Kyverno Introduction And Overview

Kubernetes policy engine Kubernos can help with validation, mutation, and generation of rules in a Kubernetes cluster, as well as provide image verification and cost control. It can also automate tasks and set expectations for others.

• Kubernos is a policy engine for Kubernetes that can validate, mutate, and generate rules in a cluster
• It provides image verification and generates reports on violations
• Kubernos can help with cost control and automation
• It can set expectations for others and save time
• Real-life use cases include blocking bad pod requests and creating fine-grained RBAC

Kubernos can help block bad pod requests and create fine-grained RBAC, as demonstrated in a conference presentation where a bad pod was deployed using Cube cuddle and access was gained to the host. Kubernos can also help with cost control by tracking cloud resources and generating costs based on tagging.

Kyverno is a Kubernetes-native policy engine which allows for validation, mutation, generation, and software supply chain security use cases all without requiring knowledge of a programming language. In this session, we will introduce you to Kyverno and explain and demonstrate in detail all of its capabilities. We will also share future roadmap plans, how you can get involved in the community, and provide all the resources you need to start solving your use cases. Kyverno was accepted as a CNCF Incubation project in June 2022.