Date: Tue, 19 Jun 2018 13:34:54 +0000
<p>On this week’s Kubernetes Podcast, <a href="https://kubernetespodcast.com/about">your hosts</a> talk to Maya Kaczorowski from Google Cloud about Kubernetes security, and look at announcements from Microsoft, Docker, Cisco and Spotify.</p> <p>Do you have something cool to share? Some questions? Let us know:</p> <ul> <li>web: <a href="https://kubernetespodcast.com">kubernetespodcast.com</a></li> <li>mail: <a href="mailto:kubernetespodcast@google.com">kubernetespodcast@google.com</a></li> <li>twitter: <a href="https://twitter.com/kubernetespod">@kubernetespod</a></li> </ul> <h3 id="news-of-the-week">News of the week</h3> <ul> <li><a href="https://azure.microsoft.com/en-us/blog/azure-kubernetes-service-aks-ga-new-regions-new-features-new-productivity/"> Microsoft Azure Kubernetes Service goes GA</a></li> <li><a href="https://www.ibm.com/blogs/cloud-computing/2018/06/11/cloud-for-ai-kubernetes-devops-scale/"> IBM launch multi-zone clusters</a></li> <li>Dockercon: <ul> <li><a href="https://www.docker.com/docker-news-and-press/docker-announces-federated-application-management-across-multi-cloud"> Federated application management</a></li> <li><a href="https://blog.docker.com/2018/06/kubernetes-on-windows-server-with-docker-ee/"> Extending Kubernetes to Windows Server with Docker Enterprise Edition</a></li> <li><a href="https://blog.docker.com/2018/06/design-applications-in-docker-desktop/"> Design applications in Docker Desktop</a></li> </ul> </li> <li><a href="https://blogs.cisco.com/news/power-a-multicloud-world">Cisco Live announcement on CCP, Kuberenetes, and Cloud partnership</a></li> <li><a href="https://www.ciodive.com/news/how-spotify-is-migrating-from-an-in-house-docker-orchestration-platform-to/525465/"> How Spotify is migrating from an in-house Docker orchestration platform to Kubernetes</a></li> </ul> <h3 id="links-from-the-interview">Links from the interview</h3> <ul> <li><a href="https://kromtech.com/blog/security-center/cryptojacking-invades-cloud-how-modern-containerization-trend-is-exploited-by-attackers"> Kromtech article</a> on cryptojacking</li> <li>Security scanning tools: <ul> <li><a href="https://github.com/coreos/clair">Clair</a></li> <li><a href="https://github.com/aquasecurity/microscanner">MicroScanner</a></li> </ul> </li> <li><a href="https://kubernetes.io/docs/concepts/configuration/secret/">Kubernetes secrets</a> <ul> <li><a href="https://kubernetes.io/docs/tasks/administer-cluster/kms-provider/"> Use an KMS provider for data protection</a></li> <li><a href="https://www.vaultproject.io/docs/auth/kubernetes.html">Hashicorp Vault and Kubernetes</a></li> </ul> </li> <li>Cluster hardening guides: <ul> <li><a href="https://cloud.google.com/kubernetes-engine/docs/concepts/security-overview"> GKE Security Overview</a></li> <li><a href="https://cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster"> GKE cluster hardening</a></li> <li><a href="https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/"> Kubernetes.io docs on cluster security</a></li> </ul> </li> <li>Exploring Container Security blog series <ul> <li><a href="https://cloudplatform.googleblog.com/2018/03/exploring-container-security-an-overview.html"> Overview</a> by Maya Kaczorowski</li> <li><a href="https://cloudplatform.googleblog.com/2018/04/exploring-container-security-Node-and-container-operating-systems.html"> Node and container operating systemes</a> by Aditya Kal and Dan Lorenc</li> <li><a href="https://cloudplatform.googleblog.com/2018/04/exploring-container-security-digging-into-Grafeas-container-image-metadata.html"> Digging into Grafeas container image metadata</a> by Felix Glaser and Wendy Dembowski</li> <li><a href="https://cloudplatform.googleblog.com/2018/04/exploring-container-security-protecting-and-Defending-your-Kubernetes-Engine-network.html"> Protecting and defending your Kubernetes Engine network</a>, by Manjot Pahwa, Ahmet Alp Balkan and Bowei Du</li> <li><a href="https://cloudplatform.googleblog.com/2018/04/Exploring-container-security-Running-a-tight-ship-with-Kubernetes-Engine-1-10.html"> Running a tight ship with Kubernetes Engine 1.10</a> by Aaron Small and Vic Iglesias</li> <li><a href="https://cloudplatform.googleblog.com/2018/05/Exploring-container-security-Using-Cloud-Security-Comma.html"> Using Cloud Security Command Center (and five partner tools) to detect and manage an attack</a> by Maya Kaczorowski and Andy Chang</li> <li><a href="https://cloudplatform.googleblog.com/2018/05/Exploring-container-security-Isolation-at-different-layers-of-the-Kubernetes-stack.html"> Isolation at different layers of the Kubernetes stack</a> by Tim Allclair and Maya Kaczorowski</li> </ul> </li> <li><a href="https://twitter.com/MayaKaczorowski">@MayaKaczorowski</a> on Twitter</li> </ul>