Skip to main content

A recent information disclosure vulnerability (CVE-2018-5256) was found and addressed in Tectonic, which affects versions 1.7 through 1.8. Unauthenticated users were able to list all Namespaces through the Console. In 1.8, which finalized the transition from Third Party Resources (TPRs) to Custom Resource Definitions (CRDs), the ability to list all CRDs was affected by the same bug. The intention of this API endpoint is to enable listing all namespaces by logged-in users.

Vault logo In this first post in a series examining our new Open Cloud Services, we'll take a deeper dive into the Vault secrets management solution and how the Vault Open Cloud Service can help solve some of the thornier challenges of developing and deploying distributed applications.

Tectonic 1.8 logo image

Today we're proud to announce Tectonic 1.8, the latest release of our enterprise-ready Kubernetes platform, is now available. This version, which we announced ahead of KubeCon + CloudNativeCon North America earlier this month, is the first to ship with a catalog of industry-first Open Cloud Services that enable users to deploy key infrastructure components with the ease of managed cloud vendor offerings but without cloud vendor lock-in.

Illustration: CoreOS and Kubernetes

 

Kubernetes is the highest velocity cloud-related open source project, and its pace of development isn't slowing down. This week the project will ship Kubernetes 1.9, its latest release, coming three months after Kubernetes 1.8. The new version includes a number of updates, fixes, and new features, as you can see in the release notes. Many of these changes are "under the hood," however – so rather than diving into a feature checklist here, it's worth looking at the overarching goals driving the next phase of Kubernetes development.

It was a jam-packed and eventful week at KubeCon + CloudNativeCon North America 2017 last week. In all, 4,100 attendees descended on Austin to talk all things Kubernetes and cloud-native, and CoreOS was front and center as a Diamond Sponsor of the event. Check out our blog post from Wednesday where we recap some of the Day 1 highlights.

KubeCon + CloudNativeCon North America 2017 is underway this week in Austin, and the CoreOS team is on the scene to participate. As a Diamond Sponsor of this year's event, we couldn't be more thrilled with the turnout of attendees and their vibrant energy.

Tectonic 1.8 logo image

 

Today we're happy to announce that Tectonic 1.8, the forthcoming release of our world-class enterprise Kubernetes platform, will ship with a catalog of industry-first Open Cloud Services. Open Cloud Services enable enterprises to deploy key infrastructure components with the ease and efficiency they've come to expect from public cloud providers, while avoiding cloud provider lock-in.

CoreOS recognized early on that orchestration would be the catalyst to launch containerized infrastructure into the mainstream. It's a tribute to the entire Kubernetes community that large enterprises already have Kubernetes clusters in production, and the roster keeps growing. So what do we see in the Kubernetes ecosystem's future as 2017 draws to a close? The CoreOS crystal ball reveals a few likely directions for the New Year.

CoreOS was founded with the mission of securing the internet, and containerized infrastructure is a big part of how we’re achieving that aim. That’s why we were gratified to see the new guidance on application container security issued by the National Institute of Standards and Technology (NIST). In many ways, the report affirms the core principles upon which CoreOS was founded.

CoreOS Tectonic is Certified Kubernetes

 

Today CoreOS is pleased to announce that CoreOS Tectonic, our enterprise-ready Kubernetes platform, has passed the software conformance tests administered by the Cloud Native Computing Foundation (CNCF) to become one of the first fully Certified Kubernetes offerings on the market.

Subscribe to CoreOS Blog