public/rancher-docs
1
0
Fork 0
mirror of https://github.com/rancher/rancher-docs.git synced 2026-05-28 15:45:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Move hardening/benchmark into docs

Browse Source
This commit is contained in:
Jason Greathouse
2019-05-23 13:44:48 -05:00
parent 575af9bae9
commit 8e9c8c73c5
4 changed files with 2944 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
content/rancher/v2.x/en/faq/security/_index.md
+2 -2
View File
@@ -6,8 +6,8 @@ weight: 8007
### Is there a Hardening Guide?
Rancher has created a [Hardening Guide](https://releases.rancher.com/documents/security/latest/Rancher_Hardening_Guide.pdf) to provide guidance on how to set up your Rancher instance for production following security best practices.
The Hardening Guide is now located in the main [Security]({{< baseurl >}}/rancher/v2.x/en/security/) section.
### What are the results of Rancher's Kubernetes cluster when it is CIS benchmarked?
We have run the CIS Kubernetes benchmark against a hardened Rancher Kubernetes cluster and provided a [Rancher specific CIS Kubernetes benchmark self assessment](https://releases.rancher.com/documents/security/latest/Rancher_Benchmark_Assessment.pdf).
We have run the CIS Kubernetes benchmark against a hardened Rancher Kubernetes cluster. The results of that assessment can be found in the main [Security]({{< baseurl >}}/rancher/v2.x/en/security/) section.
content/rancher/v2.x/en/security/_index.md
+15 -1
View File
@@ -20,7 +20,21 @@ weight: 7505
</tr>
</table>
### Rancher Vulnerabilities
### Rancher Hardening Guide
The Rancher Hardening Guide is based off of controls and best practices found in the [CIS Kubernetes Benchmark](https://www.cisecurity.org/benchmark/kubernetes/). See Rancher's [Self Assessment of the CIS Kubernetes Benchmark](#CIS-Benchmark-Rancher-Self-Assessment) for the full list of security controls.
* [CIS Kubernetes Benchmark 1.3.0 - Rancher 2.1.x with Kubernetes 1.11]({{< baseurl >}}/rancher/v2.x/en/security/hardening-2.1/)
### CIS Benchmark Rancher Self-Assessment
Since Rancher and RKE install Kubernetes services as Docker containers many of the control verification checks in the CIS Kubernetes Benchmark don't apply. This guide will walk through the various controls and provide updated example commands to audit compliance in Rancher created clusters. The original benchmark documents can be downloaded from the [CIS website](https://www.cisecurity.org/benchmark/kubernetes/).
* [CIS Kubernetes Benchmark 1.3.0 - Rancher 2.1.x with Kubernetes 1.11]({{< baseurl >}}/rancher/v2.x/en/security/benchmark-2.1/)
### Rancher CVEs and Resolutions
Rancher is committed to informing the community of security issues in our products. Rancher will publish CVEs for issues we have resolved.
| ID | Description | Date | Resolution |
|----|-------------|------|------------|
content/rancher/v2.x/en/security/benchmark-2.1/_index.md
+1757
View File
File diff suppressed because it is too large Load Diff
content/rancher/v2.x/en/security/hardening-2.1/_index.md
+1170
View File
File diff suppressed because it is too large Load Diff