cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kempy
Newcomer III

Kube Cluster and Container security

How are folk auditing and securing kubernetes clusters and containers in general??

 

I have struggled to get kube-bench to run in fully containerized control planes such as rancher and openshift.

4 Replies
Kempy
Newcomer III

Wow that's a lot of people not using docker and kubernetes or using them out of the box with defaults.
leersums
Viewer II

As with the growth of the use of docker/containers this sounds to me as an interesting topic. 

 

Can we come up with an suggested audit procedure?

Kempy
Newcomer III

I don't have an answer at this point, I start with CIS baselines as rule of thumb to cover hardening aspects.
Caute_cautim
Community Champion

Hunting around: 

 

https://kubernetes.io/docs/tasks/debug-application-cluster/audit/

 

https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/

 

https://kubernetes.io/docs/concepts/policy/pod-security-policy/

 

I agree, understand the technology, the Pod Security; Container security and then Kubernetes.

 

This looks like fun.

 

Regards

 

Caute_cautim