Operations | Monitoring | ITSM | DevOps | Cloud

Protecting Against the Unpatched Kubernetes Vulnerability (CVE-2020-8554)

CVE-2020-8554 is a vulnerability that allows Kubernetes Services to intercept cluster traffic to any IP address. Users who can manage services can exploit the vulnerability to carry out man-in-the-middle (MITM) attacks against pods and nodes in the cluster. All Kubernetes versions including the latest release (v1.20) are vulnerable to this attack. If your cluster is multi-tenant, or allows unprivileged users to create and update services, you are impacted.

Kubernetes Observability Challenges: The Need for an AI-Driven Solution

Kubernetes provides abstraction and simplicity with a declarative model to program complex deployments. However, this abstraction and simplicity create complexity when debugging microservices in this abstract layer. The following four vectors make it challenging to troubleshoot microservices.

Calico Enterprise Multi Cluster Management - Federated Identity and Services

Managing multiple Kubernetes clusters can become time consuming and complex. Calico Enterprise can help with built in multi-cluster management capabilities to simplify deployment and ongoing operations, including securing interactions between the clusters, and providing cross-cluster service discovery.

Enterprise Security Controls for Kubernetes

In this talk, we will explore how to meet common enterprise security control needs when running Kubernetes. We will look at a range of common enterprise security needs and how you can meet these with standard Kubernetes primitives and open source projects such as Calico, or take it a step further with the additional features of Calico Enterprise.

AWS Quickstart for Calico

At Tigera, we’re excited that our two leading Kubernetes solutions, Calico and Calico Enterprise, are now available as AWS Quickstarts. Everything you need to take advantage of Calico and Calico Enterprise is installed and configured in your EKS cluster, enabling you to immediately take advantage of a full set of Kubernetes security, observability and networking features. In this fireside chat, you will learn about the value of using Calico with EKS in a Quickstart Kubernetes environment, including.

Getting up and running with Calico On-Prem

If you are deploying Kubernetes on-premises in your datacenter, you won’t want to miss this talk and demo. The first thing you’re thinking about might not be networking, but without some knowledge of the networking decisions you’ll need to make, and what the right option is given your environment, you’re likely to get stuck or make the wrong assumptions that may limit your ability to scale or integrate with the rest of the datacenter network.

Getting up and running with Calico on your Rancher Kubernetes Cluster

Rancher is a great way to deploy and manage Kubernetes clusters across a broad range of environments, abstracting away many of the differences between the environments, and using Canal for run-anywhere networking. But what if you want to up your networking game to squeeze the most out of your clusters? In this training session you’ll learn about the various networking options available to you in Rancher, and considerations to take into account in order to select the best option for your environment.