Skip to content

G
gitlab-ce
Commit 08874424 authored by Suzanne Selhorn's avatar Suzanne Selhorn
Browse files
Options

Merge branch 'docs-cns-chs-notes' into 'master' 

Add K8s certificate deprecation notes to CNS and CHS docs

See merge request gitlab-org/gitlab!74563
parents 32fe1691 60de6f45
Hide whitespace changes
Inline Side-by-side
Showing with 12 additions and 0 deletions
doc/user/project/clusters/protect/container_host_security/index.md
View file @ 08874424
...@@ -6,6 +6,12 @@ info: To determine the technical writer assigned to the Stage/Group associated w ...@@ -6,6 +6,12 @@ info: To determine the technical writer assigned to the Stage/Group associated w
# Container Host Security **(FREE)** # Container Host Security **(FREE)**
NOTE:
In GitLab 14.5, using a certificate to connect GitLab to a Kubernetes cluster is [deprecated](https://gitlab.com/groups/gitlab-org/configure/-/epics/8).
You can continue using Container Host Security, even though it relies on this certificate-based
method. The work to allow all aspects of Container Host Security to function through the [GitLab Kubernetes Agent](../../../../clusters/agent/index.md)
instead of the certificate-based method can be tracked [in this GitLab issue](https://gitlab.com/gitlab-org/gitlab/-/issues/299350).
Container Host Security in GitLab provides Intrusion Detection and Prevention capabilities that can Container Host Security in GitLab provides Intrusion Detection and Prevention capabilities that can
monitor and (optionally) block activity inside the containers themselves. This is done by leveraging monitor and (optionally) block activity inside the containers themselves. This is done by leveraging
an integration with Falco to provide the monitoring capabilities and an integration with Pod an integration with Falco to provide the monitoring capabilities and an integration with Pod
......
doc/user/project/clusters/protect/container_network_security/index.md
View file @ 08874424
...@@ -6,6 +6,12 @@ info: To determine the technical writer assigned to the Stage/Group associated w ...@@ -6,6 +6,12 @@ info: To determine the technical writer assigned to the Stage/Group associated w
# Container Network Security **(FREE)** # Container Network Security **(FREE)**
NOTE:
In GitLab 14.5, using a certificate to connect GitLab to a Kubernetes cluster is [deprecated](https://gitlab.com/groups/gitlab-org/configure/-/epics/8).
You can continue using Container Network Security, even though it relies on this certificate-based
method. The work to allow all aspects of Container Network Security to function through the [GitLab Kubernetes Agent](../../../../clusters/agent/index.md)
instead of the certificate-based method can be tracked [in this GitLab issue](https://gitlab.com/gitlab-org/gitlab/-/issues/299350) and [this GitLab Epic](https://gitlab.com/groups/gitlab-org/-/epics/7057).
Container Network Security in GitLab provides basic firewall functionality by leveraging Cilium Container Network Security in GitLab provides basic firewall functionality by leveraging Cilium
NetworkPolicies to filter traffic going in and out of the cluster as well as traffic between pods NetworkPolicies to filter traffic going in and out of the cluster as well as traffic between pods
inside the cluster. Container Network Security can be used to enforce L3, L4, and L7 policies and inside the cluster. Container Network Security can be used to enforce L3, L4, and L7 policies and
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7