that this Service is only visible inside of the cluster 2. NodePort gives each node in the cluster an externally accessible IP and 3. LoadBalancer adds a load balancer from the cloud provider which forwards traffic from the service to Nodes within it.
• Observability - Observer the behaviour • Security - per application instance • Reliability - consistent performance according to specification “Kubernetes changed how we deploy applications, Istio is going to change how we connect, manage and secure them.”
for vulnerability testing • Use RBAC over ABAC and assign optimum privileges to respective teams. • Configure a Security Context for a Pod running your service. • All the service endpoints should be protected. • The datastore like etcd must be secured. • Secret keys, encryption keys should be rotated over a period of time. • Only admin should have access to `kubectl` • Continuous Monitoring, log aggregation and analysis, etc.
containerized application and services. • Containers, Micro-services, Kubernetes are long way to go. • Leverage the serverless technology to use resources for smaller period of time. • It will be great to see kubernetes into ML domain, IoT devices, blockchain technology or even self-driving cars running kubernetes.