Kontena’s blog on ht topic of Kubernetes security. One of the trickiest parts in setting up a proper Kubernetes cluster is making it secure. There are numerous communication paths that must be secured.
In this article we focus on locking down the worker nodes in the cluster. In practice this means locking down kubelet and the various “sidekick” services it uses on the nodes. NIST (National Institute of Standards and Technology) has also developed a guide for securing your container based application environment.
The article then deals with:
- Securing kubelet and its sidekicks
- Setting up kubelet
- Securing 3rd party cluster components
- Securing the worker nodes
- Tools for ensuring security on Kubernetes clusters
The authors strongly advise you to use these tools as part of the validation process of any Kubernetes cluster setup. Also see the links to further reading and resources in the post. Great read!
[Read More]