VMware Kubernetes Security for Heptio

Course Details
Code: EDU-KS
Tuition (USD): $463.00 • Classroom (4 hours)

This half-day course explores the security features of Kubernetes. Through a series of lecture and lab exercises, the security features of Kubernetes will be explored and implemented.

Skills Gained

By the end of the course, you should be able to meet the following objectives:

  • Understand the security model of Kubernetes
  • Understand the various Authentication mechanism in Kubernetes
  • Use RBAC policies to control access to clusters
  • Enable and view audit logging
  • Use Pod Security Policies to restrict what elevated privileges pods can request
  • Use Network Policies to restrict network access between pods in a cluster

Who Can Benefit

Anyone using a Kubernetes Cluster

Prerequisites

  • Linux concepts and command line proficiency
  • General networking proficiency
  • Completion of Kubernetes: Hands-on Workshop

Course Details

Product Alignment

  • Any Kubernetes Cluster

Outline

Course Introduction

  • Introductions and course logistics
  • Course objectives
  • Access the lab environment

Authentication

  • API security design
  • Authentication Methods

Authorization

  • RBAC
  • Role and ClusterRole
  • RoleBinding and ClusterRoleBinding
  • Example RBAC uses

Auditing and Secrets

  • API Server Audit Logging
  • Kubernetes Secrets
  • Encryption

Pod Security Policies & Security Contexts

  • Security Contexts
  • PodSecurityPolicies
  • PodSecurityPolicy Admission Controller

Network Policies

  • Network Isolation
  • Network Policies