Containers are a lightweight wrapper around application processes. They start quickly and add little overhead to your app because they use the operating system kernel of the machine on which they’re running. That makes them super efficient, but at the cost of strong isolation—containers can be compromised, and a compromised container could provide unrestricted access to the server and to all the other containers running on it. Kubernetes has many features to secure your applications, but none of them are enabled by default. In this chapter, you’ll learn how to use the security controls in Kubernetes and how to set up your cluster so those controls are required for all your ...