Post

Kubernetes Network Security Deep Dive

Posted
By Hamza Nakabi
1 min read
Kubernetes Network Security Deep Dive

eBPF-Powered Security

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24

apiVersion: cilium.io/v1alpha1
kind: CiliumNetworkPolicy
metadata:
  name: http-basic-auth
spec:
  endpointSelector:
    matchLabels:
      app: api-server
  ingress:
  - fromEntities:
    - cluster
    toPorts:
    - ports:
      - port: "80"
      - port: "443"
    layer7:
    - http:
      - method: "POST"
        path: "/auth"
        basicAuth:
          username: "admin"
          passwordSecret:
            name: api-credentials
            key: password

CI/CD Integration

1
2
3
4
5
6
7
8
9
10
11
12

pipeline {
  agent any
  
  stages {
    stage('Network Policy Check') {
      steps {
        sh 'kube-score score manifests/ --enable-network-policy-check'
        sh 'checkov -d manifests/ --framework kubernetes'
      }
    }
  }
}
Kubernetes security
detection kubernetes
This post is licensed under CC BY 4.0 by the author.