Language Selection

English French German Italian Portuguese Spanish

Cilium 1.0.0-rc4 Released: Transparently Secure Container Network Connectivity Utilising Linux BPF

Filed under
Linux
OSS

Cilium is open source software for transparently securing the network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes. Cilium 1.0.0-rc4 has recently been released, which includes: the Cloud Native Computing Foundation (CNCF)-hosted Envoy configured as the default HTTP/gRPC proxy; the addition of a simple health overview for connectivity and other errors; and an improved scalable kvstore interaction layer.

Microservices applications tend to be highly dynamic, and this presents both a challenge and an opportunity in terms of securing connectivity between microservices. Modern approaches to overcoming this issue have coalesced around the CNCF-hosted Container Network Interface (CNI) and the increasingly popular "service mesh" technologies, such as Istio and Conduit. According to the Cilium documentation, traditional Linux network security approaches (such as iptables) filter on IP address and TCP/UDP ports. However, the highly volatile life cycle of containers and IP addresses cause these approaches to struggle to scale alongside the application as the large number of load balancing tables and access control lists must be updated continually.

Read more

More in Tux Machines

Games Leftovers

Red Hat Enterprise Linux 6.10 Adds Retpoline Mitigations for Spectre & Meltdown

Continuing Red Hat's promise of 10-year lifecycle support for its Red Hat Enterprise Linux 6 operating system series, the Red Hat Enterprise Linux 6.10 update addresses critical security fixes and other important issues that might have an impact on businesses. Therefore, it is recommended to update to this release as soon as possible. "Red Hat Enterprise Linux 6.10 marks the transition from the Maintenance Support 1 lifecycle phase to the Maintenance Support 2 phase," says Red Hat. "In order to help provide customers with a stable environment for the remainder of the Red Hat Enterprise Linux 6 lifecycle, only critical security fixes and business-impacting urgent issues have been addressed." Read more Also: Red Hat Enterprise Linux 6.10 Released With Spectre/Meltdown Mitigation

Google’s Fuchsia Adds Emulator for Running Linux Apps

Google has added a Guest app to its emergent and currently open source Fuchsia OS to enable Linux apps to run within Fuchsia as a virtual machine (VM). The Guest app makes use of a library called Machina that permits closer integration with the OS than is available with typical emulators, according to a recent 9to5Google story. Last month, Google announced a Project Crostini technology that will soon let Chromebook users more easily run mainstream Linux applications within a Chrome OS VM. This week, Acer’s Chromebook Flip C101 joined the short list of Chromebooks that will offer Linux support later this year. Read more

Today in Techrights