Version: 0.1.0 - November 26th 2018
This document provides prescriptive guidance for hardening a production installation of Rancher v2.1.x. It outlines the configurations and controls required to address CIS-Kubernetes benchmark controls.
- Rancher CIS-Kubernetes self assessment using RKE
This document has been created by the Engineering team at Rancher Labs.
The following profile definitions agree with the CIS Benchmarks for Kubernetes.
Items in this profile intend to:
- offer practical advice appropriate for the environment;
- deliver an obvious security benefit; and
- not alter the functionality or utility of the environment beyond an acceptable margin
Items in this profile extend the “Level 1” profile and exhibit one or more of the following characteristics:
- are intended for use in environments or use cases where security is paramount
- act as a defense in depth measure
- may negatively impact the utility or performance of the technology
- Jason Greathouse
- Bill Maxwell
Download document here: