Illumina Innovates with Rancher and Kubernetes
Rancher enables IT administrators to specify centralized security and access control policies. Rancher adds a user authentication layer to any Kubernetes cluster so access to all clusters will be authenticated through a single source such as Active Directory. Rancher integrates with all layers of the technology stack, including Kubernetes RBAC, node configuration, network policy management, and cloud security configuration. Rancher distributes the centralized security policy to all layers of the technology stack to enforce the security and compliance policies.
Rancher provide a centralized authentication gateway for all Kubernetes clusters under management. The IT admin can configure the gateway to authenticate against a single source such as GitHub, Active Directory, LDAP, or SAML providers. This is particularly useful when, for example, an organization leverages a public Kubernetes service like GKE and does not want the employees to have to use personal Google credentials to access GKE clusters.
IT administrators can create RBAC policies once and have Rancher distribute and enforce these policies across all clusters. An RBAC policy is a set of permissions granted to users to act upon resources in a cluster.
Rancher integrates with many elements in the technology stack to enforce security policies.
Rancher relies on container registries to scan container images.
Rancher integrates with Kubernetes pod security policies to ensure, for example, only signed images can be run on certain clusters.
Rancher integrates with Kubernetes RBAC policies to ensure users are only able to perform authorized operations.
Rancher integrates with CNI network plugins (like Canal) to ensure tenant isolation and network access control.
Read how Rancher and RKE satisfy Kubernetes security recommendations from the CNCF.
Watch the training to learn to tools identify security weaknesses and fix them before they are exploited by attackers.
Free, weekly advanced training sessions on infrastructure topics from Kubernetes security to CI/CD to storage and more.