Neon Mirrors
open-menu closeme
Home
Technology
Music
Links icon
Ultimate vSphere VM Migration Guide
About
github twitter linkedin rss
  • Preserving Authorship in a GitOps World with Kyverno

    calendar Mar 2, 2023 · 6 min read · k8s kyverno  ·
    Share on: twitter facebook linkedin copy
    Preserving Authorship in a GitOps World with Kyverno

    It seems just about everyone is doing GitOps in Kubernetes these days. With so many available tools and the maturity of them, it's hard to avoid it. But with only one tool being responsible for the actual creation in the cluster of the resources stored in git, it makes it difficult or impossible for someone to answer …


    Read More
  • Temporary Policy Exceptions with Kyverno

    calendar Feb 20, 2023 · 7 min read · k8s kyverno  ·
    Share on: twitter facebook linkedin copy
    Temporary Policy Exceptions with Kyverno

    (This post first appeared on nirmata.com) One of the great new features in the recently-released Kyverno 1.9 is something we introduced called Policy Exceptions which decouples the policy itself from the workloads to which it applies. But what if you only want to enable policy exceptions for a brief period of time? …


    Read More
  • Reducing Pod Volume Update Times

    calendar Dec 31, 2022 · 6 min read · k8s kyverno  ·
    Share on: twitter facebook linkedin copy
    Reducing Pod Volume Update Times

    There was an interesting poll I happened to stumble across on Twitter the other day from Ahmet Alp Balkan, a former staff software engineer and tech lead at Twitter's Kubernetes-based compute infrastructure team. Although I don't know Ahmet personally, I know him through his work on the popular (and terrific) krew as …


    Read More
  • KubeCon 2022 Retrospective

    calendar Nov 20, 2022 · 7 min read · k8s kyverno  ·
    Share on: twitter facebook linkedin copy
    KubeCon 2022 Retrospective

    KubeCon 2022 North America, the largest Kubernetes-centric conference, just wrapped up in Detroit, Michigan at the end of October of this year. I had the good fortune of attending for another year but this time in a role fully dedicated to the Kyverno project for which I serve as one of the maintainers. These are some …


    Read More
  • Reloading Secrets and ConfigMaps with Kyverno

    calendar Sep 7, 2022 · 8 min read · k8s kyverno  ·
    Share on: twitter facebook linkedin copy
    Reloading Secrets and ConfigMaps with Kyverno

    (This post first appeared on nirmata.com) Policy is commonly thought of as being primarily (if not solely) useful in the area of security, blocking the "bad" while allowing the "good". This misconception is understandable because many tools which operate by implementing "policy" are often …


    Read More
  • Attesting Image Scans With Kyverno

    calendar Jul 23, 2022 · 8 min read · k8s cosign kyverno  ·
    Share on: twitter facebook linkedin copy
    Attesting Image Scans With Kyverno

    (Last Updated August 2022) The subject of vulnerabilities in container images is a serious business. As an image author yourself, one of the things you should be doing is ensuring you know what those vulnerabilities are and that you aren't relying on what a scan told you three months ago to make decisions about running …


    Read More
  • Examining Pod Security Admission

    calendar Jun 5, 2022 · 11 min read · k8s kyverno  ·
    Share on: twitter facebook linkedin copy
    Examining Pod Security Admission

    Pod Security Admission is a new-ish feature in Kubernetes which provides out-of-the-box controls for the Pod Security Standards. I touch on its behavior a bit, but as it has been covered already elsewhere, in this article I really wanted to collect the pros and cons and then frame it in context of an admission …


    Read More
  • Harbor, Cosign, and Kyverno

    calendar May 23, 2022 · 6 min read · k8s cosign kyverno  ·
    Share on: twitter facebook linkedin copy
    Harbor, Cosign, and Kyverno

    Unless you've been living under a rock, you're probably aware that Sigstore has been making waves in the software supply chain space—and that's a great thing because we definitely need more in this area. With their Cosign tool, it allows for ensuring many of these practices are implemented such as image signing. …


    Read More
  • Policy for Kubernetes Custom Resources

    calendar Jun 27, 2021 · 5 min read · k8s kyverno  ·
    Share on: twitter facebook linkedin copy
    Policy for Kubernetes Custom Resources

    I've been hearing a couple things in the community that I wanted to take a few lines to dispel. The first is that Kyverno is fine for Kubernetes "out-of-the-box" resources like Pods and Deployments but is somehow either not capable or severely disadvantaged when it comes to working with CustomResources (CRs) …


    Read More
  • Kubernetes Policy Comparison: OPA/Gatekeeper vs Kyverno

    calendar Feb 11, 2021 · 10 min read · k8s kyverno  ·
    Share on: twitter facebook linkedin copy
    Kubernetes Policy Comparison: OPA/Gatekeeper vs Kyverno

    (Last Updated February 2023) With the upcoming deprecation and subsequent removal of Pod Security Policies (PSPs) in Kubernetes, the time is near to find suitable alternatives. Those alternatives, it seems clear at present anyway, will need to be sourced from outside the Kubernetes project itself as there will be no …


    Read More
    • ««
    • «
    • 1
    • 2
    • 3
    • 4
    • 5
    • »
    • »»

Chip Zoller

Technologist, perpetual student, teacher, continual incremental improvement.
Read More

Featured Posts

  • Reducing Pod Volume Update Times
  • Reloading Secrets and ConfigMaps with Kyverno
  • Examining Pod Security Admission
  • Exploring Kyverno: Introduction
  • Deploying Harbor on Photon OS
  • Clarity Theme for Hugo Released
  • How to Ask for Help on Tech Forums

Recent Posts

  • Preserving Authorship in a GitOps World with Kyverno
  • Temporary Policy Exceptions with Kyverno
  • Reducing Pod Volume Update Times
  • KubeCon 2022 Retrospective
  • Reloading Secrets and ConfigMaps with Kyverno
  • Attesting Image Scans With Kyverno
  • Examining Pod Security Admission
  • Harbor, Cosign, and Kyverno

Categories

TECHNOLOGY 76 MUSIC 1

Tags

K8S 29 VREALIZE 27 VRA 22 KYVERNO 15 VSPHERE 14 SOVLABS 8 VEEAM 7 DOCKER 6 PKS 6 POWERSHELL 6 LOG-INSIGHT 5 VROPS 5 VRO 4 VMWORLD 3
All Tags
ANSIBLE1 AUTHENTICATION1 BLOGGING2 COSIGN2 DOCKER6 FORUMS2 HOMELAB1 K8S29 KYVERNO15 LOG-INSIGHT5 NETWORKING1 NSX-T2 PKS6 POWERCLI2 POWERSHELL6 RANCHER2 SECURITY1 SOVLABS8 THOUGHTS2 VEEAM7 VMTN1 VMWORLD3 VRA22 VREALIZE27 VRO4 VROPS5 VSPHERE14
[A~Z][0~9]
Neon Mirrors

Copyright  NEON MIRRORS. All Rights Reserved

to-top