Kubernetes security best practices
Ian Lewis shares the easiest and best ways to improve the security of your Kubernetes clusters
Talk Title | Kubernetes security best practices |
Speakers | Ian Lewis (Google) |
Conference | O’Reilly Velocity Conference |
Conf Tag | Building and maintaining complex distributed systems |
Location | San Jose, California |
Date | June 12-14, 2018 |
URL | Talk Page |
Slides | Talk Slides |
Video | |
Containers give developers the ability to isolate applications from one another, but that’s not enough. Resource isolation is much different than security isolation. How do we make applications deployed in containers more secure? How do we apply existing tools like SELinux, AppArmor, and seccomp to our containers running in Kubernetes? How can we apply policy to our network and services to make sure applications only have access to what they need and nothing more? Ian Lewis shares the easiest and best ways to improve the security of your Kubernetes clusters. You’ll learn about the risks and attack surfaces and see tools like PodSecurityPolicy, SELinux, AppArmor and seccomp in action to improve the security of containers deployed in Kubernetes. You’ll then go up the stack and learn how to apply network policy to containers to further improve security.