alcide

Alcide Blog

Cloud-native Security Provider

Adi Sapir


Recent Posts

Kubernetes 1.18 Introduces Immutable ConfigMaps and Secrets

Jan 22, 2020 10:48:56 AM / by Adi Sapir posted in kubernetes, V1.18, secrets, ConfigMap, kubernetes Advisor

0 Comments

Kubernetes V1.18-alpha.2 is live! The new version introduces an alpha stage field for both Secret and ConfigMap objects to mark their content as immutable.

Read More

Prevent Costly Mistakes that Expose Your Kubernetes Service

Nov 27, 2019 8:03:04 AM / by Adi Sapir posted in kubernetes, devops, alcide advisor, Kubernetes security, "load balancer"

0 Comments

 

 

Publishing a Kubernetes Service

In Kubernetes, a Service is an abstract way to expose an application running on a set of Pods as a network service

With Kubernetes you don’t need to modify your application to use an unfamiliar service discovery mechanism. Kubernetes gives Pods their own IP addresses and a single DNS name for a set of Pods, and can load-balance across them.

This post will describe the different ways used to publish a Kubernetes service, the risks harbored and the methods that can be applied to mitigate those risks.

 

Read More

Pod Security Policy

Oct 24, 2019 10:53:44 AM / by Adi Sapir posted in kubernetes, network security, pod, Kubernetes security

0 Comments

What is Pod Security Policy?

The Pod Security Policy, sometimes called PSP in short, is a Kubernetes resource that allows the enforcement of policy rules during the creation phase of a Pod.
When a PodSecurityPolicy resource is created, it does nothing. In order to use it, the requesting user or target pod’s service account must be authorized to use the policy, by allowing the use verb on the policy.

Read More