Cluster

Table of contents Introduction Understanding Pod Security Standards (PSS) Implementing Pod Security Admission (PSA) Configuring PSA at the Cluster Level Example Configuration Explanation Applying the Configuration Implementing PSA in Production Real-World Examples Step 1: Create Namespaces with PSA Labels Step 2: Deploy Example Pods Deployment in namespace-dev (Allowed) Deployment in namespace-prod (Blocked) Step 3: Fixing Security Issues in namespace-prod Conclusion Securing Kubernetes: Implementing Pod Security Admission (PSA) with Pod Security Standards (PSS) In Kubernetes version 1.31, managing pod security is achieved through the implementation of Pod Security Admission (PSA) and adherence to Pod Security Standards (PSS). These mechanisms ensure that pods comply with security best practices, enhancing the overall security posture of your cluster. ...

Table of contents Security before installation Disable Swap and Load Kernel Modules Install and Configure Containerd Add Kubernetes Package Repository Install Kubernetes Components (Kubeadm, kubelet & kubectl) Initialize Kubernetes Cluster Install Helm Install Calico Network Add-on Plugin Install Ingress-Nginx Install Load Balancer Test Kubernetes Installation Finally security Summary Security before installation It’s best practices to run only Kubernetes on a dedicated server. Running side applications or tuning applications that are used by the cluster may impact Kubernetes itself and is not recommended or supported. ...