mirror of
https://github.com/ghndrx/k8s-manifests.git
synced 2026-02-10 06:45:09 +00:00
58e8140f36
- Add namespace templates for privileged, baseline, and restricted levels - Include compliant deployment examples for baseline and restricted - Add migration audit script for checking namespace compliance - Document PSA levels, enforcement modes, and migration strategy Follows Kubernetes Pod Security Admission best practices for 2025+. Reference: https://kubernetes.io/docs/concepts/security/pod-security-standards/
Kubernetes Manifests Library
Production-ready Kubernetes manifests with security best practices, resource limits, and comprehensive examples.
Structure
├── deployments/ # Deployment patterns (rolling, blue-green, canary)
├── services/ # Service types and configurations
├── ingress/ # Ingress controllers and rules
├── configmaps/ # Configuration management
├── secrets/ # Secret management patterns
├── networkpolicies/ # Network isolation
├── rbac/ # Role-based access control
├── monitoring/ # Prometheus, alerts, ServiceMonitors
└── pod-security/ # Pod Security Standards (PSA) configuration
Features
- ✅ Security contexts and pod security standards
- ✅ Pod Security Admission (PSA) namespace configurations
- ✅ Resource requests/limits
- ✅ Liveness/readiness probes
- ✅ Network policies for isolation
- ✅ RBAC least-privilege patterns
- ✅ Kustomize overlays for environments
Quick Start
kubectl apply -k deployments/base
License
MIT