TEXAS A&M UNIVERSITY
Kubernetes
Audience: Platform Engineers and DevOps teams.
Purpose: Container orchestration and deployment.
Overview
Kubernetes is an open-source container orchestration platform for automating deployment, scaling, and management of containerized applications.
Resources
| Resource | Description |
|---|---|
| Kubernetes Documentation | Official documentation |
| GitOps Deployment | GitOps approach guide |
| werf | CI/CD tool for Kubernetes |
Security Guidance
NSA/CISA Kubernetes Hardening
The NSA and CISA have released comprehensive Kubernetes hardening guidance:
| Resource | Link |
|---|---|
| Feature Article | NSA Kubernetes Hardening Guidance |
| Full Report (PDF) | Kubernetes Hardening Guidance |
Key Security Recommendations
| Category | Recommendations |
|---|---|
| Pod Security | Use Pod Security Standards, avoid privileged containers |
| Network | Implement network policies, use encrypted communications |
| Authentication | Use strong authentication, avoid default service accounts |
| Audit Logging | Enable audit logging, monitor for suspicious activity |
| Upgrades | Keep clusters and dependencies updated |