Continental Innovates with Rancher and Kubernetes
Rancher v2.5 introduced the capability to deploy Rancher on any Kubernetes cluster. For that reason, we now provide separate security hardening guides for Rancher deployments on each of Rancher’s Kubernetes distributions.
Rancher has the following Kubernetes distributions:
To harden a Kubernetes cluster outside of Rancher’s distributions, refer to your Kubernetes provider docs.
These guides have been tested along with the Rancher v2.5 release. Each self-assessment guide is accompanied with a hardening guide and tested on a specific Kubernetes version and CIS benchmark version. If a CIS benchmark has not been validated for your Kubernetes version, you can choose to use the existing guides until a newer version is added.
Available as of v2.5.8
Security-Enhanced Linux (SELinux) is a security enhancement to Linux. After being historically used by government agencies, SELinux is now industry standard and is enabled by default on CentOS 7 and 8.
To use Rancher with SELinux, we recommend installing the rancher-selinux RPM according to the instructions on this page.