This post discusses the use of service meshes in Kubernetes and the challenges they pose in enforcing Pod security. It introduces Kyverno as a solution to this problem and provides a preview of the enhancements coming in Kyverno 1.12 to make security service meshes easier.
Table of contents
IntroductionCNI PluginThe Crux of the ProblemPolicies in KyvernoEnhancements in 1.12ClosingSort: