menu

Google Kubernetes Engine Best Practices: Security

Advanced 6 Schritte 7 Stunden 44 Guthabenpunkte

Get Anthos Ready. This second Google Kubernetes Engine-centric Quest of best practices hands-on labs focuses on security at scale when deploying and managing production GKE environments -- specifically role-based access control, hardening, VPC networking, and binary authorization. Looking for a hands on challenge lab to demonstrate your skills and validate your knowledge? On completing this quest, enroll in and finish the additional challenge lab at the end of this quest to receive an exclusive Google Cloud digital badge.

Voraussetzungen:

It is recommended that students have completed the first Quest in this series Google Kubernetes Best Practices before attempting these labs.

Quest Outline

Praxisorientiertes Lab

warning GKE: Migration in Container

In diesem Lab werden grundlegende Konfigurationsschritte für die Migration einer zustandslosen Anwendung gezeigt, die bisher auf einer VM lief und künftig auf Kubernetes Engine (GKE) ausgeführt werden soll. Dargestellt wird der Lebenszyklus einer Anwendung beim Übergang von einem typischen Deployment, das auf einer VM oder einem Betriebssystem basiert, in drei verschiedene containerisierte Cloudinfrastruktur-Plattformen.

Deutsch English español (Latinoamérica) français 日本語 português (Brasil)
Praxisorientiertes Lab

How to Use a Network Policy on Google Kubernetes Engine

In this lab you learn how to improve the security of your Kubernetes Engine by applying fine-grained restrictions to limit intra-cluster network communication.

English español (Latinoamérica) français 日本語 português (Brasil)
Praxisorientiertes Lab

Using Role-based Access Control in Kubernetes Engine

After provisioning two service accounts to represent user personas and three namespaces: dev, test, and prod, you will test the access controls of the personals in each namespace.

English español (Latinoamérica) français 日本語 português (Brasil)
Praxisorientiertes Lab

Google Kubernetes Engine Security: Binary Authorization

This lab deploys a Kubernetes Engine Cluster with the Binary Authorization feature enabled; you'll learn how to whitelist approved container registries and the process of creating and running a signed container.

English español (Latinoamérica) français 日本語 português (Brasil)
Praxisorientiertes Lab

Securing Applications on Kubernetes Engine - Three Examples

In this lab you will learn how Kubernetes Engine security features can be used to grant varying levels of privilege to applications based on their particular requirements

English español (Latinoamérica) français 日本語 português (Brasil)
Praxisorientiertes Lab

Hardening Default GKE Cluster Configurations

This lab demonstrates some of the security concerns of a default GKE cluster configuration and the corresponding hardening measures to prevent multiple paths of pod escape and cluster privilege escalation

English español (Latinoamérica) français 日本語 português (Brasil)

Jetzt anmelden

Melden Sie sich für die Aufgabenreihe an, um zu sehen, wie Sie Schritt für Schritt Ihr Abzeichen erreichen.