Announcements
April is Volunteer Appreciation Month! We want to thank all of our
volunteers for all the hard work they do! Join us in celebrating!
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Newcomer III

Kube Cluster and Container security

How are folk auditing and securing kubernetes clusters and containers in general??

 

I have struggled to get kube-bench to run in fully containerized control planes such as rancher and openshift.

4 Replies
Highlighted
Newcomer III

Re: Kube Cluster and Container security

Wow that's a lot of people not using docker and kubernetes or using them out of the box with defaults.
Viewer II

Re: Kube Cluster and Container security

As with the growth of the use of docker/containers this sounds to me as an interesting topic. 

 

Can we come up with an suggested audit procedure?

Newcomer III

Re: Kube Cluster and Container security

I don't have an answer at this point, I start with CIS baselines as rule of thumb to cover hardening aspects.
Community Champion

Re: Kube Cluster and Container security

Hunting around: 

 

https://kubernetes.io/docs/tasks/debug-application-cluster/audit/

 

https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/

 

https://kubernetes.io/docs/concepts/policy/pod-security-policy/

 

I agree, understand the technology, the Pod Security; Container security and then Kubernetes.

 

This looks like fun.

 

Regards

 

Caute_cautim