Docker CIS benchmarks analysis

Docker CIS 基线分析

  • 首先需要部署docker bench security将它启动为DaemonSet
1
cd kubernetes-goat/
1
kubectl apply -f scenarios/docker-bench-security/deployment.yaml
  • 运行容器应用
1
kubectl get pod

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-28_16-21-32_d41d8cd98f00b204e9800998ecf8427e.jpg

1
kubectl exec -it docker-bench-security-6npjf  -- sh

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-28_16-22-19_d41d8cd98f00b204e9800998ecf8427e.jpg

  • 等待结果就好了

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-28_16-23-46_d41d8cd98f00b204e9800998ecf8427e.jpg

结束