Cupertino, CA, USA
Mar 26, 2020   |  By Pawan Shankar
Runtime security for Rancher environments requires putting controls in place to detect unexpected behavior that could be malicious or anomalous. Even with processes in place for vulnerability scanning and implementing pod security policies and network policies in Rancher, not every risk will be addressed. You still need mechanisms to confirm these security barriers are effective and provide a last line of defense when they fail.
Mar 23, 2020   |  By JIMMY GUERRERO
Longhorn is cloud-native distributed block storage for Kubernetes that is easy to deploy and upgrade, 100 percent open source and persistent. Longhorn’s built-in incremental snapshot and backup features keep volume data safe, while its intuitive UI makes scheduling backups of persistent volumes easy to manage. Using Longhorn, you get maximum granularity and control, and can easily create a disaster recovery volume in another Kubernetes cluster and fail over to it in the event of an emergency.
Mar 18, 2020   |  By Calin Rus
Prometheus is an open-source system for monitoring and alerting originally developed by Soundcloud. It moved to Cloud Native Computing Federation (CNCF) in 2016 and became one of the most popular projects after Kubernetes. It can monitor everything from an entire Linux server to a stand-alone web server, a database service or a single process. In Prometheus terminology, the things it monitors are called Targets. Each unit of a target is called a metric.
Mar 17, 2020   |  By lvaro Iradier
In Part 1 of this series, we demonstrated how to enable PSPs in Rancher, using restricted PSP policy as default. We also showed how this prevented a privileged pod from being admitted to the cluster. Enforcement capabilities of a Pod Security Policy We intentionally omitted particular details about role-based access control (RBAC) and how to link pods with specific PSPs. Let’s move on and dig in more on PSPs.
Mar 16, 2020   |  By Sheng Liang
Today, we announced our $40M funding round led by Telstra Ventures. We have been working with Telstra as a customer for many years. When Telstra Ventures, who was familiar with Telstra’s success in using Rancher and Kubernetes, approached us for a potential funding round, it was a no-brainer. A leading telco like Telstra exemplifies Rancher’s vision to Run Kubernetes Everywhere.
Jan 12, 2019   |  By Rancher
This newly-updated, in-depth guidebook provides a detailed overview of the features and functionality of the new Rancher: an open-source enterprise Kubernetes platform.
Mar 25, 2020   |  By Rancher
Rancher users and operators can collect custom metrics, automate alerts, notifications, and actions, and create cluster and project-level dashboards. In this class, you'll learn how to setup alerts with Rancher and Prometheus Alert Manager to find problems in your clusters before there's an outage. You'll also learn to visualize metrics for Kubernetes and for your applications so you can gather new insights to your users' usage patterns and your applications' run-time behaviors.
Mar 16, 2020   |  By Rancher
Applications such as WordPress or MySQL require the use of data persistence. It is common when deploying such applications to use a HostPath volume as it is agnostic from the platform. A HostPath volume shares the filesystem of the Host within the container making the data available between pod restarts. However, it ties the data to one node only, creating a single point of failure and restricting any kind of scalability. Kubernetes is not able to schedule the application in any other node even if it is unavailable. This leads to eventual data loss.
Mar 10, 2020   |  By Rancher
Kubernetes Pod Security Policies (PSPs) is an enforcement mechanism to ensure that Pods run only with the appropriate privileges and can solely access the appropriate resources. You can leverage them as a threat prevention mechanism by controlling Pod creation, and limiting the capabilities available to specific users, groups, or applications.
Mar 4, 2020   |  By Rancher
While developing K3s to run at the edge we had to change our assumptions about how to manage these clusters at scale. A key assumption in a data center is that you have stable network connectivity, but this may not be true at the edge. You may have unreliable cellular service or limited time during the day in which you can connect. In these environments, operations such as upgrading Kubernetes or patching an operating system require a different paradigm.
Mar 3, 2020   |  By Rancher
By default, pods are non-isolated; they accept traffic from any source. The Kubernetes solution to this security concern is Network Policy that lets developers control network access to their services. Rancher comes configured with Network Policy using Project Calico which can be used to secure your clusters. This class will describe a few use cases for network policy and a live demo implementing each use case.