Summary
In this chapter, we learned about security in the context of Kubernetes. First, we reviewed the basics of security on Kubernetes – which layers of the security stack are relevant to our cluster and some broad strokes of how to manage that complexity. Next, we learned about some of the major security issues that Kubernetes has encountered, as well as discussing the results of the 2019 security audit.
Then, we implemented security at two different levels of the stack in Kubernetes – first, in configuration with Pod security policies and network policies, and finally, runtime security with Falco.
In the next chapter, we will learn how to make Kubernetes your own by building custom resources. This will allow you to add significant new functionality to your cluster.