Update readme.md

Add some related security tools.
This commit is contained in:
Ali Yazdani 2019-10-16 14:45:42 +02:00 committed by GitHub
parent 6a81a130cc
commit 52d02cea63
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -1,4 +1,4 @@
Kubernetes is an open-source container-orchestration system for automating application deployment, scaling, and management. It was originally designed by Google, and is now maintained by the Cloud Native Computing Foundation. > Kubernetes is an open-source container-orchestration system for automating application deployment, scaling, and management. It was originally designed by Google, and is now maintained by the Cloud Native Computing Foundation.
### API addresses that you should know *(External network visibility)* ### API addresses that you should know *(External network visibility)*
--- ---
@ -31,3 +31,12 @@ curl -k https://<IP address>:10250/pods
``` ```
curl -k https://<IP Address>:10255 curl -k https://<IP Address>:10255
``` ```
----
### Tools for detecting misconfigurations in Kubernetes:
---
* [kubeaudit](https://github.com/Shopify/kubeaudit). kubeaudit is a command line tool to audit Kubernetes clusters for various different security concerns: run the container as a non-root user, use a read only root filesystem, drop scary capabilities, don't add new ones, don't run privileged, ...
* [kubesec.io](https://kubesec.io/). Security risk analysis for Kubernetes resources.
* [kube-bench](https://github.com/aquasecurity/kube-bench). kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the [CIS Kubernetes Benchmark](https://www.cisecurity.org/benchmark/kubernetes/).
* [katacoda](https://katacoda.com/courses/kubernetes). Learn Kubernetes using interactive broser-based scenarios.