Awesome
K8s Security Playground on kind
Features
About Pod
Pod Security
Pod Security is verified by Conftest in CI, and by Gatekeeper in the cluster.<br> See this repository for policy details.
Private Registry
Application images are managed by DockerHub's private repository.
About Secret
Certificate Management
Certificates are managed by cert-manager.
Secret Management
Secrets are managed by AWS Secret Manager, and injected by External Secrets Operator.
About Network
Network Policy
Global network policy is managed by Calico.
TLS
TLS termination is managed by Ingress NGINX.<br> mTLS is managed by Linkerd.
Traffic Control
Traffic control is managed by Linkerd.
About Auth
Authn and Authz
Authentication is enabled with X509 Client Certs.<br> RBAC authorization is also enabled.
<!-- ## Usage ### Requirement - kubectl - kind - Go - Helm, Helmfile, helm-diff ### Preparation 1. Push an image to DockerHub<br> See https://github.com/YunosukeY/k8s-playground-backend#preparation-for-kind-sample 2. Create .env.dockerhub file ```sh cat <<EOF > .env.dockerhub DOCKER_USERNAME={DOCKERHUB_USERNAME} DOCKER_PASSWORD={DOCKERHUB_PASSWORD} EOF ``` 3. Update images in `k8s/app/kustomization.yaml` with your own image. ### To Create a Cluster ```sh ./kind/e2e.sh create ``` ### To Run E2E Test ```sh go test cmd/e2e/main_test.go ``` ### To Delete the Cluster ```sh ./e2d.sh delete ``` -->