Increase security of exposed services

nklsla / kubenest

Homelab Kubernets setup

MIT License

0 stars 0 forks source link

Increase security of exposed services #5

Open nklsla opened 1 year ago

nklsla commented 1 year ago

Ingress are supposedly more secure compared to nodePort. Inspiration

[ ] Landing page/dashboard
[ ] Kubeflow
[ ] Grafana
[ ] Docker registry (Auto redirect when pushing?)
[ ] Prometheus
[ ] SSH

nklsla commented 1 year ago

Create a single point of connection for the whole cluster and either create small dashboard for different services or just use "/service" suffix for the dns-name.

This should work for both local and public exposure.

In the end there could be two connection points. one for SSH (admin) and one for browser (user)

nklsla commented 1 year ago

How to solve the docker repository?

nklsla commented 1 year ago

Google after common pitfalls regarding cluster security

nklsla commented 1 year ago

https://devopscube.com/setup-ingress-kubernetes-nginx-controller/