Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kempy
Newcomer III
‎12-05-2018 10:24 AM
‎12-05-2018 10:24 AM

Kube Cluster and Container security

How are folk auditing and securing kubernetes clusters and containers in general??

 

I have struggled to get kube-bench to run in fully containerized control planes such as rancher and openshift.

Reply
0 Kudos
4 Replies
Kempy
Newcomer III
‎12-07-2018 10:00 AM
‎12-07-2018 10:00 AM

Wow that's a lot of people not using docker and kubernetes or using them out of the box with defaults.
Reply
0 Kudos
leersums
Viewer II
‎01-08-2019 03:43 AM
‎01-08-2019 03:43 AM

As with the growth of the use of docker/containers this sounds to me as an interesting topic. 

 

Can we come up with an suggested audit procedure?

Reply
0 Kudos
Kempy
Newcomer III
‎01-08-2019 03:35 PM
‎01-08-2019 03:35 PM

I don't have an answer at this point, I start with CIS baselines as rule of thumb to cover hardening aspects.
Reply
0 Kudos
Caute_cautim
Community Champion
‎01-13-2019 02:12 PM
‎01-13-2019 02:12 PM

Hunting around: 

 

https://kubernetes.io/docs/tasks/debug-application-cluster/audit/

 

https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/

 

https://kubernetes.io/docs/concepts/policy/pod-security-policy/

 

I agree, understand the technology, the Pod Security; Container security and then Kubernetes.

 

This looks like fun.

 

Regards

 

Caute_cautim

 

Reply
0 Kudos