Podknife - Securing Containers, First Steps in Docker and Kubernetes by DevOps and Docker Talk

Help
Help

Suggested Topics
- What is Podknife?
  
  Podknife is a curated podcast information and review site designed to be accessible in your browser from any device. We’re working to build the most useful podcast information source available by providing you with as much publicly available information about each podcast in our database as we can find and keeping it as up to date as possible.
- Can I listen to podcasts on Podknife?
  
  Yeah! There's a player at the bottom of the page.
- How can I get my podcast on Podknife?
  
  We’d love to hear about your podcast and consider it for addition. You can suggest your own by logging in and selecting the “Suggest a Podcast” link from the menu. Fill out the form and we’ll take it from there.
- How can I submit a review of a podcast?
  
  To submit a review of a podcast, go to the page of the podcast you want to review and click the "Submit Review" button below the image associated with the podcast. Clicking that button brings you to a new page where you can select a rating between 1 and 5 stars and write a brief review.
- How can I submit a review of a podcast episode?
  
  To submit a review of a podcast episode, go to the page of the podcast whose episode you want to review and find the specific episode you're looking for. Clicking on any episode reveals a "View Episode" button and clicking on that brings you to an episode-specific page where you can find more information displayed about the episode along with a "Submit Review" button. Clicking that brings you to a new page where you can select a rating between 1 and 5 stars and write a brief review of the episode.
- Is there a Podknife app?
  
  Not yet - we're keeping it in the browser at least for now. No app download required to access anything on the site.
- How can I change my display name?
  
  To change your display name, log in to Podknife and select "Account Settings" in the dropdown menu. From the Account Settings page, enter your desired new display name and press the "Save" button to confirm the change.
- How can I change my password?
  
  To change your password, log in to Podknife and select "Account Settings" in the dropdown menu. From the Account Settings page, enter your desired new password in the two fields below "Update Password" and press the "Save" button to confirm the change.
- How can I keep track of all my reviews?
  
  Within the menu, click on "My Profile", you will then be able to check all your reviews for both podcast & episode. You can also check all your favorite podcasts.
- How can I keep track of all my favorited podcasts?
  
  You can find podcasts you’ve favorited displayed on the My Profile page associated with your account (https://podknife.com/profile).
  You can share your My Profile page displaying your favorite podcasts as well as any reviews you’ve written publicly with a link in the form https://podknife.com/users/[displayname] where [displayname] is replaced by your Display Name.
- How can I favorite a podcast?
  
  On each podcast page you’ll find the outline of a star above the podcast title. Clicking this star fills it in and designates the podcast as a favorite (for logged in users) or invites the user to log in or register for an account (for users who are not logged in). You can find favorited podcasts displayed on the My Profile page associated with your account (https://podknife.com/profile).
- How can I register for a Podknife account?
  
  To register, click on the “Register” button in the top right of your browser window (or visit https://podknife.com/users/sign_up). Enter a Display Name to be associated with your account on the site (alongside any reviews you contribute, for example), an Email address to associate with the account and your password (twice for confirmation). Press the “Confirm” button and you should be all set, logged in and ready to review and favorite podcasts as you wish.
- How can I get in touch?
  
  We’d love to hear from you. You can reach us using the Feedback form (https://podknife.com/feedbacks/new) which can be found either in the footer on each page (for users who are not logged in) or in the dropdown menu (for logged in users).
  
  You can also reach us on Twitter by tweeting us @podknife (https://twitter.com/podknife) or on Facebook by messaging us from our page (https://www.facebook.com/podknife/).
- Log In
- Register
- Feedback
- Help
- Privacy Policy
- Terms of Use
© Podknife 2024

Please login or sign up to post and edit reviews.

This episode currently has no reviews.

Submit Review

Favorite Add to Queue

Securing Containers, First Steps in Docker and Kubernetes

Podcast |: DevOps and Docker Talk
Publisher |: Bret Fisher
Media Type |: audio
Podknife tags |: Interview,; Technology,; Web Development
Categories Via RSS |: Education,; How To,; News,; Tech News
Publication Date |: Sep 23, 2022
Episode Duration |: 00:53:12

Description
iTunes Summary

Bret goes through his top recommendations for securing container images, Docker containers and Kubernetes pods.

This is a tip-packed show where Bret lists much of what's documented in his courses, starting with the first steps you should take, and the bare security necessities that everyone should be doing. Then he covers more advanced security activities you should consider once the basics are covered.

Streamed live on YouTube on July 7, 2022.

Unedited live recording of this show on YouTube (Ep #177).

★Topics★Bret's Container Security AMA Docker Security Docs Docker Buys Atomist Slim.ai website: Auto-slimming imagesDocker Slim tool Kubescape website Kubernetes Security Context Seccomp by default Lint all files with super-linter Datree K8s file scan Kubernetes Benchmark My GitHub Actions examples: Automate your builds, CVE scans, and moreVideo on building a more secure base image Snyk security tools websiteTrivy CVE and K8s scans Falco for watching servers for bad behavior

★Join my Community★Best coupons for my Docker and Kubernetes courses

Chat with us on our Discord Server Vital DevOps

Homepage bretfisher.com

(00:00) - Intro
(00:52) - Mid-Roll Intro
(00:53) - Bret's Intro
(01:46) - Main show
(02:45) - What should I worry about first? The Basics!
(03:47) - Start with images
(04:28) - Bret.show/SecurityFirst
(05:04) - CVE scanning
(05:36) - Dependency scanning
(06:28) - Bret's Github with Dependabot
(07:25) - OS dependencies with Trivy and Snyk
(09:23) - Bret's Talks
(10:17) - Alpine is not always good
(11:27) - All hands on automation
(12:14) - Don't run as root inside the image
(14:04) - Question
(15:20) - Making slimmer images
(15:52) - Atomist
(17:19) - DockerSlim
(20:48) - Question
(22:21) - Question
(24:09) - Question
(24:36) - Question
(24:45) - Question
(25:15) - Securing Docker
(25:47) - Docker host scanner
(26:28) - Falco
(26:55) - Just use Docker
(28:28) - Question about Windows Containers
(30:19) - Maintain your servers
(31:12) - Docker in the cloud
(32:29) - Always stay on the latest Kubernetes release
(33:33) - Kube-bench
(34:22) - Tree.io
(35:04) - Pod specs
(36:08) - Sec comp
(37:33) - Security context
(38:57) - Privilege escalation
(39:50) - Superlinter
(40:54) - Question about Fargate
(42:35) - Network policies
(44:38) - Kubernetes docs article on security context
(45:16) - Question
(47:43) - Third-party security monitoring
(47:57) - Question about volumes
(48:45) - Question about Docker subnets
(49:30) - Question about secrets
(50:17) - Question about subnets 2
(50:48) - Question
(53:03) - Outro

You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!

Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Bret goes through his top recommendations for securing container images, Docker containers and Kubernetes pods.

Streamed live on YouTube on July 7, 2022.

Unedited live recording of this show on YouTube (Ep #177).

★Join my Community★Best coupons for my Docker and Kubernetes courses

Chat with us on our Discord Server Vital DevOps

Homepage bretfisher.com

(00:00) - Intro
(00:52) - Mid-Roll Intro
(00:53) - Bret's Intro
(01:46) - Main show
(02:45) - What should I worry about first? The Basics!
(03:47) - Start with images
(04:28) - Bret.show/SecurityFirst
(05:04) - CVE scanning
(05:36) - Dependency scanning
(06:28) - Bret's Github with Dependabot
(07:25) - OS dependencies with Trivy and Snyk
(09:23) - Bret's Talks
(10:17) - Alpine is not always good
(11:27) - All hands on automation
(12:14) - Don't run as root inside the image
(14:04) - Question
(15:20) - Making slimmer images
(15:52) - Atomist
(17:19) - DockerSlim
(20:48) - Question
(22:21) - Question
(24:09) - Question
(24:36) - Question
(24:45) - Question
(25:15) - Securing Docker
(25:47) - Docker host scanner
(26:28) - Falco
(26:55) - Just use Docker
(28:28) - Question about Windows Containers
(30:19) - Maintain your servers
(31:12) - Docker in the cloud
(32:29) - Always stay on the latest Kubernetes release
(33:33) - Kube-bench
(34:22) - Tree.io
(35:04) - Pod specs
(36:08) - Sec comp
(37:33) - Security context
(38:57) - Privilege escalation
(39:50) - Superlinter
(40:54) - Question about Fargate
(42:35) - Network policies
(44:38) - Kubernetes docs article on security context
(45:16) - Question
(47:43) - Third-party security monitoring
(47:57) - Question about volumes
(48:45) - Question about Docker subnets
(49:30) - Question about secrets
(50:17) - Question about subnets 2
(50:48) - Question
(53:03) - Outro

You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!

Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

This episode currently has no reviews.

Submit Review

This episode could use a review!

This episode could use a review! Have anything to say about it? Share your thoughts using the button below.

Submit Review