Kubernetes security

Threat matrix for Kubernetes – https://www.microsoft.com/security/blog/2020/04/02/attack-matrix-kubernetes/

RSA’20 The future of Kubernetes attacks – https://youtu.be/CH7S5rE3j8w

K8S is based on Controller pattern.

Resources capture the desired state.

Current state is kept centralized in etcd.

Controllers reconcile current state with desired state.

K8S has more a centralized control plane compared to Cloud Foundry.

Pod is a top level resource.

Kubernetes <- kubectl

EKS <-eksctl

spinnaker – itself runs on kubernetes as a set of pods which can be scaled up

Cheat sheet:



kubectl get nodes

kubectl get pods


Is a kind of resource manager, for Custom resources.




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s