Versions Compared

Old Version 15

changes.mady.by.user Sridhar Rao

Saved on

compared with

New Version 16

changes.mady.by.user Adarsh Yadav

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Sl. No. TaskResponsibleStatus
1

Add differentiator (flag/variable/api-value) to the framework for Kubernetes. This differentiator decides the list*

Parth YadavIn Progress
25. Observability Pods - Status,Parth InamdarYet to test.
3

Security: 

1. Check if any of the containers are running in privileged mode?
2. Check if any host directories are mounted as volumes?
3. Check if host network namespace is used or not?
4. Check for NET_ADMIN and NET_RAW capabilities. Use capable tool?

12. No Access to Kubernetes API/Mgmt from the CNF.

Parth Inamdar

Option to use capable tool – http://www.brendangregg.com/blog/2016-10-01/linux-bcc-security-capabilities.html


Option 2:  Create a Test-Pod 

Ex: Test-Pod tries to do all the 5.

4

Policy:

6. CPU manager - policy configuration.
7. Topology manager - policy

15. List of CNIs/Device plugins.



  1. Use Kubelet command on any worker to know the current configuration - and use this to validate. 

2. Test Pod-Definition.

Play with these two keys: requests and limits

5

Networking:

8. Traffic over main CNI?
9. Use of service mesh?
10. Approach used for Ingress/Egress Traffic




6

Virtualization (VMs in K8S).

14. Kubevirt support.




7

VNF/CNF Packaging

11. Helm V3 support



Any Sample Helm V3 CNF package - download and test.
8

Stability:

13. Liveliness, Readiness startup probes -- recovery from failures.

Adarsh Yadav


01-August-2021 - 30-August 2021 : Improving the SDV architecture (Buffer for Post-Deployment Validation)

...