Container Security Part 3 – Kubernetes Cheat Sheet

EH-Net - Johnson - Container Security Part 3 – Kubernetes Cheat SheetDuring the first two articles of this series, we went from some initial research as a “Quick Dive into Containers, Kubernetes and Security” to a more detailed look at the first steps of actual implementation in “Container Security Part 2 – Benchmarks to the Rescue”. While that mostly covered Docker, my obvious next step was to tackle Kubernetes. This led to not only a much deeper dive but also  to the inevitable glut of information. To make it easier for me, I created a cheat sheet of commands for use in Kubernetes. As my intention was always to share my findings, this ended up being a great companion piece to tag along with my talk at BSides Toronto 2018 titled “Kubernetes –  Security you need to know about it”.

The bulk of this article is the Cheat Sheet itself. But before we get to it, let me give a little background and credit. This is a personal cheat sheet I have made while going through the Learn Kubernetes Basics tutorials, and specifically, “Using Minikube to Create a Cluster”. I used the interactive tutorial, and copied the commands to a cluster in my ESXi server. This cheat sheet does not go through setting up an environment that runs Kubernetes and Docker. This assumes Docker and Minikube are installed. For a non-interactive tutorial follow Hello Minikube.

And now on with the show…

Kubernetes Cheat Sheet

Using Kubeless

To Start

  • minikube version
    • show version
  • minikube start
    • start internal minikube VM cluster
  • kubectl cluster-info
    • list information about the cluster. Such as the IP and port the Kubernetes master is running on.

Deployment

  • kubectl run kubernetes-bootcamp –image=gcr.io/google-samples/kubernetes-bootcamp:v1 –port=8080
    • Deploying imagine Bootcamp from google-samples, exposing on port 8080

Access

*** This is a Security Bloggers Network syndicated blog from The Ethical Hacker Network authored by Haydn Johnson. Read the original post at: http://feedproxy.google.com/~r/eh-net/~3/YICw8TP35Js/