mirror of
https://github.com/ghndrx/k8s-manifests.git
synced 2026-02-10 06:45:09 +00:00
58e8140f36
- Add namespace templates for privileged, baseline, and restricted levels - Include compliant deployment examples for baseline and restricted - Add migration audit script for checking namespace compliance - Document PSA levels, enforcement modes, and migration strategy Follows Kubernetes Pod Security Admission best practices for 2025+. Reference: https://kubernetes.io/docs/concepts/security/pod-security-standards/
41 lines
1.3 KiB
Markdown
41 lines
1.3 KiB
Markdown
# Kubernetes Manifests Library
|
|
|
|
|
|
|
|
|
|
Production-ready Kubernetes manifests with security best practices, resource limits, and comprehensive examples.
|
|
|
|
## Structure
|
|
|
|
```
|
|
├── deployments/ # Deployment patterns (rolling, blue-green, canary)
|
|
├── services/ # Service types and configurations
|
|
├── ingress/ # Ingress controllers and rules
|
|
├── configmaps/ # Configuration management
|
|
├── secrets/ # Secret management patterns
|
|
├── networkpolicies/ # Network isolation
|
|
├── rbac/ # Role-based access control
|
|
├── monitoring/ # Prometheus, alerts, ServiceMonitors
|
|
└── pod-security/ # Pod Security Standards (PSA) configuration
|
|
```
|
|
|
|
## Features
|
|
|
|
- ✅ Security contexts and pod security standards
|
|
- ✅ **Pod Security Admission (PSA)** namespace configurations
|
|
- ✅ Resource requests/limits
|
|
- ✅ Liveness/readiness probes
|
|
- ✅ Network policies for isolation
|
|
- ✅ RBAC least-privilege patterns
|
|
- ✅ Kustomize overlays for environments
|
|
|
|
## Quick Start
|
|
|
|
```bash
|
|
kubectl apply -k deployments/base
|
|
```
|
|
|
|
## License
|
|
|
|
MIT
|