云原生安全模型与实践

阅读量：372 次

发布时间：2019-03-04

本文共 1959 字，大约阅读时间需要 6 分钟。

?????????????????

???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

??????????????

?????Deep Defense in Depth?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

??? IDaaS ???????????????????????????????????/????/?????????????????????????????????????????????????????????????

?????????????????????????????

?/????/?????

?????????????????K8s???????????????????????????????????K8s????????????????????????????????????????

???????????ARP???DDoS??????????????????Kubernetes???????????

????Internet????Kubernetes?????Control Plane????????????????IP????Kubernetes??API?

????????????????????????????NodePort?LoadBalancer???Kubernetes?????????????Internet?

??????????????????????????????????

?etcd?Kubernetes??????????????????????????????????????????TLS????????????????Encryption at rest??

?????

??Kubernetes??????????????????????????????????????????????????????????

??API??????

??TLS?????

??API??

??API?????RBAC?

Kubelet??????

???????????

?????RBAC?

??TLS?????

Runtime????????????????????

????????

????????

???????????

??Pod????????

???????????

????????????

???????etcd

????????

??????????

????????

?????

?????????Kubernetes??????????????????????????

????????????

?????????

?????????????

?????

???????????????????????????????????????????????????????????????????

??????????

?????????

???????????

??????????????

?????????????/????/????????????????????????????????????????????????????????????????????????????????????????????????

????

????????????????????Facebook?Splunk???????CTO?????IDaaS?????????????????0?1??????????????????????????????????????

????

[1] https://baike.baidu.com/item/????/8282191

[2] https://kubernetes.io/docs/concepts/security/overview/

[3] https://www.stackrox.com/post/2020/09/protecting-against-kubernetes-threats-chapter-8-lateral-movement/

转载地址：http://omxe.baihongyu.com/

你可能感兴趣的文章

nodejs中Express 路由统一设置缓存的小技巧

nodejs配置express服务器，运行自动打开浏览器

查看>>

Node入门之创建第一个HelloNode

查看>>

Node出错导致运行崩溃的解决方案

查看>>

Node提示:error code Z_BUF_ERROR,error error -5,error zlib:unexpected end of file

NotImplementedError: Cannot copy out of meta tensor； no data! Please use torch.nn.Module.to_empty()

查看>>

npm install digital envelope routines::unsupported解决方法

查看>>

npm install报错，证书验证失败unable to get local issuer certificate

查看>>

npm run build 失败Compiler server unexpectedly exited with code: null and signal: SIGBUS

查看>>

npm run build报Cannot find module错误的解决方法

查看>>

npm run build部署到云服务器中的Nginx（图文配置）

查看>>

npm start运行了什么

查看>>

npm WARN deprecated core-js@2.6.12 core-js@＜3.3 is no longer maintained and not recommended for usa