Kubernetes Security Best Practices you need to know | THE Guide for securing your K8s cluster!

    21
    47



    Secure your K8s cluster with this Top 10 Kubernetes Security Best Practices | Kubernetes Security 101
    💙 Become a Kubernetes Administrator ► https://bit.ly/k8s-admin-course
    💚 Become a DevOps Engineer – full educational program ► https://bit.ly/3gEwf4V
    💛 Follow me on IG for behind-the-scenes-content ► https://bit.ly/2F3LXYJ

    ✅ Learn more about Kubernetes Backup and Restore with Kasten: https://youtu.be/01qcYSck1c4

    #kubernetes #devops #techworldwithnana

    ► Thank you Kasten for sponsoring this video 🙌
    ► Free Kubernetes Backup and Migration – Download Free Kasten K10 #1 Kubernetes Backup: https://www.kasten.io/nana

    In this video I talk about a super important topic, which is security in Kubernetes and what are some of the best practices for securing your Kubernetes cluster.

    The big challenge that we see in terms of Kubernetes security is that it’s already so challenging to set up a Kubernetes cluster and to configure it to deploy the applications in it, that security often becomes the afterthought, adding on top of that already complex configuration. However we can’t deny the importance of security, especially when the systems are so complex!

    Cloud applications actually become a very attractive target to a lot of hackers and this growing number of cloud native applications mostly use Kubernetes as a platform and that’s where the relevance of knowing how to secure Kubernetes clusters comes into play.

    ▬▬▬▬▬▬ L I N K S 🔗▬▬▬▬▬▬
    Sign up to get notified about new upcoming courses ► https://www.techworld-with-nana.com/course-roadmap

    ▬▬▬▬▬▬ T I M E S T A M P S ⏰ ▬▬▬▬▬▬
    0:00 – Intro
    00:33 – Security in Cloud in general
    01:39 – Security in Kubernetes
    02:26 – Security as a Spectrum
    04:39 – BP 1 – Image Scanning
    09:45 – BP 2 – Run as Non-Root User
    11:08 – BP 3 – Users & Permissions with RBAC
    15:44 – BP 4 – Use Network Policies
    18:18 – BP 5 – Encrypt Communication
    19:06 – BP 6 – Secure Secret Data
    20:34 – BP 7 – Secure etcd
    22:05 – BP 8 – Automated Backup & Restore
    24:54 – BP 9 – Configure Security Policies
    26:50 – BP 10 – Disaster Recovery

    ▬▬▬▬▬▬ Want to learn more? 🚀 ▬▬▬▬▬▬
    Full Python course ► https://youtu.be/t8pPdKYpowI
    Full Docker course ► https://youtu.be/3c-iBn73dDE
    Full K8s course ► https://youtu.be/X48VuDVv0do
    DevOps Tools explained ► https://bit.ly/2W9UEq6

    ▬▬▬▬▬▬ Connect with me 👋 ▬▬▬▬▬▬
    INSTAGRAM ► https://bit.ly/2F3LXYJ
    TWITTER ► https://bit.ly/3i54PUB
    LINKEDIN ► https://bit.ly/3hWOLVT
    FB group ► https://bit.ly/32UVSZP
    DEV ► https://bit.ly/3h2fqiO

    ▬▬▬▬▬▬ Courses & Bootcamp & Ebooks 🚀 ▬▬▬▬▬▬
    ► Become a DevOps Engineer – full educational program 👉🏼 https://bit.ly/3gEwf4V
    ► High-Quality and Hands-On Courses 👉🏼 https://bit.ly/3nIouPW
    ► Kubernetes 101 – compact and easy-to-read ebook bundle 👉🏼 https://bit.ly/3mPIaiU

    source

    Previous article[Docker-05] Docker Networking Tutorial | Docker Tutorial Indonesia | Docker Full Course PART-5
    Next articleDevops Interview Questions and Answers for Freshers in 2021

    47 COMMENTS

    1. Please share with others, which K8s security best practice is important, which I didn't mention?
      💙 Become a Kubernetes Administrator ► https://bit.ly/k8s-admin-course
      💚 Become a DevOps Engineer – full educational program ► https://bit.ly/3gEwf4V
      💛 Follow me on IG for behind-the-scenes-content ► https://bit.ly/2F3LXYJ

      💡 Sign up to get notified about new upcoming courses ► https://www.techworld-with-nana.com/course-roadmap

    2. Hi thanks for these videos. I have a request. If you find some time can you please make a video on how you learn a technology/concpet this thorough? For me, it takes couple of times reading and trying out before I understand the basics properly. If you have a shortcut, we would love to know.

    3. service mesh like Istio or Envoy are most popular now ,but not easy for a company to use them in prodution . network policy ,I prefer Cilium based on eBPF.mtls, it is easy to accomplish with sidecar, and you should have your own CA .After all,there are many things we need to do to peotect our k8s cluster,best way is that developing your own service mesh

    4. Hi nana was attended 3 times interview within a span of 1 month in tcs but 3rd time i got selected and they released offer and joining date too while doing background check previous two attempts they will consider? Normally they will. Check the candidate before attending interview right wether candidate is attended or not like?

    5. hey nana, i like your content, do you have an advice for including security testing in the pipeline, like vulnerability scanning and compliance checks? For example how do i include cis benchmarks and vuln scanning and define thresholds that prevent unsecure workloads from going to production?

    6. Just to help drive home the misconception of the security in cloud in general. Each cloud provider has a shared responsibility model. The cloud provider is responsible for the security OF the cloud and the customer is responsible for the security IN the cloud 🙂

    7. Great video Mam !!!, a very core feature which is rarely being used in companies for implementing k8s security,
      kindly also cover Locking Down Kubelet as its a backdoor for api server & image signature as its must to make sure that image is a legitimate one, Thank You