https://davidan.dev/tags/devops/ Recent content in devops on David An Hugo -- gohugo.io en-us Sun, 01 Jun 2025 00:00:00 +0000 https://davidan.dev/posts/k8s-2/ Sun, 01 Jun 2025 00:00:00 +0000 https://davidan.dev/posts/k8s-2/ In a continuation of the previous article, we explore the implementation of these different examples. Specifically, we will be covering workload separation, authentication, and other hardedning techniques. This article will have an example followed by a short explanation of what and why we should do that. We assume that the reader has a basic understanding of Kubernetes topics such as pods, service accounts, and secrets. Read Only File-Systems Read Only File System with Mounted Volume Show All Show Less spec: containers: - command: [" https://davidan.dev/posts/k8s/ Sat, 06 Jul 2024 00:00:00 +0000 https://davidan.dev/posts/k8s/ Kubernetes is now widely used for managing containerized applications. As more organizations adopt it, understanding its security aspects becomes crucial. This paper examines the key security challenges in Kubernetes and suggests ways to address them. Basic Concepts of Kubernetes Security Kubernetes operates across many computers, often in different locations. This spread-out nature makes security more complex. Kubernetes also constantly creates and removes small units of work called pods. This constant change means that old security methods designed for unchanging systems don’t work well.