0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Kubernetes – An Enterprise Guide

You're reading from Kubernetes – An Enterprise Guide Master containerized application deployments, integrate enterprise systems, and achieve scalability

Product type Paperback

Published in Aug 2024

Publisher Packt

ISBN-13 9781835086957

Length 682 pages

Edition 3rd Edition

Languages

Go

Tools

Gitlab

Concepts

Application Monitoring

Authors (2):

Marc Boorshtein

Scott Surovich

View More author details

Table of Contents (22) Chapters

Preface

1. Docker and Container Essentials FREE CHAPTER

2. Deploying Kubernetes Using KinD

3. Kubernetes Bootcamp

4. Services, Load Balancing, and Network Policies

5. External DNS and Global Load Balancing

6. Integrating Authentication into Your Cluster

7. RBAC Policies and Auditing

8. Managing Secrets

9. Building Multitenant Clusters with vClusters

10. Deploying a Secured Kubernetes Dashboard

11. Extending Security Using Open Policy Agent

12. Node Security with Gatekeeper

13. KubeArmor Securing Your Runtime

14. Backing Up Workloads

15. Monitoring Clusters and Workloads

16. An Introduction to Istio

17. Building and Deploying Applications on Istio

18. Provisioning a Multitenant Platform

19. Building a Developer Portal

20. Other Books You May Enjoy

Share your thohughts

21. Index

Creating a KubeArmorSecurityPolicy

It’s time to create some policies! When KubeArmor is deployed, it creates three Custom Resource Definitions and one of those is kubearmorpolicies.security.kubearmor.com, which is used to create new policy resources.

Let’s jump right into an example policy. You do not need to deploy this to your cluster; it’s being used to show an example policy.

If we want to block any attempted access to create a file in the /bin directory of our containers in the demo namespace, the format of this policy is shown below:

apiVersion: security.kubearmor.com/v1
kind: KubeArmorPolicy
metadata:
  name: block-write-bin
  namespace: demo
spec:
  action: Block
  file:
    matchDirectories:
    - dir: /bin/
      readOnly: true
      recursive: true
  message: Alert! An attempt to write to the /bin directory denied.

Breaking down this policy, we can see that it’s using the security.kubearmor.com/v1 API and it’s a KubeArmorPolicy...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (2)

Marc Boorshtein

Marc Boorshtein

Marc Boorshtein has been a software engineer and consultant for 20 years and is currently the CTO (Chief Technology Officer) of Tremolo Security, Inc. Marc has spent most of his career building identity management solutions for large enterprises, U.S. Government civilian agencies, and local government public safety systems.

See other products by Marc Boorshtein

Scott Surovich

Scott Surovich

Scott Surovich has been involved in the industry for over 25 years and is currently the Global Container Engineering Lead at a tier 1 bank as the Global on-premises Kubernetes product owner architecting and, delivering cluster standards, including the surrounding ecosystem. His previous roles include working on other global engineering teams, including Windows, Linux, and virtualization.

See other products by Scott Surovich

Personalised recommendations for you

Based on your interests and search pattern

Mastering PowerShell Scripting

Mastering PowerShell Scripting

PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.

May 2024 27h 32m

Network Automation with Nautobot

Network Automation with Nautobot

This book will help you understand why a network source of truth is needed for long-term network automation success, which will in turn save you hundreds of hours in deploying and integrating Nautobot into network automation.

May 2024 27h 12m

NGINX HTTP Server

NGINX HTTP Server

Explore the power of NGINX with this guide covering an array of essential practical topics, including securing your infrastructure with automatic TLS certificates, placing NGINX in front of your existing applications, and much more.

May 2024 8h 44m

Mastering Azure Virtual Desktop

Mastering Azure Virtual Desktop

This updated edition will help you plan an Azure Virtual Desktop Architecture, implement its infrastructure, and manage its access and security. With content aligned with the exam objectives, it'll help you ace the Microsoft AZ-140 exam.

Jul 2024 23h 56m

Learn Ansible will teach you how to write Ansible Playbooks for deploying simple apps. This updated edition covers the latest Ansible features, helping you confidently implement Ansible in your daily workflows.

May 2024 13h 48m

HashiCorp Terraform Associate (003) Exam Guide

HashiCorp Terraform Associate (003) Exam Guide

This book will help you explore HashiCorp Terraform and prepare for Associate (003) certification, from understanding core concepts to advanced modules. You'll gain hands-on expertise, troubleshoot with confidence, and more.

May 2024 11h 28m

Kubernetes – An Enterprise Guide

Kubernetes – An Enterprise Guide

Navigate the complexities of Kubernetes and fully leverage its capabilities for enterprise applications. This edition dives into advanced deployments, groundbreaking techniques, and insights that will elevate your skills and redefine your expertise.

Aug 2024 22h 44m

Atlassian DevOps Toolchain Cookbook

Atlassian DevOps Toolchain Cookbook

Master setting up a DevOps toolchain using Atlassian tools and Open DevOps as a framework with this recipe-driven guide to automated testing, integration, deployment, observability, and incident management for streamlining development processes.

Jul 2024 16h 48m

AWS Certified Developer Associate Certification and Beyond

AWS Certified Developer Associate Certification and Beyond

This is your guide to passing the challenging AWS Certified Developer – Associate certification exam and setting yourself up for a rewarding career. Through a sample project, it explains how to design, architect, and implement applications on AWS.

Jul 2024 23h 40m

Implementing GitOps with Kubernetes

Implementing GitOps with Kubernetes

This book provides step-by-step tutorials and hands-on examples for effectively implementing GitOps practices in your Kubernetes deployments. You'll learn how to automate, monitor, and secure your infrastructure for efficient application delivery.

Aug 2024 14h 48m