You're reading from Kubernetes and Docker - An Enterprise Guide Effectively containerize applications, integrate enterprise systems, and scale applications in your enterprise

Product type Paperback

Published in Nov 2020

Publisher Packt

ISBN-13 9781839213403

Length 526 pages

Edition 1st Edition

Tools

Docker

Concepts

Cloud Computing

Authors (2):

Marc Boorshtein

Scott Surovich

Preface

1. Section 1: Docker and Container Fundamentals

2. Chapter 1: Docker and Container Essentials FREE CHAPTER

3. Chapter 2: Working with Docker Data

4. Chapter 3: Understanding Docker Networking

5. Section 2: Creating Kubernetes Development Clusters, Understanding objects, and Exposing Services

6. Chapter 4: Deploying Kubernetes Using KinD

7. Chapter 5: Kubernetes Bootcamp

8. Chapter 6: Services, Load Balancing, and External DNS

9. Section 3: Running Kubernetes in the Enterprise

10. Chapter 7: Integrating Authentication into Your Cluster

11. Chapter 8: RBAC Policies and Auditing

12. Chapter 9: Deploying a Secured Kubernetes Dashboard

13. Chapter 10: Creating PodSecurityPolicies

14. Chapter 11: Extending Security Using Open Policy Agent

15. Chapter 12: Auditing using Falco and EFK

16. Chapter 13: Backing Up Workloads

17. Chapter 14: Provisioning a Platform

18. Assessments

19. Other Books You May Enjoy

Chapter 8

Correct answer: (A) False. RBAC is the preferred method for authorizing resources.
Correct answer: (C) apiGroups, resources, verbs.
Correct answer: (A) Kubernetes API reference. This is an invaluable tool that will list every URL for an API. This can be used to determine the resource.
Correct answer: (B) Define a ClusterRole and reference it in each namespace as a RoleBinding. This way, changes to the ClusterRole are reflected whenever it is referenced.
Correct answer: (D) Whenever possible, RoleBindings and ClusterRoleBindings should reference groups. Referencing users directly is an anti-pattern that is difficult to maintain, audit, and debug.
Correct answer: (B) False. RBAC requires all rights to be enumerated.
Correct answer: (B) False. Custom authorization webhooks are also available.