BoxBoat Blog

Service updates, customer stories, and tips and tricks for effective DevOps

Author: Mike Mj Johnson

Kubernetes Training Fundamentals - Module 1 - Intro to Containers and Docker

Kubernetes Training Fundamentals - Module 1 - Intro to Containers and Docker

by Mike 'MJ' Johnson | Thursday, Dec 13, 2018 | Docker Kubernetes

This series is intended to be a introductory look into Kubernetes. If your organization is interested in custom training around your infrastructure, please reach out to us at BoxBoat. We are both a Docker and Linux Foundation training partner and can provide onsite corporate training on Docker and Kubernetes. Welcome to the first post in the BoxBoat Kubernetes Training Fundamentals course. We designed a blog and video series to get you familiar with the core tenants of Kubernetes and Docker container orchestration.

Kubernetes Vulnerability - CVE-2018-1002105

Kubernetes Vulnerability - CVE-2018-1002105

by Mike 'MJ' Johnson Cole Kennedy | Tuesday, Dec 4, 2018 | News

With the popularity of Kubernetes, there is always potential for security vulnerabilities to be uncovered. And well, this one is a doozy. What is it? The Kubernetes team just released a fix for CVE-2018-1002105 which allowed for anyone with API access (privileged or not) to use a specifically crafted request to obtain privilege escalation and take control of your Kubernetes cluster. Ouch. From the CVE: “With a specially crafted request, users that are authorized to establish a connection through the Kubernetes API server to a backend server can then send arbitrary requests over the same connection directly to that backend, authenticated with the Kubernetes API server’s TLS credentials used to establish the backend connection.