February 2023
Intermediate
4h 35m
English
Overview
In Video Editions the narrator reads the book while the content, figures, code listings, diagrams, and text appear on the screen. Like an audiobook that you can also watch as a video.
Safely manage your secret information like passwords, keys, and certificates in Kubernetes. This practical guide is full of best practices and methods for adding layers of security that will defend the critical data of your applications.
In Kubernetes Secrets Management you will find:
- Strategies for storing secure assets in Kubernetes
- Cryptographic options and how to apply them in Kubernetes
- Using the HashiCorp Vault server on Kubernetes for secure secrets storage
- Managing security with public cloud providers
- Applying security concepts using tools from the Kubernetes ecosystem
- End-to-end secrets storage from development to operations
- Implementing in Kubernetes in CI/CD systems
Secrets, like database passwords and API keys, are some of the most important data in your application. Kubernetes Secrets Management reveals how to store these sensitive assets in Kubernetes in a way that’s protected against leaks and hacks. You’ll learn the default capabilities of Kubernetes secrets, where they’re lacking, and alternative options to strengthen applications and infrastructure. Discover a security-first mindset that is vital for storing and using secrets correctly, and tools and concepts that will help you manage sensitive assets such as certificates, keys, and key rotation.
About the Technology
Kubernetes relies on passwords, tokens, keys, certificates, and other sensitive information to keep your system secure. But how do you keep these “secrets” safe? In this concise, practical book you’ll learn secrets management techniques that go far beyond the Kubernetes defaults.
About the Book
Kubernetes Secrets Management reveals security best practices and reliable third-party tools for protecting sensitive data in Kubernetes-based systems. In this focused guide, you’ll explore relevant, real-world examples like protecting secrets in a code repository, securing keys with HashiCorp Vault, and adding layers to maintain protection after a breach. Along the way, you’ll pick up secrets management techniques you can use outside Kubernetes, as well.
What's Inside
- Cryptographic options you can apply in Kubernetes
- Managing security with public cloud providers
- Secrets storage, from development to production
- End-to-end Kubernetes secrets management in CI/CD systems
About the Reader
For readers experienced with Kubernetes and CI/CD practices.
About the Authors
Alex Soto is a director of developer experience at Red Hat, a Java Champion since 2007, an international speaker, and a teacher at Salle URL University. Andrew Block is a distinguished architect with Red Hat, and an active member of the open-source community.
Quotes
One of the most important topics left out by all Kubernetes introductions—how to keep secrets secret. This is the best book to understand this complicated topic.
- Tobias Ammann, Ergonomics AG
This book belongs on the shelf of every smart Kubernetes administrator or developer.
- Giuseppe Catalano, Engineering Ingegneria Informatica
Excellent! A must-read resource for security and cloud architects.
- Sameer Wadhwa, Quest Diagnostics
Contains practical examples on how to utilize files or literal strings, package them into secrets, and use an API to construct objects on the cluster server.
- Mihaela Barbu, AC
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Watch now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.