Today I attended Jimmy Mesta’s workshop “Securing Kubernetes the hard way”. I’m a total Kubernetes noob, but I wanted to learn a bit more what it’s all about.
It was a very hands-on workshop, with a good balance between theory and practice. Everyone got his own Google Cloud environment to complete the labs.
Google Cloud Platform has its own managed Kubernetes service which is called Google Kubernetes Engine (GKE). We set up a Kubernetes cluster (using GKE), containerized an application in Docker and deployed an app to our Kubernetes cluster.
After a nice lunch we enhanced the security of our cluster using built-in Role Based Access Control (RBAC) and setup a dashboard.
In the last session of the day we explored how to setup the native Kubernetes Secrets functionality in the most secure way and we ended with configuring a automated pipeline.
If you wanna see what it was all about, you can find the labs on Github.
It was a real good introduction to Kubernetes for me. Another day well spent at SecAppDev. Tomorrow the last day. No more workshops, but a lot of very promising talks on the schedule!
Read more about SecAppDev 2019 day 1, day 2 and day 3
Read more about SecAppDev 2019 day 5.