RKE2
Definition
RKE2, also known as RKE Government, is the next-generation Kubernetes distribution from Rancher, designed to meet the security and compliance needs of government and enterprise environments. It builds upon the original Rancher Kubernetes Engine (RKE) by incorporating advanced security features, such as SELinux support, FIPS 140-2 compliance, and CIS Kubernetes Benchmark adherence, while maintaining ease of deployment and management.
Secure Settings Example
apiVersion: v1
kind: Pod
metadata:
name: secure-pod
spec:
containers:
- name: secure-container
image: nginx:latest
securityContext:
runAsNonRoot: true
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
hostNetwork: false
hostPID: false
hostIPC: false
Insecure Settings Example
apiVersion: v1
kind: Pod
metadata:
name: insecure-pod
spec:
containers:
- name: insecure-container
image: nginx:latest
securityContext:
runAsNonRoot: false
allowPrivilegeEscalation: true
capabilities:
add:
- NET_ADMIN
hostNetwork: true
hostPID: true
hostIPC: true