You're reading from Kubernetes and Docker - An Enterprise Guide Effectively containerize applications, integrate enterprise systems, and scale applications in your enterprise

Product type Paperback

Published in Nov 2020

Publisher Packt

ISBN-13 9781839213403

Length 526 pages

Edition 1st Edition

Tools

Docker

Concepts

Cloud Computing

Authors (2):

Marc Boorshtein

Scott Surovich

Preface

1. Section 1: Docker and Container Fundamentals

2. Chapter 1: Docker and Container Essentials FREE CHAPTER

3. Chapter 2: Working with Docker Data

4. Chapter 3: Understanding Docker Networking

5. Section 2: Creating Kubernetes Development Clusters, Understanding objects, and Exposing Services

6. Chapter 4: Deploying Kubernetes Using KinD

7. Chapter 5: Kubernetes Bootcamp

8. Chapter 6: Services, Load Balancing, and External DNS

9. Section 3: Running Kubernetes in the Enterprise

10. Chapter 7: Integrating Authentication into Your Cluster

11. Chapter 8: RBAC Policies and Auditing

12. Chapter 9: Deploying a Secured Kubernetes Dashboard

13. Chapter 10: Creating PodSecurityPolicies

14. Chapter 11: Extending Security Using Open Policy Agent

15. Chapter 12: Auditing using Falco and EFK

16. Chapter 13: Backing Up Workloads

17. Chapter 14: Provisioning a Platform

18. Assessments

19. Other Books You May Enjoy

Questions

True or false – containers are "lightweight VMs."
A. True
B. False
Can a container access resources from its host?
A. No, it's isolated.
B. If marked as privileged, yes.
C. Only if explicitly granted by a policy.
D. Sometimes.
How could an attacker gain access to a cluster through a container?
A. A bug in the container's application can lead to a remote code execution, which can be used to break out of a vulnerable container and then used to get the kubelet's credentials.
B. Compromised credentials with the ability to create a container in one namespace can be used to create a container that mounts the node's filesystem to get the kubelet's credentials.
C. Both of the above.
How does the PodSecurityPolicy admission controller determine which policy to apply to a pod?
A. By reading an annotation on the pod's definition
B. By comparing the pod's requested capabilities and the policies authorized via the union of the...