|

Immutable Runtime Containers – Kubernetes Security Hardening

In my other posts under Kubernetes Security Hardening (Guides > Kubernetes Security Hardening), we have talked about securing Kubernetes environment by securing the supply chain i.e. docker images, pods, etc. In this post, we will talk about runtime security. What is Immutable Container? By Immutable container, we mean that container cannot be modified during its…

|

Open Policy Agent (OPA) Gatekeeper – Kubernetes Security Hardening

In addition to having secure images and secure PODS and encrypted POD to POD communication (Check my other blogs under Guides > Kubernetes Security Hardening), we need a policy based control over the cluster. The few policy based control are listed below to give an idea about policy based control Allow images from certain image…

|

Secure POD to POD communication – Kubernetes Security Hardening

You can create secure docker images and deploy your pods securely as per below blog posts respectively: Secure Docker Images: https://idlbuzz.com/kubernetes-security-hardening-secure-docker-images/ Secure Pods: https://idlbuzz.com/deploying-secure-pods-kubernetes-security-hardening/ But we still may have security issues if POD to POD communication is not secure. By default POD to POD communication is over http and not encrypted. How to encrypt POD…

|

Deploying Secure Pods – Kubernetes Security Hardening

We created secure docker images in blog post https://idlbuzz.com/kubernetes-security-hardening-secure-docker-images/ Now we will look into how to deploy secure Pods to a Kubernetes cluster. What is a secure Pod? We need to make sure certain steps are taken to ensure the Pod we are deploying are secure. If we do not then Pods we are deploying…

|

Building Secure Docker Images – Kubernetes Security Hardening

A secure Kubernetes cluster is the prime focus of DevOps due to so many cyber threats out there. Since Kubernetes is pluggable and very configurable and flexible it also makes it more prone to security issues left unattended. A very secure Kubernetes cluster is still insecure, if the docker images we are deploying to it…

|

Deploying Applications to Kubernetes with Helm

Kubernetes supports declarative approach to define its resources. This means you can add configuration on Kubernetes resources in yaml files in which basically you define the state of that particular resource and then deploy those files. Imperative vs Declarative Imperative means you use cli commands to create resources. For example, The declarative approach is to…

|

Introduction to Kubernetes – A Beginner’s Guide

Kubernetes or k8s is a very popular and a must know tool for anyone in DevOps. It is a container orchestration tool maintained by CNCF (Cloud Native Computing Foundation). In todays world when all the companies are moving away from monolithic applications and transforming their applications into loosely coupled or decoupled microservices and deploying those…