Overview

Kubernetes (K8S) is an open-source system for automating deployment, scaling, and management of containerized applications. End users interact with K8S via the K8S API Server, typically using the kubectl client.

From a management perspective, K8S can be deployed in two flavors:

• Managed K8S - A cloud provider (such as AWS, Azure, GCP, DigitalOcean, etc.) provisions and manages the K8S cluster and is tightly integrated with the cloud provider's other offerings.
• Hosted K8S - An enterprise operations team runs a specific K8S distribution (such as RedHat OpenShift, VMware Tanzu, Mirantis, etc.) and is responsible for cluster management.

For connectivity, Cloud Secure Edge (CSE) treats the Kubernetes API as a TCP Service, using Mutually Authenticated TLS (MTLS) flows to provide secure zero-trust access.

CSE can also be configured to leverage the OIDC authentication capability built into K8S.

Sections

• Kubernetes API Server
• K8S OIDC Authn