Move Hardening guides out of concepts section

kubernetes / website

Kubernetes website and documentation repo:

https://kubernetes.io

Creative Commons Attribution 4.0 International

4.51k stars 14.46k forks source link

Move Hardening guides out of concepts section #48069

Open AnshumanTripathi opened 1 month ago

AnshumanTripathi commented 1 month ago

Regarding this comment https://github.com/kubernetes/website/pull/45080#discussion_r1751203955, we should consider moving security hardening guides out of concepts. It cannot be moved to references either. Should we move it to a new section?

k8s-ci-robot commented 1 month ago

This issue is currently awaiting triage.

SIG Docs takes a lead on issue triage for this website, but any Kubernetes member can accept issues by applying the triage/accepted label.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.

AnshumanTripathi commented 1 month ago

/sig security

sftim commented 1 month ago

Out of all the sections we have, the concepts section feels like the least bad home.

it's explaining what you might need to consider to secure your cluster
it is not task documentation where following it unquestioningly produces a specific outcome
it is not really a tutorial or a setup guide
it is not reference documentation

AnshumanTripathi commented 1 month ago

@sftim what are your thoughts about moving them to docs/setup/best-practices https://kubernetes.io/docs/setup/best-practices/ ?

sftim commented 1 month ago

@sftim what are your thoughts about moving them to docs/setup/best-practices https://kubernetes.io/docs/setup/best-practices/ ?

We shouldn't move them to a section about good practice for large clusters. Even small clusters may need to have strong information security.

AnshumanTripathi commented 1 month ago

That section is not specific for large clusters 🤔 . For example since we already have Enforcing pod security standards, maybe the hardening guides could also be alongside this doc

sftim commented 1 month ago

Ah, I was wrong! Maybe that is OK then.

network-charles commented 1 month ago

The content of the page fits into the best practices folder.

content/en/docs/setup/best-practices

For example, all sub-sections in the section "kube-scheduler configuration" describe some best practices while using those command line options.