Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Kubernetes

You're reading from   Mastering Kubernetes Large scale container deployment and management

Arrow left icon
Product type Paperback
Published in May 2017
Publisher Packt
ISBN-13 9781786461001
Length 426 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Gigi Sayfan Gigi Sayfan
Author Profile Icon Gigi Sayfan
Gigi Sayfan
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Understanding Kubernetes Architecture FREE CHAPTER 2. Creating Kubernetes Clusters 3. Monitoring, Logging, and Troubleshooting 4. High Availability and Reliability 5. Configuring Kubernetes Security, Limits, and Accounts 6. Using Critical Kubernetes Resources 7. Handling Kubernetes Storage 8. Running Stateful Applications with Kubernetes 9. Rolling Updates, Scalability, and Quotas 10. Advanced Kubernetes Networking 11. Running Kubernetes on Multiple Clouds and Cluster Federation 12. Customizing Kubernetes - API and Plugins 13. Handling the Kubernetes Package Manager 14. The Future of Kubernetes Index

Hardening Kubernetes


The previous section cataloged and listed the variety of security challenges facing developers and administrators deploying and maintaining Kubernetes clusters. In this section, we will hone in on the design aspects, mechanisms, and features offered by Kubernetes to address some of the challenges. You can get to a pretty good state of security by judicious use of capabilities such as service accounts, network policies, authentication, authorization, AppArmor, and secrets.

Remember that a Kubernetes cluster is one part of a bigger system that includes other software systems, people, and processes. Kubernetes can't solve all problems. You should always keep in mind general security principles, such as defense in depth, need-to-know basis, and principle of least privilege. In addition, log everything you think may be useful in the event of an attack and have alerts for early detection when the system deviates from its state. It may be just a bug or it may be an attack. Either...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image