Source: medium.com
Secure Your Kubernetes Cluster With Pod Security PoliciesCategory: Kubernetes
You still have to compromise between administrative control and developer flexibility and velocity to ensure you don’t leave any holes in our cluster. There are various areas you need to consider to enable security within your cluster.
To enforce strict checks within your Cluster, you need to enable the Pod Security Policy within your Cluster via an admission controller.
For example, in GKE you can run the following to create a cluster with pod security policy enabled: And this to enable pod security policy on an existing cluster: We’re using a GKE cluster for this demonstration and we’ve enabled a cluster-wide pod security policy.
Pod security policy has a broader control on a lot of other aspects of the pod and you should use it appropriately, according to the needs of your cluster and your applications.
To enforce strict checks within your Cluster, you need to enable the Pod Security Policy within your Cluster via an admission controller.
For example, in GKE you can run the following to create a cluster with pod security policy enabled: And this to enable pod security policy on an existing cluster: We’re using a GKE cluster for this demonstration and we’ve enabled a cluster-wide pod security policy.
Pod security policy has a broader control on a lot of other aspects of the pod and you should use it appropriately, according to the needs of your cluster and your applications.
Related Articles
Community Partners
DevOps Careers