This week brought a lot of Kubernetes related work which is always interesting. There are so many way of doing things so I had to keep my thinking cap on.
Kubernetes security is really a world of it’s own, especially when used to deliver on premise solutions. As far as the customer is concerned, you are responsible for the security of this black box.
It is easy to underestimate the work, but if you are just starting to secure your kubernetes deployment, here is a partial list of th
- Network Polices
- Docker Images
- Runtime security (Aqua / Twistlock)
The first article that I shared is an interesting use case for a company that runs multiple Kubernetes clusters with multiple tenants. It’s part of a series that I recommend reading as it gives a nice overview of some of the above topics.
If you are planning on using the Hashicorp Vault at one point, then the second link is useful for understanding the unseal process.