Advanced Computing in the Age of AI | Monday, July 15, 2024

Kubernetes Update Boosts Security, Cloud Scaling 

Security and stability were the watchwords with the most recent release of Kubernetes, the third version of the production container orchestrator so far this year.

The accelerating release cycle for the de facto standard cluster orchestrator illustrates its growing popularity and rapid maturation, backers noted last week. Version 1.12 includes stability features along with greater security for application containers running on Microsoft Azure. The update also fixes software bugs encountered by enterprise users rapidly shift containers to production.

Moving up to general availability are a feature called Kubelet TLS Bootstrap that generates a private key used for cluster-level certification. The other is a stable method for scaling Azure virtual machines up or down depending on demand or a set schedule.

The bootstrapping feature builds on an earlier Kubernetes API for requesting and provisioning client certificates from a cluster for “kubelets,” the basic component of the cluster orchestrator responsible for what is running on individual virtual machines. The new feature allows the kubelet to launch itself to a secured cluster, automating the provisioning and distribution of signed client certificates.

Previously, individual operators had to provision these credentials when spinning up a cluster.

“This feature significantly streamlines Kubernetes’ ability to add and remove nodes to the cluster,” noted Stephen Augustus, theKubernetes product management head and an OpenShift architect at Red Hat (NYSE: RHT), an early contributor to the open source project.

Meanwhile, the cloud scaler called Azure Virtual Machine Scale Sets would allow users to create and manage batches of identical virtual machines with load balancing that could be scaled up or down as needed. The cluster auto-scaler anticipates broader enterprise adoption of container workloads as demand for distributes applications and services grows.

The latest release of Kubernetes also reflects heightened efforts to shore up container orchestrator security as enterprises embrace cloud-native applications and services that bring with them new monitoring and security challenges.

For example, IBM (NYSE: IBM) released a package of tools in June that among other things manages container lifecycles to better gauge microservices performance and spot potential security risks when running on Kubernetes or other cloud management frameworks.

Others have taken similar approaches as teething problems are uncovered during the ramp-up of Kubernetes deployments. For example, Aqua Security added more than 100 security features to it container runtime security platform. The security vendor said container adopters “are looking for ways to leverage Kubernetes to automate deployments and accelerate application delivery, at scale, without compromising on security.”

Meanwhile, VMwareannounced in June that its Kubernetes engine positioned as an enterprise-grade cloud service would run on Amazon Web Services (NASDAQ: AMZN) and Microsoft Azure (NASDAQ: MSFT).

Kubernetes version 1.12 is available here.

About the author: George Leopold

George Leopold has written about science and technology for more than 30 years, focusing on electronics and aerospace technology. He previously served as executive editor of Electronic Engineering Times. Leopold is the author of "Calculated Risk: The Supersonic Life and Times of Gus Grissom" (Purdue University Press, 2016).