You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"Who's idea was it to let third-parties run whatever they wanted in a Kubernetes?" A story on how Christian should have done this with Docker.
Cert isolation - Can't have a bad cert affect our normal certs. Cert errors could be bad. Should probably create a new cert per thing? Maybe always have it be non-secured?
Service isolation - Pods shouldn't be able to use any service at all. No Egress. Only Ingress from nginx.
Network isolation - Pods shouldn't be able to make any calls via ip.
Pod isolation - Pods shouldn't have k8 control or access to other pods.
Environment Variable isolation - Block access to default environment variables.
"Who's idea was it to let third-parties run whatever they wanted in a Kubernetes?" A story on how Christian should have done this with Docker.