From the course: Securing Containers and Kubernetes Ecosystem
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Kubernetes network security - Kubernetes Tutorial
From the course: Securing Containers and Kubernetes Ecosystem
Kubernetes network security
- [Instructor] From access control, security context and policies. Now let's switch gears to Kubernetes network security. Kubernetes doesn't follow the Docker container networking model. When it comes to port allocation, service discovery and load balancing, the Kubernetes network model is designed to be backward compatible with VMs or physical hosts. Every pod gets assigned an IP address just as a VM does and just like a VM can talk to another VM, so can a pod. There is no need for network address translation or NAT. There's no need to map ports on a host to the ports on a pod. In fact, the Kubernetes networking model requires this simplicity and this network model is made possible by the virtue of external network plugins. Well, this simplicity of interpod communication actually creates some security challenges. By default, pods can send and receive traffic to and from any source without any restriction. But let's say…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
(Locked)
Securing applications in Kubernetes2m 47s
-
(Locked)
Pod Security Standard3m 34s
-
(Locked)
Access management53s
-
(Locked)
Authenticating users4m 54s
-
(Locked)
Authenticating service accounts2m 11s
-
(Locked)
Authorization3m 51s
-
(Locked)
Admission control3m 20s
-
(Locked)
Security context2m 59s
-
(Locked)
Security Policy57s
-
(Locked)
Kubernetes network security3m 16s
-
(Locked)
Secrets management5m 15s
-
(Locked)
-
-
-