What’s new in Kubernetes 1.8: role-based access, for starters
What’s new in Kubernetes 1.8: role-based access, for starters
The latest version of the open source container orchestration framework Kubernetes, Kubernetes 1.8, promotes some long-gestating, long-awaited features to beta or even full production release. And it adds more alpha and beta features as well.
The new additions and promotions:
- Role-based security features.
- Expanded auditing and logging functions.
- New and improved ways to run both interactive and batch workloads.
- Many new alpha-level features, designed to become full-blown additions over the next couple of releases.
Kubernetes 1.8’s new security features
Earlier versions of Kubernetes introduced role-based access control (RBAC) as a beta feature. RBAC lets an admin define access permissions to Kubernetes resources, such as pods or secrets, and then grant (“bind”) them to one or more users. Permissions can be for changing things (“create”, “update”, “patch”) or just obtaining information about them (“get”, “list”, “watch”). Roles can be applied on a single namespace or across an entire cluster, via two distinct APIs.
To read this article in full or to leave a comment, please click here
The latest version of the open source container orchestration framework Kubernetes, Kubernetes 1.8, promotes some long-gestating, long-awaited features to beta or even full production release. And it adds more alpha and beta features as well.
The new additions and promotions:
- Role-based security features.
- Expanded auditing and logging functions.
- New and improved ways to run both interactive and batch workloads.
- Many new alpha-level features, designed to become full-blown additions over the next couple of releases.
Kubernetes 1.8’s new security features
Earlier versions of Kubernetes introduced role-based access control (RBAC) as a beta feature. RBAC lets an admin define access permissions to Kubernetes resources, such as pods or secrets, and then grant (“bind”) them to one or more users. Permissions can be for changing things (“create”, “update”, “patch”) or just obtaining information about them (“get”, “list”, “watch”). Roles can be applied on a single namespace or across an entire cluster, via two distinct APIs.
To read this article in full or to leave a comment, please click here