Kubernetes Security Features Improve with 1.7 Release
Kubernetes 1.7 was recently released. The highlights of the release include much improved security features. Here’s a summary from Kubernetes blog:
At-a-glance, security enhancements in this release include encrypted secrets, network policy for pod-to-pod communication, node authorizer to limit kubelet access and client / server TLS certificate rotation.
Security is often cited as one of the top concerns of our customers when they deploy containerized applications in a production environment. The emphasis on security features in the Kubernetes release further validates that security is not an optional function or an afterthought – it is much more than a procedure or task in a CI/CD process. Security has to be a key consideration from the infrastructure planning stage to the run-time environment. We call this Continuous Container Security (CS).
Kubernetes improved its security features for access control, secrets and certificates management and end-to-end encryption. From our point of view, these are the core security features which should be supported by the Kubernetes platform. Certain security layers work more smoothly and efficiently when they are integrated into the orchestration layer. The hardened platform provides a secure base for container users.
Read the entire article here, Kubernetes Security Features Improve with 1.7 Release