How to Secure Your Node.js Containers on Kubernetes With Best Practices
JavaScript Conferences by GitNation via YouTube
Overview
Syllabus
Intro
Kubernetes Security
Use RBAC
Use OpenID Connect
Use Secrets
Keep Kubernetes version up to date
Restrict kubelet, API, and SSH access
Control traffic between pods and clusters
Use namespaces to isolate workloads
Limit resource usages
Use monitoring tools and enable audit logging
Infrastructure best practices
Do not run containers as root
Use minimal up-to-date official base images
Prevent loading unwanted kernel modules
Enable container image scanning in your CI/CD phase
Audit images
Use pod security policies
Node.js specific
Taught by
JavaScript Conferences by GitNation