Welcome to Bob's Kubernetes Journey, a collection of resources, examples, and projects accompanying the article series. Whether you're learning Kubernetes, Helm, or other related technologies, this repository is here to guide you step by step.
The code in this repository is for educational purposes only and is not secure in its current form. It demonstrates concepts like secure containerisation and Kubernetes deployments but:
- Does not implement proper input validation.
- Lacks authentication and authorisation mechanisms.
- Is vulnerable to attacks like injection and XSS.
Do not use this code in production environments without significant modifications to address these security concerns.
This repository is designed to provide:
- Practical examples from each article in the series.
- A shared application (
app/) used across examples for consistency. - Reusable configurations and templates to kickstart your Kubernetes projects.
Each folder corresponds to an article in the series and includes relevant Dockerfiles, configurations, and example outputs.
repo-root/
├── app/ # Shared To-Do app used across all examples
│ ├── package.json # App dependencies
│ ├── package-lock.json # Calculated package dependencies
│ ├── app.js # Main application logic
│ ├── views/ # HTML templates
│ ├── public/ # Static assets
│ └── README.md # App-specific instructions
├── 01-secure-docker-images/ # Part 1: Secure Docker Images
│ ├── Dockerfile
│ ├── trivy-scan-results/ # Example Trivy scan outputs
│ └── README.md
├── 02-multi-stage-builds/ # Part 2: Multi-Stage Builds
│ ├── Dockerfile
│ ├── trivy-scan-results/ # Example Trivy scan outputs
│ └── README.md
└── README.md # Repository-wide overview
Ensure you are in the root directory of the repository:
cd /path/to/bobs-kubernetes-journeyEach part includes its own Dockerfile. For example, to build the secure Docker image from Part 1:
docker build -t secure-node-app -f 01-secure-docker-images/Dockerfile .For Part 2:
docker build -t multi-stage-todo-app -f 02-multi-stage-builds/Dockerfile .Once built, run the container:
docker run -p 3000:3000 secure-node-appReplace secure-node-app with the appropriate image name for other parts.
-
The Quest for Secure Docker Images: Bob’s Journey Learn how Bob builds secure Docker images with pinned base images and non-root users.
-
Bob's Journey to Mastering Multi-Stage Builds Master multi-stage builds for leaner and faster containers.
-
Bob's Journey to Mastering Docker Content Trust and Image Signing Understand Docker Content Trust and the importance of image signing.
-
Bob's Kubernetes Journey Begins: Why Security Is Essential Explore the basics of Kubernetes and why security matters.
-
Bob's Deep Dive into Kubernetes Pod Security Learn how to secure Kubernetes Pods using best practices and policies.
-
Bob's Journey into Secrets and Config Maps Manage sensitive data securely using Kubernetes Secrets and ConfigMaps.
-
Bob's Journey to Persistence: Keeping Your Data Alive Learn how to use Persistent Volumes and Persistent Volume Claims in Kubernetes.
-
Bob's Journey to Secure Ingress Discover how to manage external access to your Kubernetes cluster securely.
-
Bob's Journey to Secure Networking: Controlling the Flow Implement Network Policies to control communication between Pods and external systems.
-
Bob’s Journey into Application Observability: Uncovering Hidden Threats Explore tools and techniques for monitoring, logging, and tracing your Kubernetes applications.
-
Bob's Journey into Helm: Charting a New Course Discover Helm and learn to deploy applications with reusable charts.
-
Bob's Journey Continues: Build a Secure Chart Discover Helm and learn to deploy applications with reusable charts.
-
Bob's Journey into Advanced Helm: Mastering Charts Discover Helm and learn to deploy applications with reusable charts.
See the full series here (more coming soon)
Contributions are welcome! Feel free to open issues, submit pull requests, or suggest new ideas.
This project is licensed under the MIT License. See the LICENSE file for details.