Security hardening

Securing a Kubernetes cluster involves hardening on multiple fronts - securing the API servers, etcd, nodes, container images, container run-time, and the cluster network. Apply principles of defense in depth, principle of least privilege, and minimize the attack surface. Use security tools such as Kube-Bench to verify the cluster’s security posture. Since Kubernetes is evolving rapidly refer to Kubernetes Security Overview for the latest information on securing a Kubernetes cluster. Also ensure the deployed Docker containers follow the Docker Security guidance.

This section provides references on how to securely configure Docker and Kubernetes.

References

  1. Docker hardening

  2. Kubernetes hardening

  3. Security best practices for Oracle WebLogic Server Running in Docker and Kubernetes