Kubernetes' new version - version 1.25 - will be released on Tuesday 23rd August 2022, and it comes with 40 new enhancements in various areas and numerous bug fixes. This blog will focus on the highlighted changes from each special interest group (SIG) in the upcoming release and ensure you are confident before upgrading your clusters.

New exciting Kubescape features have recently landed - Code repository scanning & Container image registry scanning! By enhancing Kubescape's security posture capabilities, you will be able to embed security even earlier in the SDLC (Software Development Lifecycle) and in a broader range of places in your CI/CD pipeline.

Despite being a large open-source and complex project, Kubernetes keeps on evolving at an impressive pace. Being at the center of various platforms and solutions, the biggest challenge for the Kubernetes project is to remain vendor-neutral. This is the reason the community has come up with Kubernetes Gateway API.

Kubernetes is the de-facto container management platform of today and the future. It has increased the scalability and flexibility of applications and eliminated vendor lock-in. Kubernetes also brings a lot of security native features; however, with security, the devil is always in the details. By default, the security of cloud services, applications, and infrastructure is not in the scope of Kubernetes. This does not mean that running Kubernetes is destructive and makes your applications vulnerable.

Kubernetes leverages various deployment objects to simplify the provisioning of resources and configuration of workloads running in containers. These objects include ReplicaSets, lSets, Sets, and Deployments. A pod is the smallest deployment unit in Kubernetes that usually represents one instance of the containerized application.

Kubescape is a Kubernetes open-source platform providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer, and image vulnerabilities scanning.

Recent research by Cyble showed that over 900,000 Kubernetes clusters were found exposed to the internet to potentially malicious scans. Some of them are susceptible to known vulnerabilities exploitations.

With Kubernetes adoption continuing to rise, we've seen multiple studies add to the growing body of research for enterprise K8s deployments this past year. Companies leveraging managed services and packaged platforms drive much of the continued growth in adoption. An annual study conducted by the Cloud Native Computing Foundation (CNCF) found that 96% of organizations surveyed are either using or evaluating K8s currently.

Ingress aims to simplify the way you create access to your Kubernetes services by leveraging traffic routing rules that are defined during the creation of the Ingress resource. This ultimately allows you to expose HTTP and HTTPS from outside the Kubernetes cluster so you no longer need to expose each service separately—something that can be expensive and tedious as an application scales, resulting in an increase in services.

Kubernetes Admission Controller is an advanced plugin for gating and governing the configuration changes and workload deployment in a cluster. Admission Controller enables DevOps and Security personnel to enforce deployment requirements and restrictions in the cluster upon every workload start and any configuration change. Think of an Admission Controller as an Advanced Resource manager with a shield.