Security
K8s security tips
Last updated
K8s security tips
Last updated
Make sure you are using the latest K8s and ETCD versions.
Block K8s ports 10250 and 10255
Split root superpowers into a series of capabilities, such as:
CAP_FOWNER (used by chmod)
CAP_CHOWN (used by chown)
CAP_NET_RAW (used by ping)
Example 01.
Example 02.
Use to inspect changes to files or directories on a container’s filesystem.