13. Runtime and Network Security in Kubernetes

Overview

In this chapter, we will look at various resources that we can use to secure workloads running in our cluster. We will also understand a rough threat model and apply it to architect a secure cluster so that we can defend our cluster and application against various types of threats. By the end of this chapter, you will be able to create Role and ClusterRole, as well as RoleBinding and ClusterRoleBinding to control the access of any process or user to the Kubernetes API server and objects. Then, you will learn how to create a NetworkPolicy to restrict communication between your application and the database. You will also learn how to create a PodSecurityPolicy to ensure that the running ...

Get The Kubernetes Workshop now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.