Book Image

Kubernetes - A Complete DevOps Cookbook

By : Murat Karslioglu
Book Image

Kubernetes - A Complete DevOps Cookbook

By: Murat Karslioglu

Overview of this book

Kubernetes is a popular open source orchestration platform for managing containers in a cluster environment. With this Kubernetes cookbook, you’ll learn how to implement Kubernetes using a recipe-based approach. The book will prepare you to create highly available Kubernetes clusters on multiple clouds such as Amazon Web Services (AWS), Google Cloud Platform (GCP), Azure, Alibaba, and on-premises data centers. Starting with recipes for installing and configuring Kubernetes instances, you’ll discover how to work with Kubernetes clients, services, and key metadata. You’ll then learn how to build continuous integration/continuous delivery (CI/CD) pipelines for your applications, and understand various methods to manage containers. As you advance, you’ll delve into Kubernetes' integration with Docker and Jenkins, and even perform a batch process and configure data volumes. You’ll get to grips with methods for scaling, security, monitoring, logging, and troubleshooting. Additionally, this book will take you through the latest updates in Kubernetes, including volume snapshots, creating high availability clusters with kops, running workload operators, new inclusions around kubectl and more. By the end of this book, you’ll have developed the skills required to implement Kubernetes in production and manage containers proficiently.
Table of Contents (12 chapters)

Using Kubernetes CIS Benchmark for security auditing

Kubernetes CIS Benchmarks are the security configuration best practices that are accepted by industry experts. The CIS Benchmark guide can be download as a PDF file from the Center for Internet Security (CIS) website at kube-bench is an application that automates documented checks.

In this section, we will cover the installation and use of the open source kube-bench tool to run Kubernetes CIS Benchmarks for security auditing of Kubernetes clusters.

Getting ready

For this recipe, we need to have a Kubernetes cluster ready and the Kubernetes command-line tool kubectl installed.

Clone the k8sdevopscookbook/src repository to your workstation to use the manifest files in the chapter9 directory, as follows:

$ git clone
$ cd src/chapter9/cis

Some of the tests target Kubernetes nodes and can only be executed on fully self-managed clusters where you have control over the...