kube score

We have hosted the application kube score in order to run this application in our online workstations with Wine or directly.

Quick description about kube score:

Kubernetes object analysis with recommendations for improved reliability and security. kube-score is a tool that does static code analysis of your Kubernetes object definitions. The output is a list of recommendations of what you can improve to make your application more secure and resilient. kube-score is open-source and available under the MIT-license. Container limits (should be set) Pod is targeted by a NetworkPolicy, both egress and ingress rules are recommended. Deployments and StatefulSets should have a PodDisruptionPolicy. Deployments and StatefulSets should have host PodAntiAffinity configured. For container probes, a readiness should be configured, and should not be identical to the liveness probe. Read more in README_PROBES.md. Container securityContext, run as a high number user/group, do not run as root or with privileged root fs. Read more in README_SECURITYCONTEXT.md. Stable APIs, use a stable API if available (supported: Deployments, StatefulSets, DaemonSet).

Features:

• Container limits (should be set)
• Deployments and StatefulSets should have host PodAntiAffinity configured
• Container securityContext, run as high number user/group
• Stable APIs, use a stable API if available (supported: Deployments, StatefulSets, DaemonSet)
• You can test kube-score out in the browser with the online demo (source)
• The output is a list of recommendations of what you can improve to make your application more secure and resilient

Programming Language: Go.
Categories: