- \n
- Program overview: Microservices March 2022: Kubernetes Networking<\/a>\n
- Unit 1: Architecting Kubernetes Clusters for High‑Traffic Websites<\/a><\/li>\n
- Unit 2: Exposing APIs in Kubernetes<\/a><\/li>\n
- Unit 3: Microservices Security Pattern in Kubernetes<\/strong> (this post)<\/li>\n
- Unit 4: Advanced Kubernetes Deployment Strategies (coming soon)<\/li>\n<\/ul>\n
<\/em><\/p>\n
![\"\"](\"https:\/\/www.nginx.com\/wp-content\/uploads\/2022\/03\/Microservices-March-2022-unit-3_header.svg\")
<\/a><\/p>\nMastering your north‑south traffic is just the beginning…once your services start communicating within the cluster – a.k.a. east‑west traffic – you have a whole new set of problems! Unit 3 answers the question How do I secure my APIs and apps to be production‑ready?<\/em><\/p>\n
Three activities guide you progressively from a high‑level overview to practical application. We suggest you complete all three to get the best experience.<\/p>\n
- \n
- Step 1: Watch the Livestream (1 Hour)<\/a><\/li>\n
- Step 2: Deepen Your Knowledge (1–2 Hours)<\/a><\/li>\n
- Step 3: Get Hands‑On (1 Hour)<\/a><\/li>\n<\/ul>\n
Step 1: Watch the Livestream (1 Hour)<\/h2>\n
Each Microservices March livestream provides a high‑level overview of the topic featuring subject matter experts from learnk8s<\/a> and NGINX. If you miss the live airing on March 21 –<\/span> don\u2019t worry! You can catch it on demand.<\/p>\n
In this episode, we cover:<\/p>\n
- \n
- The sidecar pattern<\/li>\n
- Policies to make services more secure and resilient<\/li>\n
- Service meshes<\/li>\n
- Mutual TLS (mTLS)<\/li>\n
- End-to-end encryption<\/span><\/li>\n<\/ul>\n
Step 2: Deepen Your Knowledge (1–2 Hours)<\/h2>\n
We expect you\u2019ll have more questions after the livestream – that\u2019s why we curated a collection of relevant reading and videos. This Unit\u2019s deep dive covers how to secure your Kubernetes apps and APIs.<\/p>\n
\n\n![\"\"](\"https:\/\/www.nginx.com\/wp-content\/uploads\/2022\/03\/kubernetes-security-best-practices-livestream_featured.jpeg\")
<\/a>\n<\/div>\nWebinar | Kubernetes Security – Best Practices and Thoughts from the Field<\/a><\/strong>
\nIn this 35‑minute livestream we look at security trends, transferring control over security to your Kubernetes environment, and the role of Kubernetes security in mitigating API breaches.\n<\/div>\n<\/div>\n\n![\"\"](\"https:\/\/www.nginx.com\/wp-content\/uploads\/2021\/12\/six-ways-secure-Kubernetes_featured.png\")
<\/a>\n<\/div>\nBlog | Six Ways to Secure Kubernetes Using Traffic Management Tools<\/a><\/strong>
\nOrganizations adopt Kubernetes for its promise of agility and cost savings. But when there are security incidents in a Kubernetes environment, most organizations pull their Kubernetes deployments out of production<\/a>. In this blog we address six common use cases that you can solve with an Ingress controller or service mesh while making a big impact on the security of your apps and APIs.<\/p>\n<\/div>\n<\/div>\n\n![\"\"](\"https:\/\/www.nginx.com\/wp-content\/uploads\/2022\/03\/guidelines-zero-trust-Kubernetes_featured.svg\")
<\/a>\n<\/div>\nBlog | Seven Guidelines for Implementing Zero Trust in Kubernetes<\/a><\/strong>
\nDeploying Zero Trust for Kubernetes‑powered infrastructure and applications can be challenging. This blog contains a set of guidelines for building a Zero Trust Architecture in Kubernetes.\n<\/div>\n<\/div>\n<\/div>\nAt this point you\u2019re probably also wondering about service meshes and whether they’re something your organization needs. <\/p>\n
\n\n![\"\"](\"https:\/\/www.nginx.com\/wp-content\/uploads\/2021\/05\/NGINX-Service-Mesh-GA_featured.png\")
<\/a>\n<\/div>\nBlog | How to Choose a Service Mesh<\/a><\/strong>
\nLearn how to determine whether you’re ready for a mesh and if so how to select one.\n<\/div>\n<\/div>\n\n![\"\"](\"https:\/\/www.nginx.com\/wp-content\/uploads\/2021\/05\/wbr-service-mesh-ready_featured.png\")
<\/a>\n<\/div>\nWebinar| Are You Service Mesh Ready? Moving from Consideration to Implementation<\/a><\/strong>
\nWatch this on‑demand webinar for a discussion covering service mesh readiness, the importance of the data plane, and a demo of NGINX Service Mesh.\n<\/div>\n<\/div>\n<\/div>\nBonus Research<\/h3>\n
If you\u2019re keen to deepen your knowledge on security and service mesh – and have more than 1–2 hours to spend – then we suggest three additional resources to get you started.<\/p>\n
\n\n![\"\"](\"https:\/\/www.nginx.com\/wp-content\/uploads\/2020\/07\/ebk-ORM-Web-Application-Security-featured-500x300-1.png\")
<\/a>\n<\/div>\neBook | Web Application Security<\/a><\/strong>
\nWhile many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking – until now. This guide discusses both offensive and defensive security concepts that software engineers can easily learn and apply.<\/p>\n<\/div>\n<\/div>\n\n![\"\"](\"https:\/\/www.nginx.com\/wp-content\/uploads\/2018\/08\/ORM-Enterprise-Path-featured-500x300@2x-1.png\")
<\/a>\n<\/div>\neBook | The Enterprise Path to Service Mesh Architectures<\/a><\/strong>
\nThis practical eBook explains how a service mesh provides a configurable infrastructure layer that makes service-to-service<\/span> communication flexible, reliable, and fast.\n<\/div>\n<\/div>\n\n![\"\"](\"https:\/\/www.nginx.com\/wp-content\/uploads\/2020\/10\/2020-10-26-Get-the-Most-Out-of-K8s-with-NGINX-featured-500x300-1.png\")
<\/a>\n<\/div>\nWebinar | Get the Most Out of Kubernetes with NGINX<\/a><\/strong>
\nExplore the benefits of duplicating application services inside Kubernetes and look at some well\u2011established practices for deploying services such as WAF for applications that are running in Kubernetes. We cover trade‑offs between different options and the criteria that matter most to help you make the best decisions.\n<\/div>\n<\/div>\n<\/div>\n<\/p>\n
<\/p>\n
Step 3: Get Hands On (1 Hour)<\/h2>\n
Even with all the best webinars and research, there\u2019s nothing quite like getting your hands on the tech. The labs run you through common scenarios to reinforce your learning.<\/p>\n
In our third self‑paced lab, Protect Kubernetes Apps from SQL Injection<\/em>, you use NGINX as a sidecar to secure a pod and intercept unwanted east‑west traffic.<\/p>\n
To access the lab, you need to register<\/a> for Microservices March 2022. If you\u2019re already registered, the email you received with the Unit 3 Learning Guide includes access instructions. <\/p>\n<\/p>\n
Why Register for Microservices March?<\/h2>\n
While some of the activities (the livestreams and blogs) are freely available, we need to collect just a little personal information to get you set up with the full experience. Registration<\/a> gives you:<\/p>\n
- \n
- Access to four self‑paced labs where you can get hands‑on with the tech via common scenarios<\/li>\n
- Membership in the Microservices March Slack channel for asking questions of the experts and networking with fellow participants<\/li>\n
- Weekly learning guides to help you stay on top of the agenda<\/li>\n
- Calendar invites for the livestreams<\/li>\n<\/ul>\n
What\u2019s Next?<\/h2>\n
Unit 4: Advanced Kubernetes Deployment Strategies<\/em> begins on March 28. Learn about zero‑downtime deployments using tactics such as traffic splitting, blue‑green deployments, tracing, and mapping traffic flow in real time.<\/p>\n
![\"\"](\"https:\/\/www.nginx.com\/wp-content\/uploads\/2022\/03\/Microservices-March-2022-unit-3_footer.png\")
<\/a><\/p>\nThe post Microservices Security Pattern in Kubernetes<\/a> appeared first on NGINX<\/a>.<\/p>\n
Source: Microservices Security Pattern in Kubernetes<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
Microservices Security Pattern in Kubernetes This blog is the fourth in our five‑part series about Kubernetes networking for Microservices March 2022: Program overview: Microservices March 2022: Kubernetes Networking Unit 1: Architecting Kubernetes Clusters for High‑Traffic Websites Unit 2: Exposing APIs in Kubernetes Unit 3: Microservices Security Pattern in Kubernetes (this post) Unit 4: Advanced Kubernetes Deployment Strategies (coming soon) Mastering your north‑south traffic is just the beginning…once your services start communicating within the cluster – a.k.a. east‑west traffic – you have a whole new set of problems! Unit 3 answers the question How do I secure my APIs and apps to be production‑ready? Three activities guide you progressively from a high‑level overview to practical application. We suggest you complete all three to get the best experience. Step 1: Watch the Livestream (1 Hour) Step 2: Deepen Your Knowledge (1–2 Hours) Step 3: Get [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[169],"tags":[652],"class_list":["post-45570","post","type-post","status-publish","format-standard","hentry","category-news","tag-nginx"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/45570","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=45570"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/45570\/revisions"}],"predecessor-version":[{"id":45571,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/45570\/revisions\/45571"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=45570"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=45570"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=45570"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
- Step 2: Deepen Your Knowledge (1–2 Hours)<\/a><\/li>\n
- Unit 1: Architecting Kubernetes Clusters for High‑Traffic Websites<\/a><\/li>\n