Fortinet XPerts 2024

Welcome to the Kubernetes 201 Workshop!

This is a continuation of the K8s 101 workshop. This workshop will help you understand the role of cFOS in Kubernetes security, focusing on ingress and egress protection.

Chapters 2, 3, 4, 5, and 6 extend the previous K8s 101 workshop, focusing on concepts used in cFOS use cases. Even if you are already familiar with these topics, you can benefit from reviewing Chapters 2 through 6.

if you already familar with k8s concept, you only want learn cFOS ingress and egress use case, then you can take Chapter 1 then go directly to Chapter 7 and 9.

Chapter 1

Get your Kubernetes cluster ready.

after completed setup azure cloudShell then set variable first then choose one of the following options:

• Continue from K8s 101
• Create a new self-managed Kubernetes cluster
• Create a managed Kubernetes cluster - AKS

Chapter 2

Brief overview of Kubernetes security and Fortinet solutions.

Chapter 3

Role-Based Access Control (RBAC).

• Role & ClusterRole
• Role & ClusterRole for cFOS
• Best Practices

Chapter 4

RoleBinding and ClusterRoleBinding.

• RoleBinding
• ClusterRoleBinding
• Use Cases

Chapter 5

ConfigMap and Secret management.

• Overview
• ConfigMap and Secret
• Storage

Chapter 6

Kubernetes Network Basics.

• What is CNI
• Basics of Kubernetes Networking
• The Challenge of Having Only a Single Interface for Pods

Chapter 7

cFOS ingress use case.

• Application without cFOS protection
• Application with cFOS protection

Chapter 8

Introduction to Multus CNI.

• What is Multus
• Installation of Multus CNI

Chapter 9

cFOS egress use case:

• Egress to the internet
• Pod-to-pod traffic protection