Kubernetes adds Security Enhancements
Kubernetes developers has released new features for the software container management platform that will make it easier to secure and maintain and are available in Kubernetes 1.26
Kubernetes provides the ability to deploy applications in a way that reduces hardware use, while also easing software maintenance tasks and further simplifies software maintenance: The platform automates much of the manual work involved in managing workloads built with containers.
The new feature called keyless signing that will reduce the risk of cyberattacks for users. With this feature, it will become difficult to disguise malware as a Kubernetes update. The feature is implemented using cosign, a popular open-source cybersecurity tool.
With keyless signing, the developers who maintain Kubernetes can attach a snippet of metadata to every update they release for the platform. Customers with this metadata can be able to check that an update is not malicious before downloading it. As a result, there is a lower risk of an organization’s developers inadvertently installing malicious files.
Kubernetes also introduces multiple new capabilities designed to make Kubernetes deployments easier to manage. The capabilities promise to simplify multiple maintenance tasks.
- The first feature will make it easier to track hardware usage metrics, such as the amount of memory used by a container.
- The second new capability, in turn, will reduce the amount of manual work required to create a monitoring dashboard that can track the health of a Kubernetes deployment.
Kubernetes 1.26 adds an application programming interface that will make it easier to manage deployments containing several types of chips.
Kubernetes 1.26 adds a capability called privileged containers that will make it easier to manage deployments powered by Microsoft OS. It also makes it easier to customize Kubernetes environments powered by Windows.
Other enhancements include several upgrades that will enable to manage containerized applications’ network traffic more efficiently. The Kubernetes registry, the cloud service from which companies install copies of Kubernetes onto their servers, has been enhanced as well with a set of improvements designed to speed up the download process.