CoreOS Blog

Kubernetes 1.6 is here: The first release managed by CoreOS

March 28, 2017 · By Dan Gillespie

Kubernetes 1.6 has just been released, and I am incredibly proud to have served as its release lead. Thank you to Caleb Miles (CoreOS) and the rest of my team members from Microsoft, Red Hat, Heptio, Mirantis and Google for all of your hard work and support, as well as the hundreds of community members that participated in this release.

This unprecedented cross-company leadership marks a series of firsts: the first non-Google release lead and the first time a release team has been primarily staffed by non-Googlers. These milestones are further signs of the strength of the community that has grown around Kubernetes, the open source container orchestration platform.

Contributing to the release process

I knew leading the Kubernetes 1.6 release would be a unique opportunity to dive in even deeper with Kubernetes, and I expected to be thrown right in the middle of everything. My expectations were quickly met—I was exposed to the entire code base and had to engage the entire community in the process, making this a huge learning experience both technically and personally.

One of the biggest tests the team and I encountered was devising a way to more efficiently resolve flakes. Previously, a big problem release managers faced was working through the hundreds of flakes—tests that fail at varying frequencies—in front of them. With 26 Special Interest Groups (SIGs), it was impossible to get everyone to look at everything together. The team and I tried a new approach.

This time around, we assigned flakes to specific SIGs, in order to better identify and segment responsibility across the community. This approach worked; the process of resolving flakes was now much more manageable. Moving forward, when release teams have to think about the work in front of them to tackle this issue, it will be “SIG Auth and SIG Node have 20 flakes each,” not “as a project, we have 260 flakes.”

What’s new in Kubernetes 1.6

Kubernetes 1.6 is a stabilization release. This means we focused on a large number of lower level updates that significantly improve user experience, rather than adding many new features. Afterall, stabilization is key to Kubernetes becoming the plumbing of distributed systems.

The biggest update to come out of this release is the improvement of the core fundamentals of Kubernetes, improving both scalability and reliability. This is a major step forward in making Kubernetes a more efficient and production-ready system.

Specific updates I’m excited about in this release include:

  • etcdv3 enabled by default—etcdv3 is now the default controller enabled in Kubernetes. As a result, scalability, in terms of the number of nodes which can be managed by Kubernetes, has been improved dramatically.

  • Direct dependency on a single container runtime removed—Customers can now use container runtimes other than Docker, such as rkt or CRI-O. We’ve made container runtimes pluggable so that they can be swapped out. In previous versions, Kubernetes was tied to Docker. This update removes that direct dependency, making it so that you can call a generic container runtime.

  • RBAC is now in beta—RBAC (role-based access control) has moved from Alpha to Beta with the release of Kubernetes 1.6. This provides additional security in Kubernetes, allowing you to lockdown the various pieces of your cluster to specific people within your organization, as well as give granular control of what those people can do within the cluster. We have also added defaults for certain roles.

  • Automatic provisioning of StorageClass objects—Previously with Persistent VolumeClaims, if you wanted to have a volume automatically provisioned in Kubernetes, you had to manually create the cloud provider’s StorageClass. This release defaults to Kubernetes, automatically creating it on your behalf.

All of these updates provide the scalability and reliability enterprises are looking for as they adopt Kubernetes as their container management platform of choice.

Kubernetes moving forward

The strength of Kubernetes comes from the strength of its community, and that has always been the case. This release is a big step in terms of getting Kubernetes to be a true community project.

Having the full release process driven outside Google has exposed all of the dependencies they have had to manage up until this point. With this this release now complete, we can certainly look forward to future releases of Kubernetes managed by other companies and members of our community.

Once again, thank you to my release team members, including Caleb Miles, Ihor Dvoretskyi, Anthony Yeh, Jeff Grafton, Devin Donnelly, Maru Newby, Anthony Howe and Steve Kriss, as well as the rest of the community members who contributed to Kubernetes 1.6.

What does this mean for users of Tectonic?

Our work in upstream Kubernetes helps CoreOS release the latest version of Kubernetes in CoreOS Tectonic quickly while at the same time allowing others to build off of our open source contributions. Tectonic uses pure, upstream Kubernetes, and this release will be available to Tectonic users in just a few weeks.

Join the Kubernetes community and get involved

Join the CoreOS team at KubeCon in Berlin, March 29-30, and at CoreOS Fest, May 30-June 1 in San Francisco to learn more and get involved in the Kubernetes community with CoreOS.

Dan Gillespie cofounded Redspread, a Y-Combinator company that developed a collaborative software deployment tool, which joined CoreOS in 2016. Gillespie now helps lead upstream Kubernetes development at CoreOS.

CoreOS Tectonic 1.5.5 Now Ships with Highly Available Clusters by Default and Extends Installer

March 23, 2017 · By Mackenzie Burnett

Today, we are thrilled to announce the latest release of CoreOS Tectonic, which includes the ability to deploy highly available Kubernetes 1.5.5 clusters in existing infrastructure for AWS and bare-metal environments. Along with this release, we are including preview availability for running Tectonic on Microsoft Azure and OpenStack. The additional platforms provide flexibility and choice to enterprises looking to easily use Kubernetes, setting them on a path for success with cloud native technologies. And, to support enhancement and adoption of the installer, the Tectonic Installer will be released in open source to the Kubernetes community over the coming weeks.

What’s new with the Tectonic Installer

Tectonic delivers a fully supported Kubernetes platform in addition to the key enterprise capabilities that make it easy to manage and upgrade. This provides companies with the confidence to move their apps into production. Now with the Tectonic Installer, companies can look forward to:

  • Environment flexibility: An improved, scriptable installer makes it easy to deploy highly available (HA), secure Kubernetes clusters by default. Repeatable across environments, users can try out customizations for their environments. Includes increased customization of networking and VPC options (including deploying into an existing VPC and subnet) and custom tagging for AWS resources.

  • HA deployment options: Installing a highly available Kubernetes cluster is now as easy as specifying how many worker, controller, and etcd nodes you want. We ship with etcd v3 by default, giving you the latest in performance capabilities of etcd. For AWS, the Tectonic installer takes care of spreading them evenly across AZs in whichever region you specify.

  • Simplified deployment: With the preview installer released in open source, users now have options to deploy Kubernetes on a multitude of cloud providers.

  • Automated install: With the need for dev clusters, test clusters, QA clusters, and more, the installer allows users to save time and automate the install of their clusters.

Expanded platform support in preview availability

Today, we are also introducing new options for Tectonic installation on Azure and OpenStack. The Tectonic Installer for these two platforms are in preview availability and are built so organizations can customize the Tectonic Installer, version control the configuration, and build repeatable deployments. These two new platforms installers are available on GitHub today and we look forward to working with the wider Kubernetes community to make Tectonic's self-hosted style of Kubernetes install super easy on all cloud platforms.

Delivering more self-driving capabilities

Since our previous release of CoreOS Tectonic, we have shipped some notable features as we make our way down the path of delivering self-driving Kubernetes. Tectonic v1.5.5-tectonic.2 delivers Kubernetes version 1.5.5, which comes with Dex, Flannel and Console as components controlled by CoreOS’s experimental Operators.

As yesterday’s security vulnerability announcement shows, the ability to quickly upgrade clusters to the next secure patch of software is incredibly important for keeping infrastructure secure. Within hours of the security vulnerability being announced, CoreOS was able to ship a new release of Tectonic with Kubernetes 1.5.5 to our users.

Those users who enabled our experimental Operators and are running Tectonic v1.5.2.-tectonic.2 and above will be able to use Tectonic’s automatic upgrade functionality to upgrade their clusters to this latest release. For those users running Tectonic v1.5.2-tectonic.2, see these instructions on how to upgrade your cluster. For those users running Tectonic v1.5.3-tectonic.1 and Tectonic v1.5.4-tectonic.1, navigate to the Cluster Settings page of your Tectonic Console and click “Check for updates” to apply the update.

Tectonic Console is growing up

In addition to Tectonic Installer, we’re proud to announce that Tectonic Console has reached v1.0.0! This milestone comes with a number of new features, including:

  • Improvements to the side navigation, edit menus, and labels
  • Displaying node selectors and providing an editing modal
  • Improvements in Kubernetes and Tectonic channel statuses and error messages
See how the Tectonic Console works.
Successful update.
Update in progress.
More verbose errors shows why update failed.

Try Tectonic today with new tutorials

You can start using Tectonic today for free up to 10 nodes. For help getting started with CoreOS Tectonic, use our new set of hands-on tutorials. Tutorials are now available here to provide general education on Tectonic and Kubernetes.

For more version details, see the release notes.

Join a webinar on April 5 at 10 AM PT to learn more about the new features in Tectonic and see a demo.

Join us at CoreOS Fest

CoreOS Fest is coming to San Francisco this May 31 and June 1. Come be a part of the containerized applications and Kubernetes conversation. Join us on Pier 27 for two days of talks, panels and chats on how the community is building, running and securing distributed applications. Register today!

Interested in hosting your own meetup, or want to learn more about getting involved with the CoreOS Community? Email us at community@coreos.com.

Quay: Introducing an Application Registry for Kubernetes

March 23, 2017 · By Antoine Legrand

When we started Quay, we wanted to build an image registry that not only allowed you to manage your container images, but do so securely and reliably. Over the past few months we have noticed an accelerated interest in Quay and containers in general. One of the main forces driving this growth is the adoption of container orchestration and in particular, Kubernetes. And with the introduction of a new platform came a new set of challenges around deploying ever increasingly complex applications.

A complete application is rarely defined as a single container image and their deployment is typically dependent on other services. Further, there are configuration details that are necessary to get a complete application up and running. Ultimately, every application can be boiled down to the result of code and configuration. In the case of Kubernetes, this equates to the set of container images and the Kubernetes object manifests that reference them.

The problem with most registries is that they typically deal with a single object: the container image. Traditionally, registries have not been extended into managing what most users are actually deploying: complete applications. Managing applications isn’t quite the same as individual container images; understanding the dependencies and configuration associated with specific releases of an application is a brand new problem for registries to solve, in addition to the new workflows that users will demand.

Kubernetes Application Registry

Over the past few months, the Quay team has been laying the foundation for the first Kubernetes Application Registry. On the server side, we’ve added an experimental registry API to Quay and a minimal UI enabling the storage, discovery, and management of complete applications. On the client side, we’ve created a registry plugin for Helm, the Kubernetes package manager, that brings all of these features to the ecosystem of Helm applications, known as Charts. One of the most interesting new features introduced to both Quay and Helm is the concept of customizable release channels, much like how CoreOS ships Alpha, Beta, and Stable channels for Container Linux releases. All of this is done through a community-driven API specification, called App Registry, that enables Kubernetes ecosystem to develop more sophisticated tools and more reliable deployment pipelines. This ultimately delivers a Kubernetes Application Registry.

Using Helm to deploy an application

We invite you to use this experimental feature today in Quay.io and then deploy your applications using Helm. Below is a guide to get that up and running.

Install the Helm Registry Plugin

First, Install the latest Helm release. If you are an OSX user, quickstart with brew: brew install kubernetes-helm Next download and install the registry plugin for Helm.

OSX

$ curl -L https://github.com/app-registry/helm-plugin/releases/download/v0.3.7/registry-helm-plugin-v0.3.7-dev-osx-x64.tar.gz -o registry-helm-plugin-v0.3.7-dev-osx-x64.tar.gz
$ mkdir -p ~/.helm/plugins/
$ tar xzvf registry-helm-plugin-v0.3.7-dev-osx-x64.tar.gz -C ~/.helm/plugins/

Linux

$ wget https://github.com/app-registry/helm-plugin/releases/download/v0.3.7/registry-helm-plugin-v0.3.7-dev-linux-x64.tar.gz
$ mkdir -p ~/.helm/plugins/
$ tar xzvf registry-helm-plugin-v0.3.7-dev-linux-x64.tar.gz -C ~/.helm/plugins/

Deploy Jenkins Using Helm from the Quay Registry

$ helm registry version quay.io

Output should be:

Api-version: {u'cnr-api': u'0.X.Y'}
Client-version: 0.X.Y

Install Jenkins

$ helm init
$ helm registry list quay.io
$ helm registry install quay.io/helm/jenkins

Create and Push Your Own Chart

First, create an account on Quay.io and login to the CLI using the username and password. Set an environment for the username created at Quay to use through the rest of these instructions.

$ export USERNAME=philips

Login to Quay with the Helm registry plugin:

$ helm registry login -u $USERNAME quay.io

Create a new Helm chart, the default will create a sample nginx application:

$ helm create nginx

Push this new chart to Quay and then deploy it from Quay.

$ cd nginx
$ helm registry push --namespace $USERNAME quay.io
$ helm registry install quay.io/$USERNAME/nginx

Working in the open with the Kubernetes community

With the exclusion of some very minor changes to Quay, all of this work is being executed in the open in collaboration with the Kubernetes community. We’ve been working with Kubernetes SIG-Apps to create an open, community-driven project called App Registry. Our goal as a community is to author libraries and a specification that align with best practices from established standards such as OCI in order to provide consistent storage and discovery for all of the tools innovating in the Kubernetes app ecosystem. While Quay currently implements a prototype of App Registry, we invite everyone to start using the feature and participate in the discussion and development as we move towards a stable release of the App Registry specification.

Learn more

If you would like to learn more and use this new feature, please go to Quay.io and start storing your applications today. If you are going to be at KubeCon next week in Berlin, please stop by our booth and talk to us and check out CoreOS CTO Brandon Philips’ keynote on day one of the conference where he’ll talk more about this.

Also you can check out the GitHub repositories for the app registry at:

https://github.com/app-registry

https://github.com/app-registry/helm-plugin

PodSecurityPolicy Admissions Plugin Vulnerability Found in Kubernetes

March 22, 2017 · By Brandon Philips

An admission plugin security vulnerability related to PodSecurityPolicies was patched with the release of Kubernetes v1.5.5. This vulnerability could allow users to make use of any PodSecurityPolicies object, including those they are not authorized to use.

Am I affected by this vulnerability?

This vulnerability only affects Kubernetes v1.5.0-1.5.4 and, more specifically, installations that do all of the following:

  • Enable the PodSecurityPolicy API (not enabled by default)
  • Enable the PodSecurityPolicy admission plugin (not enabled by default)
  • Use authorization to limit users' ability to use specific PodSecurityPolicy objects

As CoreOS Tectonic does not enable PodSecurityPolicies, Tectonic users who have not customized their setup are unaffected by this vulnerability.

How do I update automatically?

For users of Tectonic who enabled our experimental Operators, Kubernetes v1.5.5 is available as an automatic update for clusters running Tectonic v1.5.3-tectonic.1 and Tectonic v1.5.4-tectonic.1. To apply the update, navigate to the Cluster Settings page of your Tectonic Console and click "Check for updates" (or "Start Update" if the update is already downloaded).

For Tectonic 1.5.2-tectonic.2 clusters, in order to receive the update, users need to change their channel from alpha to tectonic-1.5 first before clicking the "Check for updates" button. This can be done by running:

$ kubectl replace -f -<<EOF
apiVersion: coreos.com/v1
appID: 6bc7b986-4654-4a0f-94b3-84ce6feb1db4
automaticUpdate: false
channel: tectonic-1.5
kind: ChannelOperatorConfig
metadata:
  name: default
  namespace: tectonic-system
server: https://tectonic.update.core-os.net
triggerUpdate: false
triggerUpdateCheck: false
updateCheckInterval: 2700
EOF

For any clusters running Tectonic v.1.5.2-tectonic.1 and older, there is no automatic upgrade path. As we move our experimental Operators to GA, we’re making upgrades between patch releases (and, eventually, minor releases) smoother and more consistent.

How do I manually fix affected clusters?

If you are unable to upgrade to Kubernetes v1.5.5, you must complete the following steps to overcome this vulnerability:

First, export existing PodSecurityPolicy objects:

$ kubectl get podsecuritypolicies -o yaml > psp.yaml

Next, review and delete any PodSecurityPolicy objects you do not want all pod-creating users to be able to use (NOTE: Privileged users that were making use of those policies will also lose access to those policies). For example:

$ kubectl delete podsecuritypolicies/my-privileged-policy

After upgrading to 1.5.5, re-create the exported PodSecurityPolicy objects:

$ kubectl create -f psp.yaml

If you have any problems with upgrading to CoreOS Tectonic v1.5.5 please contact the community support channels.

Security Release Process

This security patch release of Kubernetes is the first time that the new community organized Kubernetes security release process was exercised. This is an important step for the Kubernetes community and part of our ongoing effort to ensure Kubernetes is using all of the Core Infrastructure Initiative (CII) Best Practices. Thank you to everyone who helped make the security release process possible and to Jordan Liggitt for being the Product Security Team Fix Lead on this particular release.

If you would like to learn more about the Security Process there will also be a talk given by Brandon Philips and Jess Frazelle, co-authors of the process, at KubeCon EU next week.

Older Posts

Our Journey With the Kubernetes Community so far: A Reflection from CoreOS

March 17, 2017 · By Paul Burt

CoreOS's rkt and Docker's containerd jointly donated to CNCF

March 15, 2017 · By Brandon Philips

Introducing Our First Round of Keynotes for CoreOS Fest 2017

March 9, 2017 · By Melissa Smolensky

Join CoreOS in March for KubeCon, Google Cloud NEXT, and more

March 1, 2017 · By Johan Philippine

Guide to the CoreOS Fest 2017 Call for Speakers

February 24, 2017 · By Elsie Phillips

Takeaways from the Open Source Leadership Summit: Mainstream Open Source, Security, Policy, and Business Models

February 23, 2017 · By Melissa Smolensky

Double-Free (CVE-2017-6074) and Security Bypass (CVE-2016-8867) Vulnerabilities Updated in Linux Kernel

February 22, 2017 · By Alex Crawford

4 Tips to Take Control of Your Containers

February 21, 2017 · By Paul Burt

Exploring Performance of etcd, Zookeeper and Consul Consistent Key-value Datastores

February 17, 2017 · By Gyu-Ho Lee and the etcd team

Container orchestration: Moving from fleet to Kubernetes

February 7, 2017 · By Josh Wood

A Look Back at Tectonic Summit

February 6, 2017 · By Johan Philippine

Tectonic 1.5 ships Kubernetes 1.5.2 and self-driving infrastructure

January 31, 2017 · By Mackenzie Burnett

Welcoming Newcomers into the Tech Community

January 30, 2017 · By Sergiusz Urbaniak

What it means to work on securing the internet: My time working on Container Linux

January 26, 2017 · By Matthew Garrett

Cryptographically Verifying Container Linux at Runtime

January 26, 2017 · By Matthew Garrett

The Future of Kubernetes in 2017

January 25, 2017 · By Alex Polvi

Announcing etcd 3.1

January 20, 2017 · By Anthony Romano

Announcing CoreOS Fest 2017

January 19, 2017 · By Jim Walker

Toward etcd v3 in CoreOS Container Linux

January 13, 2017 · By Josh Wood

RunC Exec Vulnerability (CVE-2016-9962)

January 10, 2017 · By Alex Crawford

Upcoming CoreOS events: ShmooCon, FOSDEM, Container World, and more

January 9, 2017 · By Johan Philippine

Testing distributed systems in Go

January 6, 2017 · By Gyu-Ho Lee

Introducing rkt’s ability to automatically detect privilege escalation attacks on containers

December 15, 2016 · By Matthew Garrett

Containers to Clusters: Advancing Kubernetes, etcd, and more at CoreOS

December 13, 2016 · By Brandon Philips

What Kubernetes users should know about the rkt container engine

December 13, 2016 · By Jonathan Boulle

Self-Driving Kubernetes, Container Linux by CoreOS and Kubernetes 1.5

December 12, 2016 · By Alex Polvi

Your guide to Tectonic Summit 2016

December 5, 2016 · By Johan Philippine

The easiest way to get up and running with Kubernetes on AWS

November 29, 2016 · By Mackenzie Burnett

Enterprise Kubernetes Experts To Unite at Tectonic Summit 2016

November 14, 2016 · By Melissa Smolensky

CoreOS Kubernetes Community Citizenship

November 7, 2016 · By Melissa Smolensky

Introducing Operators: Putting Operational Knowledge into Software

November 3, 2016 · By Brandon Philips

Introducing the etcd Operator: Simplify etcd cluster configuration and management

November 3, 2016 · By Hongchao Deng

The Prometheus Operator: Managed Prometheus setups for Kubernetes

November 3, 2016 · By Fabian Reinartz

November community events: Meet us at KubeCon and other conferences

November 2, 2016 · By Johan Philippine

Tectonic 1.4 ships with self-hosted cluster installers and RBAC integration

November 1, 2016 · By Mackenzie Burnett

KubeCon Preview

October 31, 2016 · By Johan Philippine

OpenStack on Kubernetes: Announcing the Stackanetes Technical Preview

October 26, 2016 · By Quentin Machu

Kubernetes: Critical Security Bug in TLS Client Auth

October 20, 2016 · By Brandon Philips

Linux kernel has been Updated (CVE-2016-5195)

October 20, 2016 · By Alex Crawford

Tectonic Summit: First Round of Speakers and Sponsors

October 17, 2016 · By Melissa Smolensky

CoreOS and Redspread Join to Extend Kubernetes

October 17, 2016 · By Alex Polvi

October community events - LinuxCon, OpenStack Summit, All Things Open, and more

October 3, 2016 · By Johan Philippine

Eliminating Delays From systemd-journald, Part 2

September 29, 2016 · By Vito Caputo

Upstream Kubernetes 1.4 Preview: Features to know about for the security focused

September 22, 2016 · By Caleb Miles

Kubernetes in Minutes with Minikube and rkt Container Engine

September 21, 2016 · By Sergiusz Urbaniak

How to use pluggable isolation features in the rkt container engine

September 16, 2016 · By Derek Gonyeo

Tectonic expands supported base Operating Systems to include CentOS and RHEL

September 15, 2016 · By Ed Rooth

rkt Container Engine Reaches v1.14.0: Focus on Stability and Minimalism

September 9, 2016 · By Luca Bruno

Announcing Tectonic Summit 2016 - Request your invite today

September 7, 2016 · By Melissa Smolensky

September community events - meetups, recruitment, and conferences

September 2, 2016 · By Johan Philippine

Kubernetes: A Solution for Enterprise-level Continuous Integration Scalability and Elasticity

September 2, 2016 · By Aleks Saul

Serializability and Distributed Software Transactional Memory with etcd3

August 31, 2016 · By Anthony Romano

Fetching and running docker container images with rkt

August 25, 2016 · By Derek Gonyeo

Developing Prometheus alerts for etcd

August 24, 2016 · By Frederic Branczyk

CoreOS Online Validator Now Supports Ignition

August 15, 2016 · By Andrew Jeddeloh

Announcing Tectonic 1.3 with new enterprise-grade tools and features for Kubernetes

August 11, 2016 · By Ed Rooth

Announcing Public and Private Kubernetes and CoreOS Training

August 11, 2016 · By Jeff Gray

Intro to rkt signing and verification

August 10, 2016 · By Derek Gonyeo

Meet CoreOS in August: OpenStack, ContainerCon and more

August 8, 2016 · By Johan Philippine

Sharing Servers for International Friendship Day

August 7, 2016 · By Jason Luce, ScaleFT

Self-Hosted Kubernetes makes Kubernetes installs, scaleouts, upgrades easier

August 5, 2016 · By Josh Wood

August spotlight: Learn about rkt, the container engine by CoreOS

August 4, 2016 · By Derek Gonyeo

Hands on: Monitoring Kubernetes with Prometheus

August 3, 2016 · By Joe Bowers

Migrating applications, clusters, and Kubernetes to etcd v3

July 27, 2016 · By Hongchao Deng

Kubernetes Cluster Federation: Efficiently deploy and manage applications across the globe

July 21, 2016 · By Colin Hom

GIFEE: Bringing Security-minded Container Infrastructure to the Enterprise

July 12, 2016 · By Alex Polvi

GopherCon, ContainerCon and more! Meet CoreOS at a July event

July 11, 2016 · By Johan Philippine

Happy three years, CoreOS

July 1, 2016 · By Brandon Philips

etcd3: A new etcd

June 30, 2016 · By Anthony Romano and Xiang Li

Prometheus and Kubernetes up and running

June 27, 2016 · By Fabian Reinartz

CoreOS Linux available in China

June 16, 2016 · By Alex Crawford

CoreOS Recognized in IDC and Industry Awards

June 10, 2016 · By Kelly Tenn

Kubernetes v1.3 Preview - Auth, Scale, and Improved Install

June 7, 2016 · By Mike Saparov

June CoreOS Events

June 2, 2016 · By Johan Philippine

Presenting Torus: A modern distributed storage system by CoreOS

June 1, 2016 · By Barak Michener

Security brief: CoreOS Linux Alpha remote SSH issue

May 19, 2016 · By Matthew Garrett

Major Remote SSH Security Issue in CoreOS Linux Alpha, Subset of Users Affected

May 16, 2016 · By CoreOS Security Team

CoreOS Fest: CoreOS Works with Intel, Project Calico, Packet, and StackPointCloud to extend GIFEE

May 9, 2016 · By Alex Polvi

CoreOS closes $28M Series B to bring Google-like infrastructure to all

May 9, 2016 · By Alex Polvi

CoreOS brings open source distributed systems components to the next level

May 9, 2016 · By Brandon Philips

What to know before you go to CoreOS Fest, and other events this May

May 5, 2016 · By Johan Philippine

CoreOS and Prometheus: Building monitoring for the next generation of cluster infrastructure

April 29, 2016 · By Fabian Reinartz

Introducing Stackanetes – Running OpenStack as an application on Kubernetes with CoreOS Tectonic

April 26, 2016 · By Wei Lien Dang

Tectonic 1.2 available with increased scalability and new namespace tools

April 15, 2016 · By Joe Bowers

Celebrating the Open Container Initiative Image Specification

April 14, 2016 · By Jonathan Boulle

Introducing Ignition: The new CoreOS machine provisioning utility

April 12, 2016 · By Alex Crawford

rkt 1.3.0: Tighter security; easier container debugging, development, and integration

April 6, 2016 · By Derek Gonyeo

Meet us for our April 2016 events

April 5, 2016 · By Johan Philippine and Kelly Tenn

How OpenStack and Kubernetes Come Together with CoreOS' Tectonic

March 31, 2016 · By Alex Polvi

CoreOS Fest Berlin and San Francisco: Join us this May

March 28, 2016 · By Melissa Smolensky

CoreOS Linux Hits Day 1000

March 28, 2016 · By Brandon Philips

CoreOS Delivers etcd v2.3.0 with Increased Stability and v3 API Preview

March 21, 2016 · By Xiang Li

CoreOS Delivers on Security with v1.0 of Clair Container Image Analyzer

March 18, 2016 · By Quentin Machu

Your Journey to #GIFEE, An Option for Every Level

March 10, 2016 · By Ed Rooth

Eliminating Delays From systemd-journald, Part 1

March 10, 2016 · By Vito Caputo

March CoreOS Events

March 7, 2016 · By Elsie Phillips

LDAP Support in CoreOS dex: An Open Source Journey

March 3, 2016 · By Frode Nordahl

CoreOS and the Trusted Computing Group

February 26, 2016 · By Matthew Garrett

Take a REST with HTTP/2, Protobufs, and Swagger

February 24, 2016 · By Brandon Philips

Improving Kubernetes Scheduler Performance

February 22, 2016 · By Hongchao Deng

Finance is Embracing "Invisible Infrastructure"

February 19, 2016 · By Rob Szumski

rkt Network Modes and Default CNI Configurations

February 9, 2016 · By Stefan Junker

February Community Events

February 8, 2016 · By Elsie Phillips

The Security-minded Container Engine by CoreOS: rkt Hits 1.0

February 4, 2016 · By Alex Polvi

Get Started with rkt Containers in Three Minutes

February 4, 2016 · By Derek Gonyeo

OpenSSL patched in CoreOS Alpha, Beta and Stable

February 1, 2016 · By George Tankersley

NTP has been Updated

January 22, 2016 · By Alex Crawford

A Bare Metal Configuration Service for CoreOS Linux

January 22, 2016 · By Dalton Hubble

Get Ready for CoreOS Fest 2016: Berlin

January 20, 2016 · By Melissa Smolensky

Meet CoreOS In Your Neck of the Woods

January 20, 2016 · By Kelly Tenn

Linux Kernel has been Updated (CVE-2016-0728)

January 20, 2016 · By Alex Crawford

CoreOS rkt 0.15.0 Introduces rkt fly, Go 1.5 Build Support

January 19, 2016 · By Josh Wood

Go 1.5.3 Security Vulnerability Patch

January 13, 2016 · By George Tankersley

Tectonic 1.1 is here! Updated Kubernetes Support to Deploy, Manage and Secure your Containers

January 5, 2016 · By Ed Rooth

What Trusted Computing Means to Users of CoreOS and Beyond

December 10, 2015 · By Matthew Garrett

A Tectonic Summit Wrap Up

December 8, 2015 · By Melissa Smolensky

Making Sense of Container Standards and Foundations: OCI, CNCF, appc and rkt

December 8, 2015 · By Alex Polvi

Tectonic Pre-Installed: Next Generation Infrastructure Delivered to Your Data Center

December 2, 2015 · By Melissa Smolensky

Tectonic Provides Cryptographic Chain of Trust from Application Layer to Hardware, Turns DRM on its Head

December 2, 2015 · By Alex Polvi

Meet CoreOS in New York This Week

December 1, 2015 · By Kelly Tenn

CoreOS Introduces Clair: Open Source Vulnerability Analysis for your Containers

November 13, 2015 · By Quentin Machu

Tectonic, by CoreOS, Is GA

November 3, 2015 · By Brandon Philips

November Events for CoreOS

November 2, 2015 · By Alex Avritch

International Securities Exchange, Morgan Stanley, SoundCloud, Viacom, Verizon Labs and More to Speak at Tectonic Summit 2015

October 29, 2015 · By Melissa Smolensky

rkt v0.10.0: With a New API Service and a Better Image Build Tool

October 27, 2015 · By Alban Crequy

October Events for CoreOS

October 5, 2015 · By Alex Avritch

Start Using Kubernetes on AWS with the Official Tectonic AWS Integration

October 2, 2015 · By Alex Polvi

Official CloudFormation and kube-aws tool for installing Kubernetes on AWS

October 2, 2015 · By Brian Waldon

Container Security with SELinux and CoreOS

September 29, 2015 · By Matthew Garrett

Announcing Tectonic Open Preview

September 22, 2015 · By Alex Polvi

Cross-host Container Communication with rkt and flannel

September 21, 2015 · By Eugene Yakubovich

Official Kubernetes on CoreOS Guides and Tools

September 17, 2015 · By Aaron Levy

Where systemd and Containers Meet: Q&A with Lennart Poettering

September 16, 2015 · By Jonathan Boulle

etcd 2.2 – Improving the Developer Experience and Setting the Path for the v3 API

September 10, 2015 · By Xiang Li

September Events for CoreOS: Conferences, Trainings and More

September 8, 2015 · By Alex Avritch

Announcing dex, an Open Source OpenID Connect Identity Provider from CoreOS

September 3, 2015 · By Bobby Rullo

Flocker on CoreOS Linux

September 1, 2015 · By Brandon Philips

Containers on the Autobahn: Q&A with Giant Swarm

August 24, 2015 · By Kelly Tenn

What it’s like to Intern with CoreOS

August 21, 2015 · By Mary O’Brien

Using Virtual Machines to Improve Container Security with rkt v0.8.0

August 18, 2015 · By Brandon Philips

Introducing the Kubernetes kubelet in CoreOS Linux

August 14, 2015 · By Kelsey Hightower

CoreOS and Mirantis are working together to deliver Tectonic on OpenStack

August 6, 2015 · By Brian Redbeard

Meet the CoreOS team around the world in August

August 4, 2015 · By Kelly Tenn

Announcing new Quay.io Enterprise features by CoreOS

July 28, 2015 · By Joey Schorr

Introducing etcd 2.1

July 24, 2015 · By Yicheng Qin

Introducing Kubernetes Workshops and Tectonic Summit

July 21, 2015 · By Melissa Smolensky

CoreOS and Kubernetes 1.0

July 21, 2015 · By Brandon Philips

Try out Kubernetes 1.0 with the Tectonic Preview

July 21, 2015 · By Alex Polvi

Meet CoreOS at OSCON and more

July 17, 2015 · By Kelly Tenn

Announcing rkt v0.7.0, featuring a new build system, SELinux and more

July 15, 2015 · By Iago López Galeiras

Q&A with Sysdig on containers, monitoring and CoreOS

July 14, 2015 · By Kelsey Hightower

How to get involved with CoreOS projects

July 10, 2015 · By Jed Smith

OpenSSL has been Updated (CVE-2015-1793)

July 10, 2015 · By Alex Crawford

Happy 2nd Epoch CoreOS Linux

July 7, 2015 · By Brandon Philips

Upcoming CoreOS Events in July

July 6, 2015 · By Alex Avritch

Under The Hood of Tectonic

July 1, 2015 · By Brian Waldon

Introducing flannel 0.5.0 with AWS and GCE

June 30, 2015 · By Mohammad Ahmad

App Container and the Open Container Project

June 22, 2015 · By Alex Polvi

CoreOS recognized in SD Times, AlwaysOn and more industry awards

June 16, 2015 · By Kelly Tenn

Technology Preview: CoreOS Linux and xhyve

June 11, 2015 · By Brian Akins

Tectonic Meets Nutanix

June 10, 2015 · By Kelsey Hightower

etcd2 in the CoreOS Linux Stable channel

June 9, 2015 · By Alex Crawford

Building and deploying minimal containers on Kubernetes with Quay.io and wercker

June 3, 2015 · By Micha "mies" Hernandez van Leuffen

Oh, the places we’ll be in June

June 2, 2015 · By Kelly Tenn

Tectonic Demos at Google I/O

May 28, 2015 · By Ed Rooth

CoreOS Linux is in the OpenStack App Marketplace

May 19, 2015 · By Brian Harrington

CoreOS at OpenStack Summit 2015

May 18, 2015 · By Alex Avritch

CoreOS Featured with Industry Honors

May 15, 2015 · By Kelly Tenn

New Functional Testing in etcd

May 14, 2015 · By Yicheng Qin

Upcoming CoreOS Events in May

May 12, 2015 · By Alex Avritch

Intel Brings Tectonic to Supermicro Systems

May 5, 2015 · By Alex Polvi, CEO of CoreOS

CoreOS State of the Union at CoreOS Fest

May 5, 2015 · By Brandon Philips

New Quay features: Enterprise-class deployment infrastructure for building container-based systems

May 4, 2015 · By Jake Moshenko

App Container spec gains new support as a community-led effort

May 4, 2015 · By Alex Polvi

CoreOS Fest 2015 Guide

April 29, 2015 · By Alex Avritch

Announcing GovCloud support on AWS

April 27, 2015 · By Mike Marineau

rkt 0.5.4, featuring repository authentication, port forwarding and more

April 24, 2015 · By Jonathan Boulle

CoreOS, Inc. and Tectonic making waves in the industry analyst community

April 22, 2015 · By Kelly Tenn

VMware Ships rkt and Supports App Container Spec

April 20, 2015 · By Alex Polvi

etcd 2.0 in CoreOS Alpha Image

April 16, 2015 · By Alex Crawford

CoreOS on ARM64

April 14, 2015 · By Geoff Levand

Counting Down to CoreOS Fest on May 4 and 5

April 13, 2015 · By Kelly Tenn

Upcoming CoreOS Events in April

April 7, 2015 · By Alex Avritch

Announcing Tectonic: The Commercial Kubernetes Platform

April 6, 2015 · By Alex Polvi

Announcing rkt v0.5, featuring pods, overlayfs, and more

April 1, 2015 · By Jonathan Boulle

CoreOS Fest 2015 First Round of Speakers Announced

March 27, 2015 · By Alex Avritch

What makes a cluster a cluster?

March 20, 2015 · By Barak Michener

Announcing rkt and App Container 0.4.1

March 13, 2015 · By Brandon Philips

rkt Now Available in CoreOS Alpha Channel

March 12, 2015 · By Michael Marineau

The First CoreOS Fest

March 11, 2015 · By Melissa Smolensky

CoreOS on VMware vSphere and VMware vCloud Air

March 9, 2015 · By Kelsey Hightower

Managing CoreOS Logs with Logentries

March 5, 2015 · By Melissa Smolensky

Upcoming CoreOS Events in March

March 3, 2015 · By Kelly Tenn

App Container and Docker

February 13, 2015 · By Jonathan Boulle

Announcing rkt and App Container v0.3.1

February 6, 2015 · By Jonathan Boulle

Upcoming CoreOS Events in February

February 3, 2015 · By Kelly Tenn

etcd 2.0 Release - First Major Stable Release

January 28, 2015 · By Brandon Philips

Update on CVE-2015-0235, GHOST

January 28, 2015 · By Alex Crawford

rkt and App Container 0.2.0 Release

January 23, 2015 · By Jonathan Boulle

Meet us for our January 2015 events

January 20, 2015 · By Kelly Tenn

Quay.io New Features

January 7, 2015 · By Jacob Moshenko

Announcing the etcd 2.0 Release Candidate

December 18, 2014 · By Xiang Li

App Container Spec One Week In

December 9, 2014 · By Brandon Philips

Docker 1.3.2 in Stable Channel

December 3, 2014 · By Alex Crawford

CoreOS is building a container runtime, rkt

December 1, 2014 · By Alex Polvi

Docker 1.3.2 Rolled Out Today

November 24, 2014 · By Alex Crawford

CoreOS Brings Kubernetes to Any Cloud Platform

November 10, 2014 · By Kelsey Hightower

Weekend Enjoyment: CoreOS Deployment Videos

November 7, 2014 · By Rob Szumski

Announcing CoreOS Enterprise Registry, a secure Docker registry behind your firewall

October 30, 2014 · By Joey Schorr

A Meetup Ride to San Mateo

October 29, 2014 · By Melissa Smolensky

CoreOS Now Available On Microsoft Azure

October 20, 2014 · By Alex Crawford

Godep for End User Go Projects

October 15, 2014 · By Brandon Philips

Managing CoreOS with Ansible

October 13, 2014 · By Roman Shtylman

CoreOS Machines Secured from Shellshock

September 26, 2014 · By Alex Polvi

Security Update on CVE-2014-6371 Shellshock

September 25, 2014 · By Brandon Philips

Congrats to Interactive Markdown at the TechCrunch Disrupt Hackathon

September 8, 2014 · By Melissa Smolensky

CoreOS Image Now Available On DigitalOcean

September 5, 2014 · By Alex Crawford

Introducing flannel: An etcd backed overlay network for containers

August 28, 2014 · By Eugene Yakubovich

CoreOS Just Got Easier to Try With Panamax

August 21, 2014 · By Lucas Carlson

CoreOS Certification and Training

August 20, 2014 · By Melissa Smolensky

Quay.io joins CoreOS, Introducing the CoreOS Enterprise Registry

August 13, 2014 · By Alex Polvi

Running Kubernetes Example on CoreOS, Part 2

July 30, 2014 · By Kelsey Hightower

CoreOS Stable Release

July 25, 2014 · By Alex Polvi

Running Kubernetes Example on CoreOS, Part 1

July 10, 2014 · By Kelsey Hightower

The CoreOS Epoch

June 30, 2014 · By Brandon Philips

CoreOS Officially on Rackspace OnMetal Cloud Servers

June 19, 2014 · By Alex Crawford

The CoreOS Update Philosophy

June 18, 2014 · By Kelsey Hightower

CoreOS Videos From Our Inaugural Meetup

June 17, 2014 · By Melissa Smolensky

Docker 1.0 released to Alpha

June 16, 2014 · By Melissa Smolensky

Official CoreOS Meetup in San Francisco June 3rd, 2014

May 28, 2014 · By Brian 'redbeard' Harrington

Official CoreOS Images on Google Compute Engine

May 23, 2014 · By Brandon Philips

etcd 0.4.0 with Standby Mode

May 20, 2014 · By Yicheng Qin

Zero Downtime Frontend Deploys with Vulcand on CoreOS

May 19, 2014 · By Rob Szumski

CoreOS Beta Release

May 9, 2014 · By Alex Polvi

Clustering CoreOS with Vagrant

April 24, 2014 · By Brandon Philips

etcd - The Road to 1.0

April 14, 2014 · By Blake Mizerany

Major Update: btrfs, docker 0.9, add users, writable /etc, and more!

March 27, 2014 · By Alex Polvi

Dynamic Docker links with an ambassador powered by etcd

February 27, 2014 · By Alex Polvi

Introduction to networkd, network management from systemd

February 25, 2014 · By Tom Gundersen

Cluster-Level Container Deployment with fleet

February 18, 2014 · By Brian Waldon

etcd 0.3.0 - Improved Cluster Discovery, API Enhancements and Windows Support

February 7, 2014 · By Brandon Philips

Brandon's etcd presentation at GoSF

January 16, 2014 · By Brandon Philips

Jumpers and the Software Defined Localhost

January 13, 2014 · By Alex Polvi

etcd 0.2.0 - new API, new modules and tons of improvements

December 27, 2013 · By Brandon Philips

Running etcd in Docker Containers

December 13, 2013 · By Rob Szumski

CoreOS alpha updates

December 9, 2013 · By Alex Polvi

Running a Utility Cluster on CoreOS

December 4, 2013 · By Rob Szumski

CoreOS on Google Compute Engine

December 2, 2013 · By Alex Polvi

etcd v0.1.2 with a new dashboard and bugfixes

October 10, 2013 · By Brandon Philips

Boot on Bare Metal with PXE

September 11, 2013 · By Brandon Philips

OpenStack, VMware and KVM images available

August 28, 2013 · By Brandon Philips

etcd v0.1.0 release

August 11, 2013 · By Brandon Philips

CoreOS Vagrant Images

August 2, 2013 · By Alex Polvi

Distributed configuration data with etcd

July 23, 2013 · By Brandon Philips

Recoverable System Upgrades

July 16, 2013 · By Brandon Philips