Kubernetes deployments have opened up a new set of infrastructure security concerns for development and operations teams. This page gathers resources about things you need to know about securing your Kubernetes infrastructure.
Table of Contents:
Below we have compiled publicly available sources from around the world that present views on Kubernetes Security Best Practices .
Best Practices for Running Containers and Kubernetes in Production Covering security, governance, monitoring, storage, networking, container life cycle management and container orchestration.
Installing Kubernetes — There are many ways to install Kubernetes Guide and the obvious starting point is the setup section, but the installation process can sometimes be a challenge. This page gathers resources about how to install Kubernetes on various environments like Ubuntu, Windows and CentOS.
Kubernetes Configuration — Kubernetes Guide reads YAML files to configure services, pods and replication controllers.This page gathers resources about working with the Kubernetes configuration to deploy containers.
Kubernetes Monitoring — Monitoring Kubernetes effectively requires to rethink and reorient all monitoring strategies, especially if using traditional hosts such as VMs or physical machines. This page gathers resources about how to monitor Kubernetes cluster with tools like Prometheus and Datadog.
Kubernetes Debugging and Troubleshooting — This page gathers resources about how to troubleshoot problems that arise when creating and managing Kubernetes Guide pods, replication controllers, services, and containers.
Kubernetes Load Balancing — Load balancing is a relatively straightforward task in many non-container environments, but it involves a bit of special handling when it comes to containers. There are two different types of load balancing in Kubernetes - Internal load balancing across containers of the same type using a label, and external load balancing. This page gathers resources about how to configure and use the Kubernetes load balancer feature.
Kubernetes Security — Kubernetes Guide provides many controls that can improve application security. Configuring them requires intimate knowledge with Kubernetes and the deployment’s security requirements. This page gathers resources about security best practices for Kubernetes, including best practices for deployment, sharing data and network security.
Kubernetes Networking — Kubernetes does not provide any default network implementation, rather it only defines the model and leaves to other tools to implement it. There are many implementations nowadays like Flannel, Calico and Weave. This page gathers resources about how to set up highly available networked Kubernetes clusters.
Kubernetes Storage Management — Storage is a critical part of running stateful containers, and Kubernetes offers powerful primitives for managing it. This page gathers resources about managing Kubernetes storage options and how to provision storage in Kubernetes.
Kubernetes in Production — The default configurations for Kubernetes Guide components are not designed for heavy and dynamic production workloads, characteristic of DevOps environments and micro-services based application deployments where containers are quickly created and destroyed. This page gathers resources about how to create a production-ready Kubernetes cluster, including examples and tutorials.
Working with Kubernetes Ingress — Kubernetes ingress is a collection of routing rules that govern how external users access services running in a Kubernetes cluster. This page will introduce general strategies in Kubernetes for ingress, tutorials on how to build and troubleshoot Kubernetes Ingress controller and more.
Kubernetes Security Best Practices — Kubernetes deployments have opened up a new set of infrastructure security https://blog.aquasec.com/managing-kubernetes-secretsconcerns for development and operations teams. This page gathers resources about things you need to know about securing your Kubernetes infrastructure.
Managing Kubernetes with Kops and Kubeadm — Kops and Kubeadm is an official Kubernetes project for managing production-grade Kubernetes clusters. This Page gathers resources about Kops and Kubeadm basics and tutorials, including how to deploy Kubernetes on AWS.
Kubernetes Secrets — Kubernetes Secrets https://blog.aquasec.com/managing-kubernetes-secrets are objects used to control access within the Kubernetes container-orchestration system. This page gathers resources about the nature of Kubernetes Secrets, how you can use them, and related tools and products.
Kubernetes Autoscaling — Kubernetes Autoscaling is a feature for scaling nodes and pods in a Kubernetes Cluster. Autoscaling tools include Cluster Autoscaler and Horizontal Pod Autoscaler (HPA). While the scaling is automated, setting it up requires human involvement. This page gathers resources about autoscaling in Kubernetes.
Kubernetes ConfigMap — The ConfigMap API resource provides mechanisms to inject containers with configuration data while keeping containers agnostic of Kubernetes. ConfigMap can be used to store fine-grained information like individual properties or coarse-grained information like entire config files or JSON blobs. This page gather resources about Kubrenetes ConfigMap and how to create and use it.