Chris Love, co-author of the book Core Kubernetes, joins host Robert Blumen for a conversation about kubernetes security. Chris identifies the node layer, secrets management, the network layer, contains, and pods as the most critical areas to be addressed. The conversation explores a range of topics, including when to accept defaults and when to override; differences between self-managed clusters and cloud-service provider-managed clusters; and what can go wrong at each layer — and how to address these issues. They further discuss managing the node layer; network security best practices; kubernetes secrets and integration with cloud-service provider secrets; container security; pod security, and Chris offers his views on policy-as-code frameworks and scanners.
Brought to you by IEEE Computer Society and IEEE Software magazine.
Show Notes
References
- LinkedIn @chrislovecnm
- Chris Love blog
- Cost, Culture and Kubernetes by Chris Love
- Book Core Kubernetes by Chris Love and Jay Vyas
- Kubernetes in Action, Second Edition by Marko Lukša and Kevin Conner
- Kubernetes Secrets Management by Alex Soto Bueno and Andrew Block
- Learn Kubernetes Security by Kaizhe Huang and Pranjal Jumde
- FairWinds white paper: “5 Kubernetes Security Tools You Should Use”
- User and workload identities in Kubernetes
- Authenticating | Kubernetes
Related Episodes
