Chapter 11. Policy and Governance for Your Cluster
Have you ever wondered how you might ensure that all containers running on a cluster come only from an approved container registry? Or maybe you’ve been asked by the security team to enforce a policy that services are never exposed to the internet. These are precisely the challenges that policy and governance for your cluster set out to address. As Kubernetes continues to mature and becomes adopted by more enterprises, the question of how to apply policy and governance to Kubernetes resources is increasing in frequency. In this chapter we share what you can do and the tools to use to make sure that your cluster is in compliance with the defined policies, whether you work at a startup or an enterprise.
Why Policy and Governance Are Important
Whether you operate in a highly regulated environment—for example, health care or financial services—or you simply want to make sure that you maintain a level of control over what’s running on your clusters, you’re going to need a way to implement the company-specific policies. Once your policy is defined, you will need to determine how to implement it and maintain clusters that are compliant to these policies. These policies may be required to meet regulatory compliance or simply to enforce best practices. Whatever the reason, you must be sure that you do not sacrifice developer agility and self-service when implementing these policies.
How Is This Policy Different?
In Kubernetes, policy ...
Get Kubernetes Best Practices, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
