Book description
Kubernetes has fundamentally changed the way DevOps teams create, manage, and operate container-based applications, but as with any production process, you can never provide enough security. This practical ebook walks you through Kubernetes security features—including when to use what—and shows you how to augment those features with container image best practices and secure network communication.
Liz Rice from Aqua Security and Michael Hausenblas from Red Hat not only describe practical security techniques for Kubernetes but also maintain an accompanying website. Developers will learn how to build container images with security in mind, and ops folks will pick up techniques for configuring and operating a Kubernetes cluster more securely.
- Explore security concepts including defense in depth, least privilege, and limiting the attack surface
- Safeguard clusters by securing worker nodes and control plane components, such as the API server and the etcd key value store
- Learn how Kubernetes uses authentication and authorization to grant fine-grained access
- Secure container images against known vulnerabilities and abuse by third parties
- Examine security boundaries and policy enforcement features for running containers securely
- Learn about the options for handling secret information such as credentials
- Delve into advanced topics such as monitoring, alerting, and auditing, as well as sandboxing and runtime protection
Table of contents
- Introduction
- 1. Approaching Kubernetes Security
- 2. Securing the Cluster
- 3. Authentication
- 4. Authorization
- 5. Securing Your Container Images
- 6. Running Containers Securely
- 7. Secrets Management
- 8. Advanced Topics
Product information
- Title: Kubernetes Security
- Author(s):
- Release date: November 2018
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781492039068
You might also like
book
Fundamentals of Software Architecture
Salary surveys worldwide regularly place software architect in the top 10 best jobs, yet no real …
book
Monolith to Microservices
How do you detangle a monolithic system and migrate it to a microservice architecture? How do …
book
Head First Design Patterns, 2nd Edition
You know you don’t want to reinvent the wheel, so you look to design patterns—the lessons …
book
Infrastructure as Code, 2nd Edition
Just five years ago, infrastructure as code was a new concept for many companies. Today, even …