Loose lips sink ships is a phrase that describes how easy it can be to jeopardize the security of a Kubernetes-managed cluster (Kubernetes, by the way, is Greek for helmsman of a ship). If your cluster is left open with the wrong ports or services exposed, or plain text is used for secrets in application definitions, bad actors can take advantage of this lax security and do pretty much whatever they want in your cluster.
In this chapter, we will explore Kubernetes secrets in more depth. You will learn about different secrets backends and how to use them. You'll get a brief introduction to service mesh concepts, and you'll be able to follow along with a practical example.
The following topics will be covered briefly in this chapter:
- SSH secrets management
- The Istio service mesh at your service