├── .DS_Store ├── .gitignore ├── Container-Networking-Docker-Kubernetes.pdf ├── Cost_Optimization.md ├── From Docker to Kubernetes - container networking.pdf ├── LICENSE ├── Networking_PrivateIngress.md ├── Operational_Excellence.md ├── Operational_Excellence_deployment.md ├── Operational_Excellence_maintenance.md ├── Overview.md ├── README.md ├── Security.md ├── Security_securing_a_cluster.md ├── Security_securing_workloads.md ├── Security_setting_up_environments.md ├── Service-Principal-Names └── expired-sp-password ├── aks-azure-monitor └── examples ├── container_security__from_ima_366118.pdf ├── networking ├── internal_ingress_values.yaml └── sample_internal_ingress_deployment.yaml ├── securing_a_cluster ├── create-namespaces.yaml ├── namespace-limitranges.yaml ├── namespace-quotas.yaml ├── role_deployment_manager.yaml ├── role_log_reader.yaml └── securing_a_cluster.png └── securing_workloads ├── networkpolicy_securing_egress.yaml ├── podsecuritypolicy_privileged.yaml └── podsecuritypolicy_restricted.yaml /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/.DS_Store -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/.gitignore -------------------------------------------------------------------------------- /Container-Networking-Docker-Kubernetes.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/Container-Networking-Docker-Kubernetes.pdf -------------------------------------------------------------------------------- /Cost_Optimization.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/Cost_Optimization.md -------------------------------------------------------------------------------- /From Docker to Kubernetes - container networking.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/From Docker to Kubernetes - container networking.pdf -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/LICENSE -------------------------------------------------------------------------------- /Networking_PrivateIngress.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/Networking_PrivateIngress.md -------------------------------------------------------------------------------- /Operational_Excellence.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/Operational_Excellence.md -------------------------------------------------------------------------------- /Operational_Excellence_deployment.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/Operational_Excellence_deployment.md -------------------------------------------------------------------------------- /Operational_Excellence_maintenance.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/Operational_Excellence_maintenance.md -------------------------------------------------------------------------------- /Overview.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/Overview.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/README.md -------------------------------------------------------------------------------- /Security.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/Security.md -------------------------------------------------------------------------------- /Security_securing_a_cluster.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/Security_securing_a_cluster.md -------------------------------------------------------------------------------- /Security_securing_workloads.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/Security_securing_workloads.md -------------------------------------------------------------------------------- /Security_setting_up_environments.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/Security_setting_up_environments.md -------------------------------------------------------------------------------- /Service-Principal-Names/expired-sp-password: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/Service-Principal-Names/expired-sp-password -------------------------------------------------------------------------------- /aks-azure-monitor/examples: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/aks-azure-monitor/examples -------------------------------------------------------------------------------- /container_security__from_ima_366118.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/container_security__from_ima_366118.pdf -------------------------------------------------------------------------------- /networking/internal_ingress_values.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/networking/internal_ingress_values.yaml -------------------------------------------------------------------------------- /networking/sample_internal_ingress_deployment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/networking/sample_internal_ingress_deployment.yaml -------------------------------------------------------------------------------- /securing_a_cluster/create-namespaces.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: dev -------------------------------------------------------------------------------- /securing_a_cluster/namespace-limitranges.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/securing_a_cluster/namespace-limitranges.yaml -------------------------------------------------------------------------------- /securing_a_cluster/namespace-quotas.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/securing_a_cluster/namespace-quotas.yaml -------------------------------------------------------------------------------- /securing_a_cluster/role_deployment_manager.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/securing_a_cluster/role_deployment_manager.yaml -------------------------------------------------------------------------------- /securing_a_cluster/role_log_reader.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/securing_a_cluster/role_log_reader.yaml -------------------------------------------------------------------------------- /securing_a_cluster/securing_a_cluster.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/securing_a_cluster/securing_a_cluster.png -------------------------------------------------------------------------------- /securing_workloads/networkpolicy_securing_egress.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/securing_workloads/networkpolicy_securing_egress.yaml -------------------------------------------------------------------------------- /securing_workloads/podsecuritypolicy_privileged.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/securing_workloads/podsecuritypolicy_privileged.yaml -------------------------------------------------------------------------------- /securing_workloads/podsecuritypolicy_restricted.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Azure/k8s-best-practices/HEAD/securing_workloads/podsecuritypolicy_restricted.yaml --------------------------------------------------------------------------------