If you haven’t been living under a rock, you have heard about Meltdown and Spectre, two really nasty hardware bugs, affecting many if not all modern (desktop and server) CPUs.

So, when reading up on those two fellas I was asking myself: how do they impact a Kubernetes cluster and/or apps running on it? Given there’s an example C source code available for Spectre, what would be easier to put it into a container like so:

And then run it in Kubernetes, for example, using:

$ kubectl run spectre \

--image=quay.io/mhausenblas/spectre:0.1 \

--restart=Never

Turns out that works. Checking the logs with:

$ kubectl logs spectre

That’s it!

Well, 2018 certainly started, erm, very interesting. We’ll have a lot of work in front of us—I’ve seen first issues being worked on—and for now the best we can do is not to pull random images from untrusted registries and run in our clusters, but I suppose you knew this already and (hopefully) don’t do it anyway.