Safely manage your secret information like passwords, keys, and
certificates in Kubernetes. This practical guide is full of best
practices and methods for adding layers of security that will defend the
critical data of your applications.
In Kubernetes Secrets Management you will find:
Strategies for storing secure assets in Kubernetes
Cryptographic options and how to apply them in Kubernetes
Using the HashiCorp Vault server on Kubernetes for secure secrets
storage
Managing security with public cloud providers
Applying security concepts using tools from the Kubernetes ecosystem
End-to-end secrets storage from development to operations
Implementing in Kubernetes in CI/CD systems
Secrets, like database passwords and API keys, are some of the most
important data in your application. Kubernetes Secrets Management
reveals how to store these sensitive assets in Kubernetes in a way
that's protected against leaks and hacks. You'll learn the default
capabilities of Kubernetes secrets, where they're lacking, and
alternative options to strengthen applications and infrastructure.
Discover a security-first mindset that is vital for storing and using
secrets correctly, and tools and concepts that will help you manage
sensitive assets such as certificates, keys, and key rotation.
Purchase of the print book includes a free eBook in PDF, Kindle, and
ePub formats from Manning Publications.
About the technology
Kubernetes relies on passwords, tokens, keys, certificates, and other
sensitive information to keep your system secure. But how do you keep
these "secrets" safe? In this concise, practical book you'll learn
secrets management techniques that go far beyond the Kubernetes
defaults.
About the book
Kubernetes Secrets Management reveals security best practices and
reliable third-party tools for protecting sensitive data in
Kubernetes-based systems. In this focused guide, you'll explore
relevant, real-world examples like protecting secrets in a code
repository, securing keys with HashiCorp Vault, and adding layers to
maintain protection after a breach. Along the way, you'll pick up
secrets management techniques you can use outside Kubernetes, as well.
What's inside
Cryptographic options you can apply in Kubernetes
Managing security with public cloud providers
Secrets storage, from development to production
End-to-end Kubernetes secrets management in CI/CD systems
About the reader
For readers experienced with Kubernetes and CI/CD practices.
About the author
Alex Soto is a director of developer experience at Red Hat, a Java
Champion since 2007, an international speaker, and a teacher at Salle
URL University. Andrew Block is a distinguished architect with Red
Hat, and an active member of the open-source community.
Table of Contents
PART 1 SECRETS AND KUBERNETES
1 Kubernetes Secrets
2 An introduction to Kubernetes and Secrets
PART 2 MANAGING SECRETS
3 Securely storing Secrets
4 Encrypting data at rest
5 HashiCorp Vault and Kubernetes
6 Accessing cloud secrets stores
PART 3 CONTINUOUS INTEGRATION AND CONTINUOUS DELIVERY
7 Kubernetes-native continuous integration and Secrets
8 Kubernetes-native continuous delivery and Secrets