Next steps
This section hopefully gave an overview of the main resources used in Kubernetes to create applications. It also presents several tools and projects from its ecosystem. In order to go further we might consider:
Enhancing YAML specifications
- resources.requests / resources.limits
- readinessProbe / livenessProbe
- number of Pod replicas
- securityContext
Using namespaces and isolate applications
- ResourceQuota
- LimitRange
- NetworkPolicy
Instrumenting the cluster
- adding a log management solution
- adding a monitoring solution
Adding a policy engine
- Kyverno
- Open Policy Agent / GateKeeper
Add runtime security tool
- Falco
- Neuvector
- Tracee
- Tetragon