14 Nodes and Kubernetes security

This chapter covers

Node hardening and Pod manifest
API server security, including RBAC
User authentications and authorization
The Open Policy Agent (OPA)
Multi-tenancy in Kubernetes

We just wrapped up securing the Pod in the previous chapter; now we’ll cover securing the Kubernetes node. In this chapter, we’ll include more information about node security as it relates to possible attacks on nodes and Pods, and we’ll provide full examples with a number of configurations.

14.1 Node security

Securing a node in Kubernetes is analogous to securing any other VM or data center server. We’ll cover Transport Layer Security (TLS) certificates to start. These certificates allow for securing nodes, but we’ll also look ...

Get Core Kubernetes now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Core Kubernetes by Jay Vyas, Christopher Love

14 Nodes and Kubernetes security

14.1 Node security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly