All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Kloak: An eBPF-Based HTTPS Secret Interceptor for Kubernetes

By

neo2006

1mo ago· 1 min readen
Bagel score 38 of 100
38/100
Stale
Bagelometer

The kind of bagel you'd toss to the pigeons.

Score38Typepress releaseSentimentpositive

Summary

Kloak is a Kubernetes-native tool that uses eBPF technology to intercept and replace secrets at the network edge, enabling secure secret management without requiring application code changes or sidecar containers. It operates in kernel space for zero latency impact, redirecting HTTPS traffic to replace real credentials with temporary ones, thereby eliminating accidental exposure of sensitive data.

Key quotes

· 3 pulled
Secrets are replaced at the network edge. Your application code never sees real credentials, eliminating accidental exposure.
eBPF-powered traffic redirection happens in kernel space, adding negligible overhead to your requests.
Secure secret management without application changes or sidecars.
Snippet from the RSS feed
Kloak - Kubernetes eBPF Secret Interceptor for HTTPS. Secure secret management without application changes or sidecars.

You might also wanna read

Copy Fail (CVE-2026-31431): A Linux Kernel Vulnerability Enabling Container Escape to Host Root on Kubernetes

Two weeks ago, the vulnerability Copy Fail (CVE-2026-31431) was disclosed — a dangerous Linux local-privilege escalation vulnerability that

xint.io·12d ago

Debugging etcd Crashes: How Slow Storage Causes Pod CrashLoopBackOff in Kubernetes

The article details a debugging story where an etcd cluster experienced crashes in a cloud-edge continuum testbed setup for a computer visio

nubificus.co.uk·3mo ago

Renovate Operator: Kubernetes-Native Tool for Automated Dependency Updates

The article introduces the Renovate Operator, a Kubernetes-native solution for running Renovate (a dependency update tool) on self-hosted in

github.com·3mo ago

Implementing Kubernetes Egress Traffic Control with Squid Proxy

This technical article explains how to implement Kubernetes egress control using Squid proxy as a lightweight alternative to more complex so

interlaye.red·5mo ago

Chart Preview: Automated Preview Environments for Helm Charts on Pull Requests

A software engineer who became the Kubernetes expert on their team created Chart Preview, a tool that automatically generates preview enviro

news.ycombinator.com·5mo ago

Kubernetes Announces Retirement of Ingress NGINX with March 2026 End-of-Life

Kubernetes SIG Network and the Security Response Committee are announcing the retirement of Ingress NGINX, with best-effort maintenance cont

kubernetes.dev·6mo ago