/kubernetes-security

WORK IN PROGRESS

Kubernetes Security

Kubernetes Networking

  1. Kubernetes Networking 101 (60 mins), you will use different ways to control traffic on a Kubernetes cluster with Service types, Ingress, Network Policy and Calico. Start here.
  2. Kubernetes Network Security using a Virtual Private Cloud (VPC) (90 mins), you will deploy a guestbook application to a Kubernetes cluster in a Virtual Private Cloud (VPC) Gen2, you will create the VPC, add a subnet, attach a public gateway, and update a security group with rules to allow inbound traffic to the guestbook application. Start here.
  3. Istio, use Istio to manage network traffic, load balance across microservices, enforce access policies, verify service identity, and more.

Configuration Management

  1. Application Configuration for Kubernetes:
    1. Lab0. Setup
    2. Lab1. Container Configuration
    3. Lab2. Using Environment Variables in Pod Config
    4. Lab3. Store Key-Value Pairs using ConfigMap
    5. Lab4. Store Sensitive Data using Secrets
    6. Lab5. Pull an Image from a Private Registry
  2. Key Management Services (KMS)
    1. Lab1. Encrypt Secrets using a Cloud-Managed Vault Service (IBM Secrets Manager)
    2. Lab 2. Using Vault on OpenShift
      1. Lab2. Setup Internal Vault with Vault Agent Injector on OpenShift
      2. Lab3. Access Internal Vault using Vault Agent Injector