Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Cloud Native with Kubernetes

You're reading from   Cloud Native with Kubernetes Deploy, configure, and run modern cloud native applications on Kubernetes

Arrow left icon
Product type Paperback
Published in Jan 2021
Publisher Packt
ISBN-13 9781838823078
Length 446 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Alexander Raul Alexander Raul
Author Profile Icon Alexander Raul
Alexander Raul
Arrow right icon
View More author details
Toc

Table of Contents (22) Chapters Close

Preface 1. Section 1: Setting Up Kubernetes
2. Chapter 1: Communicating with Kubernetes FREE CHAPTER 3. Chapter 2: Setting Up Your Kubernetes Cluster 4. Chapter 3: Running Application Containers on Kubernetes 5. Section 2: Configuring and Deploying Applications on Kubernetes
6. Chapter 4: Scaling and Deploying Your Application 7. Chapter 5: Services and Ingress – Communicating with the Outside World 8. Chapter 6: Kubernetes Application Configuration 9. Chapter 7: Storage on Kubernetes 10. Chapter 8: Pod Placement Controls 11. Section 3: Running Kubernetes in Production
12. Chapter 9: Observability on Kubernetes 13. Chapter 10: Troubleshooting Kubernetes 14. Chapter 11: Template Code Generation and CI/CD on Kubernetes 15. Chapter 12: Kubernetes Security and Compliance 16. Section 4: Extending Kubernetes
17. Chapter 13: Extending Kubernetes with CRDs 18. Chapter 14: Service Meshes and Serverless 19. Chapter 15: Stateful Workloads on Kubernetes 20. Assessments 21. Other Books You May Enjoy

Reviewing CVEs and security audits for Kubernetes

Kubernetes has encountered several Common Vulnerabilities and Exposures (CVEs) in its storied history. The MITRE CVE database, at the time of writing, lists 73 CVE announcements from 2015 to 2020 when searching for kubernetes. Each one of these is related either directly to Kubernetes, or to a common open source solution that runs on Kubernetes (like the NGINX ingress controller, for instance).

Several of these were critical enough to require hotfixes to the Kubernetes source, and thus they list the affected versions in the CVE description. A full list of all CVEs related to Kubernetes can be found at https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=kubernetes. To give you an idea of some of the issues that have been found, let's review a few of these CVEs in chronological order.

Understanding CVE-2016-1905 – Improper admission control

This CVE was one of the first major security issues with production Kubernetes...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image