Posted on

5 Best Security Practices for Kubernetes and Oracle Kubernetes Engine

In this article, readers will learn about each best practice in Open Source Kubernetes as well as Oracle’s Kubernetes managed service (OKE) running on Oracle Cloud Infrastructure (OCI).

Kubernetes has gained rapid traction over the last three years and is being deployed in production by many companies. While in general, Kubernetes does follow the core software security principles, some ownership of security falls on the shoulders of the end users. Just like a shared security responsibility model exists between all cloud providers and the customers, there is a shared security responsibility for managed Kubernetes services being offered by cloud providers. Managed Kubernetes Services Cloud providers like Oracle Cloud Infrastructure Container Engine for Kubernetes (also known as Oracle Kubernetes Engine or OKE), Azure Kubernetes Service (AKS), and others are typically responsible for managing and securing the control plane (API Server, scheduler, etcd, controllers) of the Kubernetes cluster and customers of the managed service are responsible for the securing the data plane (node pools, ingress, networking, service mesh etc).

Posted on

Upgrading Kubernetes Worker Nodes in GKE, AKS, and EKS

Kubernetes is a popular container orchestration platform that you can deploy on-premise or in the cloud. In this article, you will learn about Kubernetes upgrade options in Google Kubernetes Engine (GKE), Azure Kubernetes Service (AKS), and Amazon Elastic Container Service for Kubernetes (EKS).

What is a Kubernetes Cluster?

A cluster is a unit that includes several Kubernetes pods. A pod is a set of containers, with facilities to allow containers to communicate and share data between them. A cluster consists of the following components: