Cloud Native News - CNN21/26
2 min read

Cloud Native News - CNN21/26

About FinOps for Kubernetes to reduce cost overspend, Policymanagement: OPA vs Kyverno, design and implementation of Linux conntrack, and an answer to the question: "What makes up a cluster?".
Cloud Native News - CNN21/26

Containers & Orchestration



  • Announcing HashiCorp Boundary 0.4
    "HashiCorp Boundary 0.4.0 and Boundary Desktop 1.2.0 includes features supporting brokering of HashiCorp Vault secrets for Boundary targets to end-users, enhanced session cleanup, and foundational features for event logging."
  • Privilege Escalation in AKS Clusters
    "In a default AKS (Azure Kubernetes Service) cluster, the cluster admin credentials are stored amongst configuration data, thus enabling users with read access to configuration data to become the cluster admin — a textbook example of a privilege escalation attack." - this is an older story. The issue has already been fixed, but still worth a read...
  • containers/udica
    A tool for generating SELinux security profiles for containers. 🔥



Data & Storage

  • The Untold Story of SQLite
    "SQLite is everywhere. It’s in your web browser, it’s in your phone, it’s probably in your car, and it’s definitely in commercial planes. It’s where your iMessages and WhatsApp messages are stored, and if you do a find on your computer for *.db, you’ll be amazed at how many SQLite databases you find."


  • Make your cluster SWIM
    "In this blog post we'll cover how systems form clusters, what clusters actually are and what are their responsibilities. We'll also present different protocols responsible to serve the needs of the clusters with a various tradeoffs associated with them."

Photo by veeterzy on Unsplash