kubernetes-production-best-practices icon indicating copy to clipboard operation
kubernetes-production-best-practices copied to clipboard

Published 20 hours ago verified publisher icon learnk8s

Include and review kube-score

Open danielepolencic opened this issue 5 years ago • 0 comments

From kube-score readme:

  • Container limits (should be set)
  • Pod is targeted by a NetworkPolicy, both egress and ingress rules are recommended
  • Deployments and StatefulSets should have a PodDisruptionPolicy
  • Deployments and StatefulSets should have host PodAntiAffinity configured
  • Container probes, both readiness and liveness checks should be configured, and should not be identical
  • Container securityContext, run as high number user/group, do not run as root or with privileged root fs
  • Stable APIs, use a stable API if available (supported: Deployments, StatefulSets, DaemonSet)

More: https://github.com/zegl/kube-score/blob/master/README_CHECKS.md

danielepolencic avatar Nov 18 '19 12:11 danielepolencic