Cloud Native Digest: ingress2gateway released

Open source projects worth checking out

m9sweeper

m9sweeper is a free and easy kubernetes security platform. It integrates industry standard open source utilities into a one-stop-shop kubernetes security tool that can walk most kubernetes adminstrators through securing a kubernetes cluster as well as the apps running on the cluster.

Kairos

Kairos is a cloud-native meta-Linux distribution that runs on Kubernetes and brings the power of the public cloud to your on-premises environment. With Kairos, you can build your own cloud with complete control and no vendor lock-in.

Radius

Radius is a cloud-native application platform that enables developers and the platform engineers that support them to collaborate on delivering and managing cloud-native applications that follow organizational best practices for cost, operations and security, by default. Radius is an open-source project that supports deploying applications across private cloud, Microsoft Azure, and Amazon Web Services, with more cloud providers to come.

Technical recommendations

Building an API with .NET Core, Docker and Kubernetes

The article offers a comprehensive guide for building and deploying an API using .NET Core, Docker, and Kubernetes. It provides clear instructions, code snippets, and explanations, enabling readers to follow along and complete the entire process successfully.

Understanding Pods, Nodes and the Kubelet in Kubernetes

What’s new in cloud native

Introducing ingress2gateway; Simplifying Upgrades to Gateway API

Today we are releasing ingress2gateway, a tool that can help you migrate from Ingress to Gateway API. ingress2gateway assists in the migration by converting your existing Ingress resources into Gateway API resources.

Linkerd stable-2.14.2 released

This stable release fixes issues in the proxy and Destination controller which can result in Linkerd proxies sending traffic to stale endpoints. In addition, it contains a bug fix for profile resolutions for pods bound on host ports and includes patches for security advisory CVE-2023–44487/GHSA-qppj-fm5r-hxr3.

Three Newly-Discovered Kubernetes Ingress Vulnerabilities Create Security Challenge

Three vulnerabilities were disclosed that impact ingress controllers based on open source NGINX software embedded within Kubernetes clusters that make it possible for cybercriminals to potentially redirect traffic, inject arbitrary commands and code and obtain secret credentials of the ingress-nginx controller.

Jimmy Mesta, CTO for Kubernetes Security Operations Center (KSOC), said these three vulnerabilities are problematic because they can not be remediated via a patch or by upgrading to a higher version of Kubernetes. Instead, IT teams need to reconfigure NGINX ingress controllers to make sure that attack paths that these vulnerabilities enable are mitigated. Alternatively, IT teams may opt to replace NGINX ingress controllers with any number of existing alternatives.

NGINX Modules Can Now Be Written in Rust

NGINX announced the availability of ngx-rust project, allowing developers to write NGINX modules in Rust. The Rust programming language has emerged as a powerful and popular choice due to its stability, security features, rich ecosystem, and strong community support.

NGINX is a high-performance, open-source web server and reverse proxy server software that powers a significant portion of the internet’s websites. Initially created by Igor Sysoev in 2002, NGINX has since evolved and gained widespread popularity in web hosting, content delivery, and application deployment. It is known for its performance, scalability, and versatility, making it a crucial component for serving web content and managing internet traffic efficiently.

About KubeSphere

KubeSphere is an open source container platform built on top Kubernetes with applications at its core. It provides full-stack IT automated operation and streamlined DevOps workflows.

KubeSphere has been adopted by thousands of enterprises across the globe, such as Aqara, Sina, Benlai, China Taiping, Huaxia Bank, Sinopharm, WeBank, Geko Cloud, VNG Corporation and Radore. KubeSphere offers wizard interfaces and various enterprise-grade features for operation and maintenance, including Kubernetes resource management, DevOps (CI/CD), application lifecycle management, service mesh, multi-tenant management, monitoring, logging, alerting, notification, storage and network management, and GPU support. With KubeSphere, enterprises are able to quickly establish a strong and feature-rich container platform.

To stay updated, visit our official website or follow us on Twitter.