We are excited to announce that deploying Kubewarden in air gap environments has been simplified and documented! For that, you will need a private OCI registry accessible by your Kubernetes cluster. If you’re unfamiliar with Kubewarden, it’s a policy engine for Kubernetes. Its mission is to simplify the adoption of policy-as-code. Kubewarden policies are WebAssembly modules; therefore they can be stored inside an OCI-compliant registry as OCI artifacts.

Rancher, the open source container management platform, uses Fleet to enable its continuous deployment features. Fleet brings GitOps functionality to Rancher. Fleet in Rancher 2.7.0 can fetch Helm charts from OCI registries. Using OCI registries to store Helm charts is an increasingly popular storage method. It allows storing your charts in a registry alongside your container images. This unifies the storage options for charts and reduces friction. Using a chart in an OCI registry is fairly simple.

The Rancher Team are excited to announce the general availability of Rancher v2.7. Rancher v2.7 is a monumental milestone in the lifecycle of Rancher and introduces the ability to be a truly interoperable, extensible platform through the concept of extensions. The extensions now make it possible for users to build extensions on top of Rancher with complete autonomy.

s3gw is an S3-compatible service, focused on deployments in a Kubernetes environment backed by any PVC, including Longhorn (https://longhorn.io). Since its inception, the primary focus has been on Cloud Native deployments, however, the s3gw can be deployed in a myriad of scenarios, provided there is some form of storage attached.

It’s a fact of life: as the Kubernetes API evolves, it’s periodically reorganized or upgraded. This means some Kubernetes resources can be deprecated and later removed. We deserve to keep track of those deprecations and removals easily. For that, we have just released the new deprecated-api-versions policy for Kubewarden, our efficient Kubernetes policy engine that runs policies compiled to Wasm.

Securing a Kubernetes cluster is far from a simple task. How do you know if you have correctly configured volumeMounts in your in-cluster containers? And what about all those workload resources, such as Deployments, Jobs, Pods, etc? Luckily, you can use Kubewarden, an efficient Kubernetes policy engine that runs policies compiled to Wasm. This means you can run powerful specifically-written policies, our reuse existing Rego policies for example.