Use the correct auth mode with API server authorization-mode=Node,RBAC
Ensure all traffic is protected by TLS
Use API authentication (smaller cluster may use certificates but larger multi-tenants may want an AD or some OIDC authentication).
Make kubeless protect its API via authorization-mode=Webhook
Make sure the kube-dashboard uses a restrictive RBAC role policy
Monitor RBAC failures
Remove default ServiceAccount permissions
Filter egress to Cloud API metadata APIs
Filter out all traffic coming into kube-system namespace except DNS
A default deny policy on all inbound on all namespaces is good practice. You explicitly allow per deployment.
Use a podsecurity policy to have container restrictions and protect the Node
Keep kube at the latest version.
There are three main ways to access ...READ MORE
switch Docker to 1.12.x; Kubernetes doesn't support ...READ MORE
Follow these steps
Add --bind-address=0.0.0.0 option to the line https://github.com/kubernetes/kubernetes/blob/v1.2.0/docs/getting-started-guides/coreos/azure/cloud_config_templates/kubernetes-cluster-main-nodes-template.yml#L218
Created ...READ MORE
I was facing the same error.
The nginix ...READ MORE
Hey @nmentityvibes, you seem to be using ...READ MORE
Try using ingress itself in this manner
except ...READ MORE
Hi Kalgi after following above steps it ...READ MORE
Follow these steps:
$ kubeadm reset
$ kubeadm init ...READ MORE
Install below packages on all of your ...READ MORE
Node components run on every node, maintaining ...READ MORE