Follow these exercises to learn about native controls you can use to lock down your Kubernetes applications.

They’re meant to be done in order, but you should be able to complete each one on its own, too.

Exercise

Setup

Exercise

Streamlined images

Exercise

Read-only root file system

Exercise

Read-only host mounts

Exercise

Network policies

Exercise

Tune Kubernetes RBAC and account provisioning

Exercise

Use separate namespaces

Exercise

Use a non-root user

Exercise

Avoid privileged mode

Exercise

Set resource limits