Gatekeeper is a popular open-source tool for Kubernetes that enforces policies on resources in a cluster. The tool has undergone significant improvements, including a reduction in memory usage and the addition of external data and Gator CLI features.
- Gatekeeper is an open-source tool for Kubernetes that enforces policies on resources in a cluster
- Significant improvements have been made to Gatekeeper, including a 20x reduction in memory usage
- New features include external data and Gator CLI
- Gatekeeper is commonly used in service meshes like Istio
One of the new features of Gatekeeper is external data, which allows for communication with external systems in a more secure and constrained way than HTTP.send. This feature can be used to integrate with LDAP, limit changes to specific fields on resources, and even auto-label resources with team metadata using the mutation feature. Another improvement is the Gator CLI, which allows for unit tests on templates and constraints, as well as validation of specific messages sent by regular policies. Gatekeeper is commonly used in service meshes like Istio.