We are transitioning to versioned documentation. The v2.x docs will no longer be maintained. For Rancher v2.5 docs, go here. For Rancher v2.0-v2.4 docs, go here.

Rancher v2.5

? Need Help? Get free intro and advanced online training ×

Rancher v2.5

Rancher v2.5 introduced the capability to deploy Rancher on any Kubernetes cluster. For that reason, we now provide separate security hardening guides for Rancher deployments on each of Rancher’s Kubernetes distributions.

Rancher has the following Kubernetes distributions:

RKE, Rancher Kubernetes Engine, is a CNCF-certified Kubernetes distribution that runs entirely within Docker containers.
K3s, is a fully conformant, lightweight Kubernetes distribution. It is easy to install, with half the memory of upstream Kubernetes, all in a binary of less than 100 MB.
RKE2 is a fully conformant Kubernetes distribution that focuses on security and compliance within the U.S. Federal Government sector.

To harden a Kubernetes cluster outside of Rancher’s distributions, refer to your Kubernetes provider docs.

Guides

These guides have been tested along with the Rancher v2.5 release. Each self-assessment guide is accompanied with a hardening guide and tested on a specific Kubernetes version and CIS benchmark version. If a CIS benchmark has not been validated for your Kubernetes version, you can choose to use the existing guides until a newer version is added.

RKE Guides

Kubernetes Version	CIS Benchmark Version	Self Assessment Guide	Hardening Guides
Kubernetes v1.15+	CIS v1.5	Link	Link
Kubernetes v1.18+	CIS v1.6	Link	Link

RKE2 Guides

Kubernetes Version	CIS Benchmark Version	Self Assessment Guide	Hardening Guides
Kubernetes v1.18	CIS v1.5	Link	Link
Kubernetes v1.20	CIS v1.6	Link	Link

K3s Guides

The K3s security guides will be added soon.

Continental

Rancher v2.5

Guides

RKE Guides

RKE2 Guides

K3s Guides