For organization wide adoption of Kubernetes to be successful, you will need to spend time improving security, efficiency and reliability. It is important to have visibility into your configurations around these topics.
You need to identify who is responsible for Kubernetes cluster security and how it will be managed. Can you quickly identify misconfigurations that leave security holes in your container and Kubernetes implementation?
Is Kubernetes running efficiently? Who is responsible for monitoring resource utilization to ensure you are not over provisioning or under provisioning resources. What’s the scope of your application or service?
Does Kubernetes introduce any downtime challenges? Is the system reliable? Are you implementing all of the self-healing, autoscaling functionality and doing it without introducing configuration problems?
Each of these areas requires you and your team to develop policies and establish ways to easily ensure they are implemented across your clusters. Policy-driven configuration validation can help to:
- Enforce custom policies through Open Policy Agent (OPA) integrations at the CI/CD stage, or as an admission controller
- Prevent mistakes by detecting issues during application development to prevent mistakes from entering production in the first place
- Save time by automatically scanning containers for vulnerabilities and auditing clusters for weaknesses
- Reduce costs by identifying how to increase the efficiency of Kubernetes compute resources