Skip to main content

New releases of Container Linux addressing the Meltdown attack, caused by vulnerabilities in many modern processors, are now available in all three Container Linux release channels: Alpha 1649.0.0, Beta 1632.1.0, and Stable 1576.5.0. Updates are rolling out to the Alpha and Beta channels now, and should complete over the next 24-48 hours. By default, Container Linux will apply these updates automatically, but systems with non-default configurations should be manually updated as soon as possible.

A recent information disclosure vulnerability (CVE-2018-5256) was found and addressed in Tectonic, which affects versions 1.7 through 1.8. Unauthenticated users were able to list all Namespaces through the Console. In 1.8, which finalized the transition from Third Party Resources (TPRs) to Custom Resource Definitions (CRDs), the ability to list all CRDs was affected by the same bug. The intention of this API endpoint is to enable listing all namespaces by logged-in users.

Vault logo In this first post in a series examining our new Open Cloud Services, we'll take a deeper dive into the Vault secrets management solution and how the Vault Open Cloud Service can help solve some of the thornier challenges of developing and deploying distributed applications.

Tectonic 1.8 logo image

Today we're proud to announce Tectonic 1.8, the latest release of our enterprise-ready Kubernetes platform, is now available. This version, which we announced ahead of KubeCon + CloudNativeCon North America earlier this month, is the first to ship with a catalog of industry-first Open Cloud Services that enable users to deploy key infrastructure components with the ease of managed cloud vendor offerings but without cloud vendor lock-in.

Illustration: CoreOS and Kubernetes

 

Kubernetes is the highest velocity cloud-related open source project, and its pace of development isn't slowing down. This week the project will ship Kubernetes 1.9, its latest release, coming three months after Kubernetes 1.8. The new version includes a number of updates, fixes, and new features, as you can see in the release notes. Many of these changes are "under the hood," however – so rather than diving into a feature checklist here, it's worth looking at the overarching goals driving the next phase of Kubernetes development.

It was a jam-packed and eventful week at KubeCon + CloudNativeCon North America 2017 last week. In all, 4,100 attendees descended on Austin to talk all things Kubernetes and cloud-native, and CoreOS was front and center as a Diamond Sponsor of the event. Check out our blog post from Wednesday where we recap some of the Day 1 highlights.

KubeCon + CloudNativeCon North America 2017 is underway this week in Austin, and the CoreOS team is on the scene to participate. As a Diamond Sponsor of this year's event, we couldn't be more thrilled with the turnout of attendees and their vibrant energy.

Tectonic 1.8 logo image

 

Today we're happy to announce that Tectonic 1.8, the forthcoming release of our world-class enterprise Kubernetes platform, will ship with a catalog of industry-first Open Cloud Services. Open Cloud Services enable enterprises to deploy key infrastructure components with the ease and efficiency they've come to expect from public cloud providers, while avoiding cloud provider lock-in.

CoreOS recognized early on that orchestration would be the catalyst to launch containerized infrastructure into the mainstream. It's a tribute to the entire Kubernetes community that large enterprises already have Kubernetes clusters in production, and the roster keeps growing. So what do we see in the Kubernetes ecosystem's future as 2017 draws to a close? The CoreOS crystal ball reveals a few likely directions for the New Year.

CoreOS was founded with the mission of securing the internet, and containerized infrastructure is a big part of how we’re achieving that aim. That’s why we were gratified to see the new guidance on application container security issued by the National Institute of Standards and Technology (NIST). In many ways, the report affirms the core principles upon which CoreOS was founded.

Subscribe to CoreOS Blog