Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Kubernetes – An Enterprise Guide
  • Table Of Contents Toc
  • Feedback & Rating feedback
Kubernetes – An Enterprise Guide

Kubernetes – An Enterprise Guide

By : Marc Boorshtein, Scott Surovich
4.8 (13)
close
close
Kubernetes – An Enterprise Guide

Kubernetes – An Enterprise Guide

4.8 (13)
By: Marc Boorshtein, Scott Surovich

Overview of this book

Stay at the forefront of cloud-native technologies with the eagerly awaited Kubernetes – An Enterprise Guide, Third Edition. Delve deep into Kubernetes and emerge with the latest insights to conquer today's dynamic enterprise challenges. This meticulously crafted edition equips you with the latest insights to skillfully navigate the twists and turns of ever-evolving cloud technology. Experience a more profound exploration of advanced Kubernetes deployments, revolutionary techniques, and expert strategies that redefine your cloud-native skill set. Discover cutting-edge topics reshaping the technological frontier like virtual clusters, container security, and secrets management. Gain an edge by mastering these critical aspects of Kubernetes and propelling your enterprise to new heights. Expertly harness Kubernetes' power for business-critical applications with insider techniques. Smoothly transition to microservices with Istio, excel at modern deployments with GitOps/CI/CD, and bolster security with OPA/Gatekeeper and KubeArmor. Integrate Kubernetes with leading tools for maximum impact in a competitive landscape. Stay ahead of the technology curve with cutting-edge strategies for innovation and growth. Redefine cloud-native excellence with this definitive guide to leveraging Kubernetes.
Table of Contents (22 chapters)
close
close
20
Other Books You May Enjoy
21
Index

Creating a KubeArmorSecurityPolicy

It’s time to create some policies! When KubeArmor is deployed, it creates three Custom Resource Definitions and one of those is kubearmorpolicies.security.kubearmor.com, which is used to create new policy resources.

Let’s jump right into an example policy. You do not need to deploy this to your cluster; it’s being used to show an example policy.

If we want to block any attempted access to create a file in the /bin directory of our containers in the demo namespace, the format of this policy is shown below:

apiVersion: security.kubearmor.com/v1
kind: KubeArmorPolicy
metadata:
  name: block-write-bin
  namespace: demo
spec:
  action: Block
  file:
    matchDirectories:
    - dir: /bin/
      readOnly: true
      recursive: true
  message: Alert! An attempt to write to the /bin directory denied.

Breaking down this policy, we can see that it’s using the security.kubearmor.com/v1 API and it’s a KubeArmorPolicy...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
bookmark search playlist download font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY