Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Getting Started with Kubernetes Extend your containerization strategy by orchestrating and managing large-scale container deployments

Product type Paperback

Published in Oct 2018

Publisher Packt

ISBN-13 9781788994729

Length 470 pages

Edition 3rd Edition

Tools

Kubernetes

Concepts

Containerization

Authors (2):

Jesse White

Jonathan Baier

View More author details

Table of Contents (18) Chapters

Preface

1. Introduction to Kubernetes FREE CHAPTER

2. Building a Foundation with Core Kubernetes Constructs

3. Working with Networking, Load Balancers, and Ingress

4. Implementing Reliable Container-Native Applications

5. Exploring Kubernetes Storage Concepts

6. Application Updates, Gradual Rollouts, and Autoscaling

7. Designing for Continuous Integration and Delivery

8. Monitoring and Logging

9. Operating Systems, Platforms, and Cloud and Local Providers

10. Designing for High Availability and Scalability

11. Kubernetes SIGs, Incubation Projects, and the CNCF

12. Cluster Federation and Multi-Tenancy

13. Cluster Authentication, Authorization, and Container Security

14. Hardening Kubernetes

15. Kubernetes Infrastructure Management

16. Assessments

17. Other Books You May Enjoy

Leave a review - let other readers know what you think

Securing a cluster

Let's look at some other common recommendations for hardening your cluster in production. These use cases cover both intentional, malicious actions against your cluster, as well as accidental misuse. Let's take a look at what we can do to secure things.

First off, you want to ensure that access to the Kubernetes API is controlled. Given that all actions in Kubernetes are API-driven, we should secure this interface first. We can control access to this API with several settings:

Encode all traffic: In order to keep communication secure, you should make sure that Transport Level Security (TLS) is set up for API communication in the cluster. Most of the installation methods we've reviewed in this book create the necessary component certificates, but it's always on the cluster operators to identify all in-use local ports that may not use the...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (2)

Jonathan Baier

Jonathan Baier is an emerging technology leader living in Brooklyn, New York. He has had a passion for technology since an early age. When he was 14 years old, he was so interested in the family computer (an IBM PCjr) that he pored over the several hundred pages of BASIC and DOS manuals. Then, he taught himself to code a very poorly-written version of Tic-Tac-Toe. During his teenage years, he started a computer support business. Throughout his life, he has dabbled in entrepreneurship. He currently works as Senior Vice President of Cloud Engineering and Operations for Moody's corporation in New York.

See other products by Jonathan Baier

White

Jesse White is a 15-year veteran and technology leader in New York City's very own Silicon Alley, where he is a pillar of the vibrant engineering ecosystem. As founder of DockerNYC and an active participant in the open source community, you can find Jesse at a number of leading industry events, including DockerCon and VelocityConf, giving talks and workshops.

See other products by White