Posted on

Install Open Source kube-scan to Find Kubernetes Security Risks

With over 30 security settings under the control of every single developer, you need to be a Kubernetes expert to understand if the final configuration introduces a high risk to your cluster. With a single change to a single file, you can open your entire Kubernetes cluster to attacks, leak secrets, risk confidential data, or accidentally give public access to private services. 

We at Octarine believe in making security easy for everyone. We released the open source kube-scan tool that allows you to run a quick and easy security risk assessment on your Kubernetes workloads to instantly understand the security posture of your clusters.

Posted on

Squash Threats and Master the Tenets of Kubernetes Deployment Security

Kubernetes is an open-source container orchestration that impacts the functions of runtime security. A successful Kubernetes deployment lies in choosing a suitable environment based on application requirements, investments, and infrastructure. Users face technical challenges subjected to Kubernetes deployment on cloud (single, multi, or hybrid) or on-premises that require different tools. These factors affect the approach to security with Kubernetes. Let’s see the threat model and how to overcome them.

The threats attacking the Kubernetes environment — regardless of the deployment methods — are as follows:

Posted on

Exposing Services to External Applications in Kubernetes (Part 1)

Kubernetes (K8s) has now become the most popular production-grade container management and orchestration system. Recently, I was involved in a project where an on-premises application needed to be containerized, managed by a Kubernetes cluster, and be able to connect to other apps outside cluster.

Here, I share my experience of running a container in a local K8s cluster and various options for networking externally to cluster. There are many posts related to or touching this topic, but most of them followed the minikube installation (single-node K8s cluster) whereas my cluster was installed using kubeadm. There are certain differences in K8s install options, as noted in the references below.

Posted on

Introduction to Kubernetes Pod Networking, Part 1

The Ultimate Guide to Kubernetes Networking on AWS

In this three-part series, we deep dive into the Kubernetes Pod networking options on Amazon, and provide a bit of guidance around the various trade-offs involved in selecting a particular Kubernetes Network technology for your cluster on Amazon.  

If you are looking for an intro to Kubernetes, please have a look at our recent article "What is Kubernetes and Why It's So Popular."

Posted on

AWS Networking Overview, Part 2

In this three-part series, we deep dive into the Kubernetes Pod networking options on Amazon, and provide a bit of guidance around the various trade-offs involved in selecting a particular Kubernetes Network technology for your cluster on Amazon. Please see here for Part 1. 

The other part to understanding networking on Kubernetes running on Amazon is the underlying Amazon network technology. AWS started out with a simple flat network, but due to customer demand for segmented networks, and to provide a more full-featured network implementation, it now includes VPC (virtual private cloud).