-
Notifications
You must be signed in to change notification settings - Fork 350
Release Notes
Nandhini A edited this page Aug 17, 2021
·
5 revisions
We are pleased to release v1.1.
- Minikube
- Amazon Elastic Kubernetes Service (EKS), Azure Kubernetes Service (AKS)
- SELinux (systemd version only)
-
KubeArmorPolicy
- Add a new field "apparmor" to apply native AppArmor profiles using KubeArmorPolicy
- Add a new field "selinux -> volumeMounts" to control the access of mounted volumes using SELinux
-
KubeArmorHostPolicy
- Provide security policies to restrict host resource (e.g., processes and files in hosts)
-
Audit Mode
-
Provide the audit mode if no LSM is enabled in hosts, auditing the behavior of containers based on given policies
-
In the audit mode, actions are changed as follows:
Allow -> Audit (Allow) Audit -> Audit Block -> Audit (Block)
-
-
gRPC Client
- Provide the kubearmor-mysql-client (https://github.com/kubearmor/kubearmor-mysql-client)
- Provide the kubearmor-kafka-client (https://github.com/kubearmor/kubearmor-kafka-client)
-
Telemetry
- Provide telemetry data to monitoring systems (https://github.com/kubearmor/kubearmor-prometheus-exporter)
We are pleased to release KubeArmor v1.0.
- Self-managed Kubernetes, MicroK8s
- Google Kubernetes Engine (GKE)
- Docker
- Containerd
- AppArmor
- System Monitor - Monitor container behaviors at the system level
- AppArmor Enforcer - Enforce security policies against process executions, file accesses, network operations, and capabilities permitted
- Logger - Produce container-aware alerts and system logs and write them into standard output, log file, and gRPC
- gRPC Client - Provide the kubearmor-log-client (https://github.com/kubearmor/kubearmor-log-client)
- Relay Server - Provide a common interface across all KubeArmor daemons