-
New Vulnerability in CRI-O Container Runtime Allows Attackers Host Access
A new vulnerability in the CRI-O container runtime used by many Kubernetes installations allows a malicious user to gain root access to the host. The vulnerability was discovered by researchers from CrowdStrike and fixed soon after by the CRI-O project.
-
KubeVela Announces 1.2: Application-Centric Multi-Cluster Control Plane with Extensible Engine
KubeVela is a modern application delivery platform that makes shipping applications across hybrid, multi-cloud environments easier and faster. The OAM community released version 1.2 of the KubeVela project in Jan 2022, bringing a new GUI framework VelaX, unified multi-cluster management capabilities, and an extensible design with an addon ecosystem.
-
Report Finds 75% of Cloud Runtimes Contain High or Critical Vulnerabilities
Sysdig’s latest cloud-native and security-usage report finds that shipping containers with vulnerabilities has become standard practice - with the report finding that 75% of containers have high severity vulnerabilities which could have been patched. The report stresses that many organisations find this to be an acceptable risk, in order to move and release quickly.
-
HashiCorp Consul on Amazon ECS Adds Development Kit and Support for High Traffic Loads
HashiCorp has announced the release of version 0.3 of their Consul on Amazon ECS service. The release includes support for additional configuration options, deployment without Terraform, and confirmed support for high traffic loads. They have also released, in partnership with AWS, a AWS Cloud Development Kit (CDK) to support using Consul on Amazon ECS.
-
Runtime Security Project Falco Adds Extensible Plugin Framework
Falco, a cloud-native runtime security project, has released version 0.31.0. This release introduces a new plugin system for defining additional event sources and event extractors to Falco. The plugin system includes SDKs to simplify development and this release ships with a new AWS CloudTrail plugin.
-
MicroVM Virtualization Solution Firecracker Reaches 1.0
Originally developed at AWS to power AWS Lambda, Firecracker enables creating and managing secure microVMs for serverless computing.
-
Knative Announces v1.1 and Applies to Become a CNCF Incubating Project
The Knative community released version 1.1 of the Knative project across multiple components. The core components serving and eventing have notable changes and introduce experimental features, such as global min-scale configuration, capability to handle Retry-After headers in 429 / 503 responses.
-
Kubernetes Proceeding with Deprecation of Dockershim in Upcoming 1.24 Release
Kubernetes is proceeding with deprecation and removal of dockershim in the upcoming 1.24 release. Workflows and systems that make use of the Docker Engine as the container runtime for their Kubernetes cluster will need to migrate prior to moving to the 1.24 release. The 1.23 release will retain dockershim and will be supported for another year.
-
eBPF and Wasm: Exploring the Future of the Service Mesh Data Plane
With the advancement of lightweight runtimes, such as eBPF and WebAssembly (WASM), we are now seeing a new generation of service mesh data plane solutions that are lighter, safer, and faster.
-
Kubernetes 1.23 Released with Improved Events, gRPC Probes, and Support for Dual-Stack
CNCF released Kubernetes 1.23 recently. The release has new features such as the events subcommand for kubectl, gRPC probes, and expression language validation for custom resources, generally available features such as generic ephemeral volumes, Horizontal Pod Autoscaling, and IPv4/IPv6 dual-stack networking, beta features such as PodSecurity, and deprecated features such as FlexVolume.
-
Announcing Cryostat 2.0: JDK Flight Recorder for Containers
Cryostat, a container-native JVM application developed by Red Hat, provides an API for monitoring and profiling Java containers using Java Flight Recorder (JFR). Cryostat brings JFR to container age allowing analysis and profiling of multiple JVMs directly from a central hub.
-
Dapr Joins CNCF Incubator: Q&A with Yaron Schneider
The Cloud Native Computing Foundation (CNCF) recently announced that it accepted the Distributed Application Runtime (Dapr) as a CNCF incubating project. This statement follows an earlier announcement by Dapr, announcing the formation of the Dapr project's Steering and Technical Committee (STC).
-
Docker Now Requiring Paid Subscription for Large Businesses
Docker has introduced a new Subscription Service Agreement which requires organizations with more than 250 employees or more than $10 million in revenue to buy a paid subscription, starting at $5 per user per month. Additionally, Docker has launched a new Business subscription plan for larger organizations operating at scale.
-
Karmada 0.7: Next-Gen Multi-Cloud and Multi-Cluster Kubernetes Orchestration
Karmada (Kubernetes Armada) 0.7, featuring a promising Kubernetes management system in the hybrid cloud era, became available on July 12, 2021. It brought multi-cluster service discovery, precise cluster status management, replica scheduling based on cluster resources, and more convenient APIs to divide replicas by weight list.
-
CNCF Publishes Latest Technology Radar Focused on Multicluster Management
CNCF published the fifth edition of the End User Technology Radar. This time the theme was multicluster management split between cluster deployment and core services and add-ons related to tooling and day-two operations.