Andrew Martin - Hacking Kubernetes
Here you can read online Andrew Martin - Hacking Kubernetes full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2021, publisher: OReilly Media, Inc., genre: Romance novel. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:
Romance novel
Science fiction
Adventure
Detective
Science
History
Home and family
Prose
Art
Politics
Computer
Non-fiction
Religion
Business
Children
Humor
Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.
- Book:Hacking Kubernetes
- Author:
- Publisher:OReilly Media, Inc.
- Genre:
- Year:2021
- Rating:3 / 5
- Favourites:Add to favourites
- Your mark:
Hacking Kubernetes: summary, description and annotation
We offer to read an annotation, description, summary or preface (depends on what the author of the book "Hacking Kubernetes" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.
Andrew Martin: author's other books
Who wrote Hacking Kubernetes? Find out the surname, the name of the author of the book and a list of all author's works by series.
Hacking Kubernetes — read online for free the complete book (whole text) full work
Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Hacking Kubernetes" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.
Font size:
Interval:
Bookmark:
by Andrew Martin and Michael Hausenblas
Copyright 2021 Andrew Martin and Michael Hausenblas . All rights reserved.
Printed in the United States of America.
Published by OReilly Media, Inc. , 1005 Gravenstein Highway North, Sebastopol, CA 95472.
OReilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles ( http://oreilly.com ). For more information, contact our corporate/institutional sales department: 800-998-9938 or corporate@oreilly.com .
- Acquisitions Editor: John Devins
- Development Editor: Angela Rufino
- Production Editor: Beth Kelly
- Copyeditor: FILL IN COPYEDITOR
- Proofreader: FILL IN PROOFREADER
- Indexer: FILL IN INDEXER
- Interior Designer: David Futato
- Cover Designer: Karen Montgomery
- Illustrator: Kate Dullea
- September 2021: First Edition
- 2021-02-08: First Release
- 2021-05-19: Second Release
- 2021-08-16: Third Release
See http://oreilly.com/catalog/errata.csp?isbn=9781492081739 for release details.
The OReilly logo is a registered trademark of OReilly Media, Inc. Hacking Kubernetes, the cover image, and related trade dress are trademarks of OReilly Media, Inc.
The views expressed in this work are those of the authors, and do not represent the publishers views. While the publisher and the authors have used good faith efforts to ensure that the information and instructions contained in this work are accurate, the publisher and the authors disclaim all responsibility for errors or omissions, including without limitation responsibility for damages resulting from the use of or reliance on this work. Use of the information and instructions contained in this work is at your own risk. If any code samples or other technology this work contains or describes is subject to open source licenses or the intellectual property rights of others, it is your responsibility to ensure that your use thereof complies with such licenses and/or rights.
978-1-492-08173-9
[FILL IN]
Welcome to Hacking Kubernetes, a book for Kubernetes practitioners who wantto run their workloads securely and safely. At time of writing, Kubernetes hasbeen around for some six years, give or take. There are over hundredcertified Kubernetes offeringssuch as distributions and managed services available. With an increasing numberof practitioners deciding to move their workloads to Kubernetes, we thoughtwe share our experiences in this space, to help make the workloads more secureand safe to deploy and operate. Thank you for joining us on the journey and wehope you have as much fun reading and applying as we had in writing it.
In this chapter, we will paint a picture of our intended audience, talk aboutwhy we wrote the book, and explain how we think you should go about using it,proving a quick content guide. We will also go over someadministrative details like Kubernetes versions and conventions used.
To get most out of the book, we assume that you either have a devops role,are a Kubernetes platform person, a cloud native architect, a Site ReliabilityEngineer (SRE), or something related to Chief Information Security Officer (CISO).We further assume that youre interested in hands-on, that is, while we discussthreats and defenses in principle, we try our best to demonstrate them at thesame time and point you to tools that can help you.
At this point we also want to make sure you understand that the book yourereading is targeting advanced topics. We assume that youre alreadyfamiliar with Kubernetes, and specifically Kubernetes security topics, at least ona surface level. In other words, we dont go into much details about how thingswork but summarise or recap important concepts or mechanisms on a per-chapterbasis.
We wrote this book with blue and red teams in mind. It goes without saying thatwhat we share here is to be used exclusively for defending your own Kubernetescluster and workloads.
In particular, we assume that you understand what containers are for and howthey run in Kubernetes. If you are not yet familiar with these topics, werecommend that you do some preliminary reading. The following are books wesuggest consulting:
Kubernetes: Up and Running by Brendan Burns, Kelsey Hightower, and Joe Beda
Managing Kubernetes by Brendan Burns and Craig Tracey
Kubernetes Security by Liz Rice and Michael Hausenblas
Container Security by Liz Rice
Now that we hopefully made clear what this book tries to achieve and who will,in our view, benefit from it, lets move on to a different topics: the authors.
Based on our combined 10+ years of hands-on experience designing,running, attacking, and defending Kubernetes-based workloads and clusters,we, the authors, want to equip you, the cloud native security practitioner,with what you need to be successful in your job.
Security is often illuminated by the light of past mistakes, and both of theauthors have been learning (and making mistakes in!) Kubernetes security for a while now.We wanted to be sure that what we thought we understood about the subject was true,so we wrote a book to verify our suspicions through a shared lens.
We both have served in different companies and roles, gave training sessions,and published material from tooling to blog posts as well as have sharedlessons learned on the topic in various public speaking engagements. Much ofwhat motivates us here and the examples we use are rooted in experiences wemade in our day-to-day jobs and/or saw at customers.
This book is a threat-based guide to security in Kubernetes, using a vanillaKubernetes installation with its (built-in) defaults as a starting point.Well kick off discussions with an abstract threat model of a distributedsystem running arbitrary workloads and progress to a detailed assessmentof each component of a secure Kubernetes system.
An enhanced Kubernetes Attack Matrix is used to represent hostile activity,baselined on Microsofts matrix and enriched by Alcide and ControlPlane(and friends). We use attack trees to communicate a clear understanding ofthe chain of exploits required to achieve compromise.
In each chapter, we examine a components architecture and potential defaultsettings and we reviews high-profile attacks and historical CVEs. We also demonstrateattacks and share best-practice configuration in order to demonstrate hardeningit from possible angles of attack.
In order to aid you in navigating the book, heres a quick rundown on thechapter level:
In we set the scene, introducing our main antagonist and also whatthreat modelling is.
The then focuses on pods, from configurations toattacks to defenses.
Next up, in we switch gears and dive deepinto sandboxing and isolation techniques.
The then covers supply chain attacks and what youcan do to detect and mitigate them.
In we then review networking defaults and how to secureyour cluster and workload traffic.
Then, in Chapter 6 we shift our focus on the persistency aspects, lookingat filesystems, volumes, and sensitive information at rest.
Chapter 7 covers the topic of running workloads for multitenants in a cluster and what can go wrong with this.
Font size:
Interval:
Bookmark:
Similar books «Hacking Kubernetes»
Look at similar books to Hacking Kubernetes. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.
Discussion, reviews of the book Hacking Kubernetes and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.