☁Huawei Cloud CCE Service Kube-hunter Installation ☁
Hello everyone this time we gonna scan our CCE environment. Get ready and please fasten your seatbelts while seated. 😅😅
Before beginning if you don’t know how to create a CCE service. You can reach my story from HERE.
Now let’s begin.
After the CCE Cluster created. We should create a node with the specifications shown below.
Choose a password for our node and retain the default storage settings.
Choose the EIP auto create then choose the Traffic Bandwidth 100Mbit/s.
Click Next for the Confirm page. After this, check the agreement checkbox.
Click submit and wait for your node creation.
Security Tip:
After the creation done click on node name. This gonna lead you to the “Node Summary” page. Click “Security Group” for modify the security group inbound rules. In this page you gonna see SSH port (22) is open for all traffic. Delete this rule and only add your own ip address for SSH port to prevent your environment from attacks from public internet.
Anyway, let’s keep going.
We need to configure the kubectl connection too. For this we need to create an EIP and bind from here(Istanbul-Region).
After we connect the cluster. Let’s install Kube-Hunter.
First, install python-pip.
apt install python3-pip
Secondly, install kube-hunter.
pip3 install kube-hunter
Now it's time to check kube hunter.
kube-hunter
Now let's scan our subnets on all local network interfaces. To do this; type “2” and press Enter.
Conclusion
After this story, we can install kube-hunter and check our CCE cluster. This is it for now. My next topic gonna be about the uptime. Keep in touch :)