The Kubernetes Book

By : Nigel Poulton, Pushkar Joglekar

The Kubernetes Book

By: Nigel Poulton, Pushkar Joglekar

Overview of this book

Kubernetes is the leading orchestrator of cloud-native apps. With knowledge of how to work with Kubernetes, you can easily deploy and manage applications on the cloud or in your on-premises data center. The book begins by introducing you to Kubernetes and showing you how to install it. You’ll learn how to use Kubernetes Services and bring stable and reliable networking to apps that are deployed on Kubernetes. You'll delve deep into the powerful storage subsystem of Kubernetes and learn how to leverage the variety of external storage backends in your applications. As the book progresses, it shows you how to use features such as DaemonSets, Helm, and RBAC to enhance your Kubernetes applications. You'll explore the six categories of identifying vulnerabilities and look at a few ways to prevent and mitigate them. You'll also look at ways to secure the software delivery pipeline by discussing some image-related best practices. The book ends by sharing with you some resources that’ll help take your Kubernetes knowledge to the next level. By the end of the book, you’ll have the confidence and skills to leverage all the features of Kubernetes to develop scalable applications.

Preface

About the Book

Free Chapter

Chapter 1

Kubernetes Primer

Kubernetes Background

Where did Kubernetes Come From?

A Data Center OS

Summary

Chapter 2

Kubernetes Principles of Operation

Kubernetes from 40k Feet

Masters and Nodes

Summary

Chapter 3

Installing Kubernetes

Play with Kubernetes

Docker Desktop

Minikube

Google Kubernetes Engine (GKE)

Summary

Chapter 4

Working with Pods

Pod Theory

Hands-On with Pods

Summary

Chapter 5

Kubernetes Deployments

Deployment Theory

How to Create a Deployment

Performing a Rolling Update

How to Perform a Rollback

Summary

Chapter 6

Kubernetes Services

Setting the Scene

Hands-On with Services

Real-World Example

Summary

Chapter 7

Kubernetes Storage

The Big Picture

Storage Providers

The Container Storage Interface (CSI)

The Kubernetes Persistent Volume Subsystem

Storage Classes and Dynamic Provisioning

Demo

Summary

Chapter 8

Other Important Kubernetes Stuff

Role-Based Access Control (RBAC)

Helm

Summary

Chapter 9

Threat Modeling Kubernetes

Information Disclosure

Denial of Service

Elevation of Privilege

Pod Security Policies

Summary

Chapter 10

Real-World Kubernetes Security

CI/CD Pipeline

Infrastructure and Networking

Identity and Access Management (IAM)

Auditing and Security Monitoring

Real-World Example

Summary

Chapter 11

What Next

Practice Makes Perfect

More Books

Events and Meetups

Feedback

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Repudiation

At a very high level, repudiation is casting doubt on something. Non-repudiation is providing proof about something. In the context of information security, non-repudiation is proving that certain actions were carried out by certain individuals.

Digging a little deeper, non-repudiation includes the ability to prove:

What happened
When it happened
Who made it happen
Where it happened
Why it happened
How it happened

Answering the last two usually requires the correlation of several events over a period of time.

Fortunately, auditing Kubernetes API server events can usually help answer these questions. The following is an example of an API server audit event (you may need to manually enable auditing on your API server).

{
  "kind":"Event",
  "apiVersion":"audit.k8s.io/v1",
  "metadata":{ "creationTimestamp":"2019-03-03T10:10:00Z" },
  "level":"Metadata...

The Kubernetes Book

By : Nigel Poulton, Pushkar Joglekar

The Kubernetes Book

By: Nigel Poulton, Pushkar Joglekar

Overview of this book

Related Content you might be interested in

Current Title:

The Kubernetes Book

The KCNA Book

The DevOps 2.3 Toolkit

The Kubernetes Bible

Repudiation