This guide explains the steps to follow in order to create a secure network of Debian based distro servers and install a Kubernetes cluster on them.
Step 1: Set-up a hardened Linux server
We want to apply the minimum set-up to Set-up a hardened Linux server for each of our Debian based distros (e.g. Ubuntu).
Step 2: Secure servers behind a private network
Once we hardened our servers, we want to Secure them behind a private network to isolate them from outside and limit the attack surface.
Step 3: Install kubernetes on bare metal servers
Once we have hardened and secured our servers behind a private network, we are ready to Install Kubernetes.
Step 4: Encrypt Etcd database
By default Kubernetes does not encrypt the data stored in its database. In the eventuality of an attacker stealing the database, we want to protect it by Encrypting the Etcd database .
Step 5: Check-out from private Docker registry in Kubernetes
Some containers are protected in private Docker registries. We are going to explain how to Check-out from private Docker registry in Kubernetes.
Step 6: Publicly expose a website via HTTP and HTTPS with Kubernetes
Now we have a secure Kubernetes installation, we are ready to Publicly expose a website via HTTP and HTTPS with Kubernetes.