Google Kubernetes Engine Security on Google Cloud Platform
Google Kubernetes Engine Security on Google Cloud Platform
Last updated 4/2025
Duration: 3h 3m | .MP4 1280x720, 30 fps(r) | AAC, 44100 Hz, 2ch | 942 MB
Genre: eLearning | Language: English
Last updated 4/2025
Duration: 3h 3m | .MP4 1280x720, 30 fps(r) | AAC, 44100 Hz, 2ch | 942 MB
Genre: eLearning | Language: English
A comprehensive guide to securing Google Kubernetes Engine (GKE) using RBAC, network policies, and best practices.
What you'll learn
- Set Up a K8s Cluster using GKE on Google Cloud Platform - GCP
- Learn and Apply RBAC to Secure Kubernetes API Access
- Hands-On RBAC: Secure Kubernetes Access with Practical Labs
- Configure SSL/TLS Certificates for Kubernetes Client Authentication
- Deploy Minikube Kubernetes Cluster on Google Cloud
- Explore RBAC Components Like Roles and RoleBindings to Manage Cluster Access
- Expand RBAC Permissions to enable users to manage Pods within a specific namespace.
- List and Manage Kubernetes Contexts
- Access and Work with a Minikube Kubernetes Cluster as a designated user with controlled privileges.
- Design and Implement Network Policies to regulate Pod-to-Pod communication securely.
- Enforce Pod-to-Pod Communication Restrictions using Network Policies in a hands-on lab session.
- Configure Selective Network Policies to allow controlled communication between specific Pods.
- Secure an Nginx Server on a Kubernetes cluster using HTTPS (TLS encryption) for enhanced security.
- VM Remote Access: Using MobaXterm or PuTTY for Secure Connections
Requirements
- Basic Understanding of Kubernetes
- Fundamental Knowledge of Linux Commands
- Experience with Kubernetes CLI (kubectl)
- Some Exposure to Cloud Platforms like Google Cloud Platform
Description
Understanding Kubernetes: Cluster Components and Architecture
Introduction
The Kubernetes Cluster Architecture
Learn Architecture Through Examples
Getting Started with Kubernetes
Control Plane Components in Kubernetes (Master Node)
Kubernetes Scheduler: A Key Control Plane Component
Kubernetes Controller Manager
Set Up a K8s Cluster on Google Kubernetes Engine (GKE)
Lab 1: Practical Kubernetes Cluster Setup
Lab 2: Practical Kubernetes Cluster Setup
Lab 3: Practical Kubernetes Cluster Setup
Lab 4: Practical Kubernetes Cluster Setup
RBAC Policies for Securing Kubernetes Cluster
Introduction
Key components of RBAC
How RBAC works?
How Role and RoleBinding Work Together
Kubernetes Roles: Defining Permissions and Access
Permissions Granted by Kubernetes Roles
Create a role
Bind the Role to a User or Service Account
Set Up a Minikube Kubernetes Cluster on Google Cloud
Project Overview
Launch VM for Minikube Cluster
Activate Cloud Shell and Connect to VM
Minikube Kubernetes Cluster Setup – Practical Lab 1
Minikube Kubernetes Cluster Setup – Practical Lab 2
Minikube Kubernetes Cluster Setup – Practical Lab 3
Start Minikube and Deploy Nginx Pod
Client Authentication using SSL/TLS Certificate
Set Up New Namespace & Launch Pod
Overview of Client Certificate Generation
Generate a Private Key
Generate a Certificate Signing Request (CSR)
Sign a CSR with Minikube's CA to Generate a User Certificate
Set and Verify Client Credentials in Kubernetes Config
RBAC: Role and RoleBinding
Create a Role
Create RoleBinding to Assign Role to User
Test RBAC Permissions
Access the K8s Minikube Cluster as a User
List and Manage Kubernetes Contexts
Set Up a New Context for a User
Verify RBAC Permissions with New Context
Modify and Test RBAC Role Permissions
Set Up and Verify Network Policies for Pods
Introduction to Kubernetes Network Policies
Why Restrict Pod-To-Pod Communication?
Understanding K8s Network Policies and CNI Plugins
Example Use Case Scenarios
Lab: Restrict Pod Communication Using Network Policies
Start Minikube with Cilium CNI
Create Two Pods with Labels
Verify Pod Connectivity Using Curl
Create Ingress Network Policy to Restrict Pod Access
Check if Pod-to-Pod Access is Blocked
Restrict Ingress/Egress Traffic with Network Policy
VM Remote Access: Using MobaXterm or PuTTY for Secure Connections
Deploy a Virtual Machine
Add User and Setup SSH Authentication
Create SSH Key Pair
Convert Private Key to .ppk Format
VM Access Troubleshooting
Deploy Minikube on Virtual Machine
Initialize Minikube Cluster
Secure Deployment and Access of Nginx on Kubernetes
Overview of Securing Nginx with HTTPS
Deploy and Expose a Nginx Pod to External Traffic
Access Nginx Web Server Through HTTP
Set Up Nginx on Host Machine for Accessing Nginx Pod
Access Nginx Web Server via Web Browser (HTTP Only)
Implement HTTPS for Nginx in a K8s Cluster Using TLS Certificates
Deploy and Expose a Nginx Pod to External Traffic
Generate a self-signed TLS Certificate
Store the TLS Certificate as a Secret
Check Minikube’s Ingress Controller Status
Create Ingress Resource for HTTPS
Last Lecture
Who this course is for:
- DevOps Engineers – Looking to implement secure access controls and network policies in Kubernetes environments.
- Cloud Engineers and Architects
- IT Professionals & Enthusiasts – Anyone interested in learning Kubernetes security best practices.
More Info