Check Kubernetes Pods for Container Immutability

30 minutes
  • 2 Learning Objectives

About this Hands-on Lab

Container immutability can help make containerized applications more secure. This lab will help you hone your skills at assessing container immutability by examining existing Kubernetes containers to determine whether or not they are truly immutable.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Examine the Pods in the dev Namespace

Examine the Pods in the dev namespace to determine which ones are immutable.

Consider immutable to be defined as:

  • The container must not have any elevated privileges.
  • The container must not be able to write to the container file system.
Delete Any Pods That Are Not Immutable

If any of the Pods in the dev namespace are not immutable, delete them.

Additional Resources

Your company, SecuriCorp, is using Kubernetes to run some applications.

One of the developers has raised some concerns about some Pods that were created in the dev namespace that are not implementing good security practices.

Specifically, some of these Pods are not configured so that their containers are immutable. Examine these Pods and delete any that are not immutable.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?