Intro to Kubernetes security; or, Taming the Great Spaghetti Monster

Description

We’ve all heard of it—Kubernetes or k8s—but do you really know what it is and, more importantly, how to set up security? The Great Spaghetti Monster (as Kat Fitzgerald likes to think of it) isn’t too difficult to secure if you just stop and use common sense security best practices. Join Kat to find out how. The information she shares is for everyone—even those who have been playing with Kubernetes for some time.

Kat opens with a brief intro to containers, and more specifically Docker, to make sure everyone is on the same playing field, before jumping into securing things. Next, Kat introduces Kubernetes and the magic world of orchestration—and what it really means to orchestrate containers. Then the fun begins as she brings up a small Raspberry Pi stack with Kubernetes on it to show a live cluster with “visual aides” (very bright LEDs that show containers jumping from node to node).

As the brief Kubernetes demo concludes, it’s time to bring in security by demonstrating the security plug-ins and tools used. The focus on this is security threats to a Kubernetes cluster and containers, tools to secure the CI/CD or build pipeline, and tools for monitoring and auditing the cluster. Kat brings it all to a neat and clean summary of how she’s addressed many of the typical attack vectors in containers and Kubernetes clusters by integrating operations support system (OSS) (and other) tools into the mix.