Michael Hausenblas is an AWS developer advocate.
Liz Rice is the Technology Evangelist with container security specialists Aqua Security, where she also works on container-related open source projects including kube-hunter, kube-bench and manifesto. She was Co-Chair of the CNCF’s KubeCon + CloudNativeCon 2018 events in Copenhagen, Shanghai and Seattle.
She has a wealth of software development, team, and product management experience from working on network protocols and distributed systems, and in digital technology sectors such as VOD, music, and VoIP. When not writing code, or talking about it, Liz loves riding bikes in places with better weather than her native London, and competing in virtual races on Zwift.
Kubernetes has fundamentally changed the way DevOps teams create, manage, and operate container-based applications, but as with any production process, you can never provide enough security. This practical ebook walks you through Kubernetes security features—including when to use what—and shows you how to augment those features with container image best practices and secure network communication.
Liz Rice from Aqua Security and Michael Hausenblas from Red Hat not only describe practical security techniques for Kubernetes but also maintain an accompanying website. Developers will learn how to build container images with security in mind, and ops folks will pick up techniques for configuring and operating a Kubernetes cluster more securely.
Explore security concepts including defense in depth, least privilege, and limiting the attack surface
Safeguard clusters by securing worker nodes and control plane components, such as the API server and the etcd key value store
Learn how Kubernetes uses authentication and authorization to grant fine-grained access
Secure container images against known vulnerabilities and abuse by third parties
Examine security boundaries and policy enforcement features for running containers securely
Learn about the options for handling secret information such as credentials
Delve into advanced topics such as monitoring, alerting, and auditing, as well as sandboxing and runtime protection
發表於2024-12-03
Kubernetes Security 2024 pdf epub mobi 電子書 下載
圖書標籤: 軟件工程 計算機科學 英文版 容器 分布式 2019
更像是一個博客集閤
評分三四兩章基本是 Reference/Accessing the API 重新整理組織瞭一下,相對更簡短清晰一些,Authenticate 相關細節還是得看代碼(kubernetes/staging/src/k8s.io/apiserver/pkg/authentication);agg layer 逃不開 Auth proxy;正確的配置 Authenticate/Authorization,核心組件就不用自己去配 RBAC = =
評分三四兩章基本是 Reference/Accessing the API 重新整理組織瞭一下,相對更簡短清晰一些,Authenticate 相關細節還是得看代碼(kubernetes/staging/src/k8s.io/apiserver/pkg/authentication);agg layer 逃不開 Auth proxy;正確的配置 Authenticate/Authorization,核心組件就不用自己去配 RBAC = =
評分讀一讀也不是不行
評分更像是一個博客集閤
Kubernetes Security 2024 pdf epub mobi 電子書 下載