When utilizing Kubernetes clusters, it is important to dive into some of the best practices to keep them secure.
Security for the Kubernetes cluster
Your role as an administrator will vary depending on the type of Kubernetes cluster you are running. If you run workloads in a managed cluster, some of the cluster security (such as security of the control plane components and operating system patches) is handled by the cloud provider. This means you as an administrator have to take part in securing some part of the cluster.
The code is run in the containers and the images used to spin up the clusters are still fully managed by you, so you should consider appropriate security controls. If we are on an on-premise Kubernetes cluster, we are fully responsible for securing the cluster. This includes hardening the master and worker nodes, securely configuring administrative interfaces, running containers with secure configurations, ensuring that the applications being deployed are free of any vulnerabilities and the list goes on. In essence, we are responsible for securing every component of the cluster.
In addition to the security controls, we will also need to establish appropriate monitoring controls in the cluster to be