Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from The DevOps 2.3 Toolkit Kubernetes: Deploying and managing highly-available and fault-tolerant applications at scale

Product type Paperback

Published in Sep 2018

Publisher Packt

ISBN-13 9781789135503

Length 418 pages

Edition 1st Edition

Tools

Kubernetes

Concepts

DevOps

Author (1):

Viktor Farcic

View More author details

Table of Contents (18) Chapters

Preface

1. How Did We Get Here? FREE CHAPTER

2. Running Kubernetes Cluster Locally

3. Creating Pods

4. Scaling Pods With ReplicaSets

5. Using Services to Enable Communication between Pods

6. Deploying Releases with Zero-Downtime

7. Using Ingress to Forward Traffic

8. Using Volumes to Access Host's File System

9. Using ConfigMaps to Inject Configuration Files

10. Using Secrets to Hide Confidential Information

11. Dividing a Cluster into Namespaces

12. Securing Kubernetes Clusters

13. Managing Resources

14. Creating a Production-Ready Kubernetes Cluster

15. Persisting State

16. The End

Contributions

17. Other Books You May Enjoy

Not so secretive Secrets

Almost everything Kubernetes needs is stored in etcd (https://github.com/coreos/etcd). That includes Secrets. The problem is that they are stored as plain text. Anyone with access to etcd has access to Kubernetes Secrets. We can limit the access to etcd, but that's not the end of our troubles. etcd stores data to disk as plain text. Restricting the access to etcd still leaves the Secrets vulnerable to who has access to the file system. That, in a way, diminishes the advantage of storing Secrets in containers in tmpfs. There's not much benefit of having them in tmpfs used by containers, if those same Secrets are stored on disk by etcd.

Even after securing the access to etcd and making sure that unauthorized users do not have access to the file system partition used by etcd, we are still at risk. When multiple replicas of etcd are running, data...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Viktor Farcic

Viktor Farcic is a senior consultant at CloudBees, a member of the Docker Captains group, and an author. He codes using a plethora of languages starting with Pascal (yes, he is old), Basic (before it got the Visual prefix), ASP (before it got the .NET suffix), C, C++, Perl, Python, ASP.NET, Visual Basic, C#, JavaScript, Java, Scala, and so on. He never worked with Fortran. His current favorite is Go. Viktor's big passions are Microservices, Continuous Deployment, and Test-Driven Development (TDD). He often speaks at community gatherings and conferences. Viktor wrote Test-Driven Java Development by Packt Publishing, and The DevOps 2.0 Toolkit. His random thoughts and tutorials can be found in his blog—Technology Conversations

See other products by Viktor Farcic