DevSecOps - Kubernetes DevOps & Security

Introduction

Welcome and Course Introduction

Hello, and welcome to the Kubernetes DevOps and Security course. In this lesson, we’ll cover the best practices for DevSecOps on Kubernetes. I’m Siddharth Barahalikar, your instructor for this journey.

Before we dive in, make sure you have:

  • Basic experience with Jenkins, Linux, shell scripting, and DevOps workflows
  • Familiarity with Kubernetes and Docker

Prerequisites

You should already have:

  • A working shell environment
  • A Docker installation
  • Access to a Kubernetes cluster or the ability to provision one

All example code is hosted on GitHub and available for download.

The image outlines course details, including structure, prerequisites, and code samples, related to Kubernetes, DevOps, and Security.


Course Objectives

We’ve structured this course into four focused sections. Each section begins with an animated slide overview, followed by hands-on demonstrations you can follow at your own pace.

SectionFocusKey Deliverables
1Introduction to DevSecOpsDefinition, SDLC integration, tools overview
2Environment Setup & PipelinesCloud environment, tool installs, basic CI/CD
3Building a DevSecOps PipelineSecurity checks, notifications, pipeline expansion
4Advanced Kubernetes SecurityPolicy enforcement, monitoring, service mesh

Section 1: Introduction to DevSecOps

In this section, we’ll define DevSecOps, explore its role in modern software delivery, and review the core tools and concepts used throughout the course.


Section 2: Environment Setup and Simple DevOps Pipeline

We’ll set up your development environment in the cloud, install the necessary tools, deploy a Kubernetes cluster, and create a basic CI/CD pipeline using Jenkins.


Section 3: Building a DevSecOps Pipeline

You’ll learn how to incorporate security checks and notifications into your workflow and extend the pipeline to handle more comprehensive automation.


Section 4: Advanced Kubernetes Security

In the final section, we’ll cover advanced topics such as promoting workloads through different environments with enforced policies, monitoring and threat detection, and securing service-to-service communication with a service mesh.


Next Steps and Additional Content

Future updates will introduce more advanced topics like runtime security and policy enforcement. Each chapter includes:

  • An animated slide overview
  • Live demonstration lectures
  • Hands-on exercises

All resources and code samples are available on GitHub. If you have questions, reach out via our support channels.

Let’s get started!


Watch Video

Watch video content