20. 20
Fault-tolerance for
masters, workers,
and etcd nodes
Auto-scaling of
masters, workers,
and etcd nodes
Routine health
checks and self-
healing of cluster
LCM includes rolling
upgrades to ensure
workload uptime &
application of CVEs
ScalingHigh Availability Health Checks
& Healing
Lifecycle
Management
“It's good knowin' he's out there. The Dude”
Harbor can provide a necessary layer in detection of CVE’s. In the layers presented in the slide:
Hypervisor vulnerability scanning & patches are provided by VMware
VM vulnerability scanning & patches of stemcells are provided by Pivotal & VMware
Container Image vulnerability scanning is provided by Harbor, allowing patch resolution to occur before images are deployed into production
If CVEs are patched at any layer above Worker, simply ‘rebuild or restart’ the containers
Hypervisor CVE rarely cause container downtime
Harbor can provide a necessary layer in detection of CVE’s. In the layers presented in the slide:
Hypervisor vulnerability scanning & patches are provided by VMware
VM vulnerability scanning & patches of stemcells are provided by Pivotal & VMware
Container Image vulnerability scanning is provided by Harbor, allowing patch resolution to occur before images are deployed into production
If CVEs are patched at any layer above Worker, simply ‘rebuild or restart’ the containers
Hypervisor CVE rarely cause container downtime
Harbor can provide a necessary layer in detection of CVE’s. In the layers presented in the slide:
Hypervisor vulnerability scanning & patches are provided by VMware
VM vulnerability scanning & patches of stemcells are provided by Pivotal & VMware
Container Image vulnerability scanning is provided by Harbor, allowing patch resolution to occur before images are deployed into production
If CVEs are patched at any layer above Worker, simply ‘rebuild or restart’ the containers
Hypervisor CVE rarely cause container downtime