Red Hat Announces New Ways to Protect and Streamline Kubernetes Processes

Red Hat has introduced the open source StackRox community as well as the Konveyor open source  project, targeted at  helping in Kubernetes adoption.

Kubernetes is a portable, extensible, open source platform for managing containerized workloads and services, that facilitates both declarative configuration and automation, and Red Hat OpenShift is Red Hat’s Kubernetes offering for the enterprise.

The announcements about the community and project were made in Red Hat blog posts here and here.

The StackRox community is the upstream project that will work to open source and manage the code that powers Red Hat Advanced Cluster Security for Kubernetes. As security continues to be a critical need for organizations building and running Kubernetes applications, the StackRox community will work toward providing an open source project that gives users greater choice for how they protect their Kubernetes environments.

Once up and running, the StackRox project will enable users to address major security use cases across the application lifecycle, including visibility, vulnerability management, configuration management, network segmentation, compliance, threat detection and incident response, as well as risk profiling. Red Hat also plans to make contributions to open source projects that the StackRox software benefits from and participate as active members of the communities that support those projects. 

Red Hat said the StackRox project will be the code behind the Red Hat Advanced Cluster Security for Kubernetes product and the company expects the project to help drive future product roadmaps. Red Hat Advanced Cluster Security for Kubernetes provides customers using Red Hat OpenShift and supported public cloud Kubernetes services with Kubernetes-native security to enhance the security of infrastructure and workloads throughout the entire application lifecycle.

The StackRox community will also encompass and continue to foster development of KubeLinter, which was released as an open source project in October 2020. KubeLinter is a static analysis tool that gives developers the ability to more check Kubernetes YAML files and Helm charts to identify misconfigurations and enforce security best practices. 

Konveyor, created by Red Hat and IBM Researech, is an open source project aimed at helping to modernize and migrate applications for open hybrid cloud deployment by building tools, identifying patterns and providing advice on how to bring cloud-native transformation across IT. Konveyor also supports a growing number of tools, such as Crane, Forklift, Move2Kube, Tackle, and Pelorus, designed to accelerate Kubernetes adoption.   

According to Red Hat, there are two primary rehosting needs within the Kubernetes community?migrating virtual machines unaltered to Kubernetes, and migrating already containerized applications between Kubernetes clusters. 

KubeVirt allows developers and operations teams to obtain the benefits of Kubernetes orchestration and the surrounding ecosystem without requiring code or configuration changes. The Konveyor subproject Forklift focuses on migrating virtual machines to Kubernetes and provides the ability to migrate virtual machines to KubeVirt with minimal downtime.

The second need of migrating already containerized apps is addressed by the Crane subproject, which concentrates on migrating applications between Kubernetes clusters since there are many times when developer and operations teams want to migrate between older and newer versions of Kubernetes, evacuate a cluster or migrate to different underlying infrastructure.