...

Moving Images From Non-Production to Production

Learn to move images from non-production to production.

We'll cover the following...

Vulnerability scanning
Configuration as code
Sign container images
Image promotion workflow

Many organizations have separate environments for development, testing, and production. Usually, development environments have fewer rules and are places where developers can experiment. This can involve non-standard images our developers eventually want to use in production. The following sections outline some measures we can take to ensure that only safe images get approved for production.

Vulnerability scanning

Vulnerability scanning should be at the top of the list for vetting images before allowing them into production. These services scan our images at a binary level and check their contents against databases of known security vulnerabilities (CVEs).

We should integrate vulnerability scanning into our CI/CD pipelines and implement policies that ...

Kubernetes Primer

Kubernetes Principles of Operation

Getting Kubernetes

Working With Pods: Theory

Working with Pods: Hands-On

Virtual Clusters with Namespaces

Kubernetes Deployments

Kubernetes Services: Theory

Kubernetes Services: Hands-On

Ingress

WebAssembly on Kubernetes

Service Discovery: Deep Dive

Kubernetes Storage

ConfigMaps

StatefulSets

API Security and RBAC

Kubernetes API

Threat Modeling Kubernetes

Real-World Kubernetes Security

Conclusion

Moving Images From Non-Production to Production

Vulnerability scanning