Gatekeeper is an open source project which lets you enforce policy in a Kubernetes cluster. It’s also the basis for Policy Controller, a hosted and managed version now available for all GKE users. Max Smythe, a senior SWE at Google, is a maintainer of Gatekeeper and the TL of Policy Controller. He joins us to talk constraints, config and Cruise.
Do you have something cool to share? Some questions? Let us know:

web: kubernetespodcast.com
mail: kubernetespodcast@google.com
twitter: @kubernetespod

Chatter of the week

England loses Euro 2020 final
It’s Coming Ohm: prediction on power usage
Half time power spike
Top 20 spikes

The Thorn Birds


The Superbowl Flush - debunked!
Tokyo Olympic Games Opening Ceremonies
Hedbanz

News of the week

APIs being removed in Kubernetes 1.22
ContainIQ launches
Postgres Operator 5.0
NetworkServiceMesh 1.0.0
Google Cloud Certificate Authority Service GA and cert-manager integration
Platform9 Managed KubeVirt
InsightCloudSec from Rapid7
Sophos acquires Capsul8
Spring 2021 graduating class from CNCF-sponsored LFX Mentorship program

Links from the interview

Brian May
Edge of Tomorrow

The redemption thereof


Chubby
Riak
Gatekeeper
Anthos Config Management

Config Sync
Policy Controller


Episode 101, with Tim Hinrichs and Torin Sandall
PodSecurityPolicy is not going GA

SIG Auth’s replacement proposal
Using ACM constraints to enforce Pod security


OPA Constraint framework
Policy Controller:

Creating constraints
Writing a constraint template


Structural schemas
Design Patterns for Extendable, Scalable K8s Extensions by Rita Zhang and Max Smythe
Max Smythe on Twitter