I learnt a lot about how to do secrets management in Kubernetes. I'm also very pleased and embarrassed (as a Kubernetes trainer) to say that I picked up a few tips & tricks about Kubernetes itself along the way!
Safely store secret information like passwords, keys, and certificates in Kubernetes. In this practical guide, you’ll discover methods for adding layers of security that will defend the critical data of your applications.
In Securing Kubernetes Secrets you will find:
Strategies for storing secure assets in Kubernetes
Cryptographic options and how to apply them in Kubernetes
Using the HashiCorp Vault server on Kubernetes for secure secrets storage
Managing security with public cloud providers
Applying security concepts using tools from the Kubernetes ecosystem
End-to-end secrets storage from development to operations
Implementing in Kubernetes in CI/CD systems
Secrets, like database passwords and API keys, are some of the most important data in your application. Securing Kubernetes Secrets reveals how to store these sensitive assets in Kubernetes in a way that’s protected against leaks and hacks. You’ll learn about the default capabilities of Kubernetes secrets, where they’re lacking, and alternative options to strengthen applications and infrastructure.
about the technology
Kubernetes secrets include small and sensitive data like passwords, tokens, and keys. The security defaults of Kubernetes are rarely enough to protect this valuable data, and can leave it—and you—exposed. In this book, you’ll learn how to bake security into Kubernetes-based applications right from the start with security best practices and reliable third-party tools like HashiCorp Vault.
about the book
Securing Kubernetes Secrets is a compact hands-on guide to storing and protecting sensitive data in a Kubernetes environment. You’ll learn a security-first mindset that is vital for storing and using secrets correctly, and tools and concepts that will help you manage sensitive assets such as certificates, keys, and key rotation.
Throughout, you’ll tinker with relevant real-world examples. Protect secrets stored in a source code repository and consume them in a Kubernetes cluster, deploy HashiCorp Vault to secure Kubernetes’s underlying infrastructure components and applications running on the platform, along with adding layers of security to maintain protection even in the event of a partial breach. By the time you’re finished, you’ll have a toolbox of techniques that you can apply both as a developer or operations professional.
about the reader
For readers experienced with Kubernetes, and CI/CD practices.
about the author
Alex Soto is a director of developer experience at Red Hat, a Java Champion since 2007, an international speaker, and a teacher at Salle URL University.
Andrew Block is a distinguished architect with Red Hat who works with organizations to design and implement solutions leveraging cloud native technologies. He is active in the open-source community as both a presenter and contributor.
customers also reading
FREE domestic shipping on orders of three or more print books