Security Hardening
This section provides references on how to securely configure Docker and Kubernetes.
Securing a Kubernetes cluster involves hardening on multiple fronts - securing the API servers, etcd, nodes, container images, container run-time, and the cluster network. Apply principles of defense in depth, principle of least privilege, and minimize the attack surface. Use security tools such as Kube-Bench to verify the cluster’s security posture. Since Kubernetes is evolving rapidly refer to Kubernetes Security Overview for the latest information on securing a Kubernetes cluster. Also ensure the deployed Docker containers follow the Docker Security guidance.
References
-
Docker hardening
-
Kubernetes hardening
-
Security best practices for Oracle WebLogic Server Running in Docker and Kubernetes