Essential Kubernetes Security Practices to Safeguard Production Clusters

Learn the critical Kubernetes security measures for production environments, including RBAC access control, network policies, secret management, continuous monitoring, patch updates, API server hardening, Kubelet protection, pod security policies, and container hardening techniques, each illustrated with practical YAML examples and command snippets.

ContainerHardeningKubernetesNetworkPolicy

0 likes · 10 min read

Essential Kubernetes Security Practices to Safeguard Production Clusters

Liangxu Linux

Jul 13, 2021 · Information Security

Why Running Docker Containers as Root Is Dangerous and How to Avoid It

Running Docker containers as root or with the --privileged flag can expose the host to unnecessary risks; this article explains the differences, demonstrates root usage in common images, and provides practical methods—such as specifying non‑root users in Dockerfiles or using security contexts—to securely run containers.

$rootContainer SecurityKubernetes

0 likes · 7 min read

Why Running Docker Containers as Root Is Dangerous and How to Avoid It

Full-Stack DevOps & Kubernetes

Aug 8, 2020 · Cloud Native

Mastering Kubernetes PodSecurityPolicy: A Complete Guide to Secure Pods

This article explains what a PodSecurityPolicy is, details its configurable fields such as RunAsUser, SELinux, supplemental groups, FSGroup, and volume restrictions, and provides step‑by‑step commands to create, list, edit, delete, and enable PSPs in a Kubernetes cluster.

ClusterKubernetesPodSecurityPolicy

0 likes · 9 min read

Mastering Kubernetes PodSecurityPolicy: A Complete Guide to Secure Pods

Alibaba Cloud Native

Jul 30, 2020 · Cloud Native

Cloud Native Highlights: KubeCon 2020, PodSecurityPolicy GA, and Top K8s Resources

This roundup covers the KubeCon 2020 virtual summit, the GA of seccomp‑based PodSecurityPolicy enforcement, recommended open‑source projects such as Kubernetes The Hard Way and kustomize‑controller, plus a curated list of recent Kubernetes‑focused articles and reading material.

Cloud NativeKubeConKubernetes

0 likes · 4 min read

Cloud Native Highlights: KubeCon 2020, PodSecurityPolicy GA, and Top K8s Resources

Cloud Native Technology Community

May 9, 2020 · Information Security

Understanding SecurityContext vs PodSecurityPolicy and Implementing PSP in Kubernetes

This article explains the difference between SecurityContext and PodSecurityPolicy, demonstrates how to create service accounts, define a non‑privileged PSP, enable it in a cluster, bind it with RBAC, and apply the policy to Pods, Deployments and system components in Kubernetes.

AdmissionControllerClusterRoleKubernetes

0 likes · 9 min read

Understanding SecurityContext vs PodSecurityPolicy and Implementing PSP in Kubernetes