|

Immutable Runtime Containers – Kubernetes Security Hardening

In my other posts under Kubernetes Security Hardening (Guides > Kubernetes Security Hardening), we have talked about securing Kubernetes environment by securing the supply chain i.e. docker images, pods, etc. In this post, we will talk about runtime security. What is Immutable Container? By Immutable container, we mean that container cannot be modified during its…

|

Open Policy Agent (OPA) Gatekeeper – Kubernetes Security Hardening

In addition to having secure images and secure PODS and encrypted POD to POD communication (Check my other blogs under Guides > Kubernetes Security Hardening), we need a policy based control over the cluster. The few policy based control are listed below to give an idea about policy based control Allow images from certain image…

|

Secure POD to POD communication – Kubernetes Security Hardening

You can create secure docker images and deploy your pods securely as per below blog posts respectively: Secure Docker Images: https://idlbuzz.com/kubernetes-security-hardening-secure-docker-images/ Secure Pods: https://idlbuzz.com/deploying-secure-pods-kubernetes-security-hardening/ But we still may have security issues if POD to POD communication is not secure. By default POD to POD communication is over http and not encrypted. How to encrypt POD…

|

Deploying Secure Pods – Kubernetes Security Hardening

We created secure docker images in blog post https://idlbuzz.com/kubernetes-security-hardening-secure-docker-images/ Now we will look into how to deploy secure Pods to a Kubernetes cluster. What is a secure Pod? We need to make sure certain steps are taken to ensure the Pod we are deploying are secure. If we do not then Pods we are deploying…

|

Building Secure Docker Images – Kubernetes Security Hardening

A secure Kubernetes cluster is the prime focus of DevOps due to so many cyber threats out there. Since Kubernetes is pluggable and very configurable and flexible it also makes it more prone to security issues left unattended. A very secure Kubernetes cluster is still insecure, if the docker images we are deploying to it…