\u8fd9\u7bc7\u6587\u7ae0\u662fZOZO #1 Advent Calendar 2021\u7684\u7b2c17\u5929\u7684\u6587\u7ae0\u3002
\n\u6628\u5929\u662f@satto_sann\u7684Alexa\u6280\u80fd\u5f00\u53d1\u4e2d\u5c1d\u8bd5\u4e86\u4e0eGoogle\u65e5\u5386API\u7684\u8fde\u63a5\u3002<\/p>\n
\u6211\u60f3\u4f60\u53ef\u80fd\u4e5f\u6709\u5f88\u591a\u4eba\u5728\u63a5\u8fd1\u5e74\u5e95\u65f6\u5fd9\u4e8e\u5904\u7406\u5b89\u5168\u6f0f\u6d1e\u7684\u95ee\u9898\u3002\u5e0c\u671b\u5927\u5bb6\u90fd\u8fc7\u5f97\u597d\u3002
\n\u73b0\u5728\uff0c\u672c\u6587\u5c06\u4ecb\u7ecd\u4e00\u79cd\u540d\u4e3aKubescape\u7684\u5de5\u5177\uff0c\u7528\u4e8e\u68c0\u6d4bKubernetes\u96c6\u7fa4\u7684\u8106\u5f31\u6027\u3002<\/p>\n
Kubescape\u662f\u7531Armosec\u516c\u53f8\u5f00\u53d1\u7684\u5f00\u6e90\u9879\u76ee\u3002
\n\u5173\u4e8e\u5176\u6982\u5ff5\uff0c\u8bf7\u53c2\u9605\u4ee5\u4e0b\u535a\u5ba2\u8be6\u7ec6\u8bf4\u660e\u3002
\nhttps:\/\/www.armosec.io\/blog\/kubescape-the-first-tool-for-running-nsa-and-cisa-kubernetes-hardening-tests\/<\/p>\n
\u5177\u6709\u4ee5\u4e0b\u7279\u70b9\u3002<\/p>\n
<\/p>\n
NSA-CISA Kubernetes Hardening Guidance
\nMITRE ATT&CK\u00ae
\nArmobest Kubernetes Framework<\/p>\n
\u4f7f\u3044\u3084\u3059\u3044CLI\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u3068\u67d4\u8edf\u306a\u51fa\u529b\u5f62\u5f0f\u3092\u6301\u3064\u3002
\nKubernetes\u30af\u30e9\u30b9\u30bf\u3078\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u4e0d\u8981\u3067\u3001\u8aad\u307f\u53d6\u308a\u5c02\u7528\u306e\u6a29\u9650\u304c\u3042\u308c\u3070\u5b9f\u884c\u53ef\u80fd\u3002<\/p>\n
SaaS\u306e\u30c0\u30c3\u30b7\u30e5\u30dc\u30fc\u30c9\u30b5\u30fc\u30d3\u30b9\u304c\u63d0\u4f9b\u3055\u308c\u3066\u3044\u308b\u3002<\/p>\n
\u5173\u4e8eKubescape\u547d\u4ee4\u7684\u5b89\u88c5\u65b9\u6cd5\uff0c\u8bf7\u53c2\u8003\u4ee5\u4e0b\u94fe\u63a5\uff1a
\nhttps:\/\/github.com\/armosec\/kubescape#install<\/p>\n
\u8bf7\u6839\u636e\u60a8\u4f7f\u7528\u7684\u73af\u5883\u9002\u65f6\u8fdb\u884c\u5b89\u88c5\u3002<\/p>\n
\u4f5c\u4e3a\u8bd5\u7528\uff0c\u6211\u4f1a\u7acb\u5373\u5c1d\u8bd5\u4f7f\u7528\u547d\u4ee4\u884c\u754c\u9762\u3002\u9996\u5148\uff0c\u6211\u5c06\u6839\u636eMITRE ATT&CK\u00ae\u6765\u68c0\u67e5\u6b63\u5728\u4f7f\u7528\u7684Kubernetes\u96c6\u7fa4\u3002\u4e0b\u9762\u662f\u9488\u5bf9\u901a\u8fc7Docker Desktop\u542f\u7528\u5e76\u521b\u5efa\u7684\u9ed8\u8ba4docker-desktop\u96c6\u7fa4\u6267\u884c\u7684\u64cd\u4f5c\u3002<\/p>\n
$ kubescape scan framework mitre\r\n\r\nMITRE FRAMEWORK\r\n+-----------------------------------------------------------------------+------------------+--------------------+---------------+-----------+\r\n| CONTROL NAME | FAILED RESOURCES | EXCLUDED RESOURCES | ALL RESOURCES | % SUCCESS |\r\n+-----------------------------------------------------------------------+------------------+--------------------+---------------+-----------+\r\n| Access Kubernetes dashboard | 0 | 0 | 147 | 100% |\r\n| Access container service account | 12 | 0 | 187 | 93% |\r\n| Access tiller endpoint | 0 | 0 | 1 | 100% |\r\n| Applications credentials in configuration files | 0 | 0 | 18 | 100% |\r\n| CVE-2021-25741 - Using symlink for arbitrary host file system access. | 0 | 0 | 9 | 100% |\r\n| CVE-2021-25742-nginx-ingress-snippet-annotation-vulnerability | 0 | 0 | 11 | 100% |\r\n| Cluster internal networking | 4 | 0 | 4 | 0% |\r\n| Cluster-admin binding | 3 | 0 | 139 | 97% |\r\n| CoreDNS poisoning | 7 | 0 | 149 | 95% |\r\n| Data Destruction | 35 | 0 | 139 | 74% |\r\n| Delete Kubernetes events | 7 | 0 | 139 | 94% |\r\n| Exec into container | 3 | 0 | 139 | 97% |\r\n| Exposed dashboard | 0 | 0 | 3 | 100% |\r\n| Exposed sensitive interfaces | 0 | 0 | 10 | 100% |\r\n| Kubernetes CronJob | 0 | 0 | 0 | NaN |\r\n| List Kubernetes secrets | 20 | 0 | 139 | 85% |\r\n| Malicious admission controller (mutating) | 0 | 0 | 0 | NaN |\r\n| Malicious admission controller (validating) | 0 | 0 | 0 | NaN |\r\n| Mount service principal | 5 | 0 | 8 | 37% |\r\n| Privileged container | 1 | 0 | 8 | 87% |\r\n| SSH server running inside container | 0 | 0 | 10 | 100% |\r\n| Writable hostPath mount | 5 | 0 | 8 | 37% |\r\n| hostPath mount | 5 | 0 | 8 | 37% |\r\n+-----------------------------------------------------------------------+------------------+--------------------+---------------+-----------+\r\n| RESOURCE SUMMARY | 64 | 0 | 204 | 68% |\r\n+-----------------------------------------------------------------------+------------------+--------------------+---------------+-----------+\r\n<\/code><\/pre>\n\u4f3c\u4e4e\u6709\u591a\u4e2a\u8d44\u6e90\u6307\u51fa\u4e86\u5f31\u70b9\u6f0f\u6d1e\u3002\u8fd9\u4e9b\u6307\u51fa\u4e8b\u9879\u5728Kubescape\u4e2d\u79f0\u4e3a\u201c\u63a7\u5236\u201d\uff0c\u60a8\u53ef\u4ee5\u901a\u8fc7\u4ee5\u4e0b\u6587\u6863\u67e5\u770b\u6307\u51fa\u5185\u5bb9\u548c\u89e3\u51b3\u65b9\u6cd5\u3002
\nhttps:\/\/hub.armo.cloud\/docs\/controls<\/p>\n
\u6211\u4eec\u6765\u7814\u7a76\u4e00\u4e0b\u5220\u9664Kubernetes\u4e8b\u4ef6\u4e2d\u5df2\u8ba1\u7b97\u51fa\u76847\u4e2aFAILED RESOURCES\u3002
\n\u7136\u540e\uff0c\u6211\u4eec\u4f1a\u627e\u5230\u4ee5\u4e0b\u6587\u6863\uff1a
\nhttps:\/\/hub.armo.cloud\/docs\/c-0031<\/p>\n
\u603b\u7ed3\u8d77\u6765\uff0c\u653b\u51fb\u8005\u6709\u65f6\u4f1a\u5220\u9664\u6240\u6709Kubernetes\u4e8b\u4ef6\u5e76\u9690\u85cf\u75d5\u8ff9\uff0c\u4ee5\u907f\u514d\u5728\u96c6\u7fa4\u5185\u88ab\u68c0\u6d4b\u5230\u6d3b\u52a8\u3002\u56e0\u6b64\uff0c\u6839\u636e\u6700\u5c0f\u6743\u9650\u539f\u5219\uff0c\u8bf7\u5c3d\u53ef\u80fd\u51cf\u5c11\u5220\u9664\u4e8b\u4ef6\u7684\u4e3b\u4f53\u6570\u91cf\u3002<\/p>\n
\u901a\u8fc7\u6839\u636eControl\u7684\u5efa\u8bae\u5185\u5bb9\u9010\u4e2a\u8fdb\u884c\u5904\u7406\u548c\u8bc4\u4f30\uff0c\u53ef\u4ee5\u4f7fKubernetes\u96c6\u7fa4\u66f4\u52a0\u5b89\u5168\u3002<\/p>\n
\u63d0\u793a<\/h2>\n
\u5927\u81f4\u4e0a\u8ff0\u7684kubescape\u6307\u4ee4\u9009\u9879\u548c\u4f7f\u7528\u793a\u4f8b\u5747\u5728\u4ee5\u4e0b\u6587\u6863\u4e2d\u8bb0\u5f55\uff1a
\nhttps:\/\/hub.armo.cloud\/docs\/examples
\nhttps:\/\/github.com\/armosec\/kubescape#usage–examples<\/p>\n
\u5728\u8fd9\u91cc\uff0c\u6211\u4f1a\u4ecb\u7ecd\u4e00\u4e9b\u5e38\u7528\u7684\u4f7f\u7528\u4f8b\u5b50\u3002<\/p>\n
NSA-CISA Kubernetes Hardening Guidance\u306b\u57fa\u3065\u304d\u3001\u30b9\u30ad\u30e3\u30f3\u3059\u308b<\/p>\n
kubescape scan framework nsa\r\n<\/code><\/pre>\n\u6307\u5b9a\u3057\u305fnamespace\u3092\u5bfe\u8c61\u306b\u30b9\u30ad\u30e3\u30f3\u3059\u308b<\/ul>\n
kubescape scan framework nsa --include-namespaces testns\r\n<\/code><\/pre>\n\u6307\u5b9a\u3057\u305fnamespace\u3092\u9664\u3044\u3066\u30b9\u30ad\u30e3\u30f3\u3059\u308b<\/ul>\n
kubescape scan framework nsa --exclude-namespaces kube-system\r\n<\/code><\/pre>\n\u7279\u5b9a\u306e\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u30d5\u30a1\u30a4\u30eb\u3092\u30aa\u30d5\u30e9\u30a4\u30f3\u3067\u30b9\u30ad\u30e3\u30f3\u3059\u308b<\/ul>\n
kubescape scan framework nsa *.yaml\r\n<\/code><\/pre>\nkustomize build\u3067\u751f\u6210\u3057\u305f\u30de\u30cb\u30d5\u30a7\u30b9\u30c8\u3092\u30b9\u30ad\u30e3\u30f3\u3059\u308b<\/ul>\n
kustomize build . | kubescape scan framework nsa -\r\n<\/code><\/pre>\n\u6307\u5b9a\u3057\u305f\u95be\u5024\u3088\u308a\u30b9\u30b3\u30a2\u304c\u4e0b\u56de\u308b\u304b\u3069\u3046\u304b\u30c1\u30a7\u30c3\u30af\u3059\u308b<\/ul>\n
kubescape scan framework nsa --fail-threshold 80\r\n<\/code><\/pre>\n\u5982\u679c\u95be\u503c\u4f4e\u65bc\u6307\u5b9a\u503c\uff0c\u5247\u6703\u8f38\u51fa\u4ee5\u4e0b\u985e\u4f3c\u7684\u932f\u8aa4\u8a0a\u606f\u3002<\/p>\n
Error: Scan score is below threshold\r\n<\/code><\/pre>\n\u53e6\u5916\uff0c\u5c3d\u7ba1\u6587\u6863\u4e2d\u5199\u660e\u4e86–fail-threshold\u9009\u9879\u5728\u4f4e\u4e8e\u9608\u503c\u65f6\u4f1a\u9000\u51fa\u4ee3\u7801\u4e3a1\uff0c\u4f46\u5728\u6211\u4eec\u672c\u6b21\u4f7f\u7528\u7684kubescape v1.0.135\u4e2d\uff0c\u9000\u51fa\u4ee3\u7801\u4e3a0\uff0c\u672a\u80fd\u5b9e\u73b0\u9884\u671f\u7684\u529f\u80fd\uff08\u5982\u679c\u9a8c\u8bc1\u4e0d\u8db3\uff0c\u8bf7\u8c05\u89e3\uff09\u3002<\/p>\n
\u5982\u679c\u8fd9\u8fb9\u4ee5\u6b63\u786e\u7684 exit code 1 \u7ed3\u675f\uff0c\u53ef\u4ee5\u5229\u7528\u6b64\u547d\u4ee4\u9009\u9879\uff0c\u5728 CI \u4e2d\u5e94\u7528\u6e05\u5355\u6587\u4ef6\u65f6\uff0c\u5982\u679c\u51fa\u73b0 exit code 1\uff0c\u5c06\u4e0d\u4f1a\u8fdb\u884c\u90e8\u7f72\u7684\u63a7\u5236\uff0c\u4e5f\u5c31\u662f\u8bf4\uff0c\u53ef\u80fd\u53ef\u4ee5\u5b9e\u73b0\u5bf9\u4f4e\u4e8e\u4e00\u5b9a\u9608\u503c\u7684\u6e05\u5355\u6587\u4ef6\u8fdb\u884c\u5e94\u7528\u65f6\u7684\u9650\u5236\u3002<\/p>\n
\u6700\u540e<\/h2>\n
\u672c\u6587\u4ecb\u7ecd\u4e86Kubescape\uff0c\u5b83\u53ef\u4ee5\u68c0\u67e5Kubernetes\u96c6\u7fa4\u7684\u5b89\u5168\u6f0f\u6d1e\u3002
\n\u5bf9\u4e8e\u5bb9\u6613\u5ffd\u7565\u7684\u6f0f\u6d1e\uff0c\u5927\u5bb6\u53ef\u4ee5\u8003\u8651\u5728\u5e74\u672b\u8fdb\u884c\u5f7b\u5e95\u6e05\u7406\uff0c\u4e0d\u59a8\u5c1d\u8bd5\u4e00\u4e0b\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"
\u8fd9\u7bc7\u6587\u7ae0\u662fZOZO #1 Advent Calendar 2021\u7684\u7b2c17\u5929\u7684\u6587\u7ae0\u3002 \u6628\u5929\u662f@satto_sa […]<\/p>\n","protected":false},"author":12,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-36043","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\n
\u8ba9\u6211\u4eec\u5728Kubescape\u4e0a\u5c1d\u8bd5\u5bf9Kubernetes\u96c6\u7fa4\u8fdb\u884c\u5f31\u70b9\u626b\u63cf - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u8ba9\u6211\u4eec\u5728kubescape\u4e0a\u5c1d\u8bd5\u5bf9kubernetes\u96c6\u7fa4\u8fdb\u884c\u5f31\u70b9\u626b\u63cf\u3002\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u8ba9\u6211\u4eec\u5728Kubescape\u4e0a\u5c1d\u8bd5\u5bf9Kubernetes\u96c6\u7fa4\u8fdb\u884c\u5f31\u70b9\u626b\u63cf\" \/>\n<meta property=\"og:description\" content=\"\u8fd9\u7bc7\u6587\u7ae0\u662fZOZO #1 Advent Calendar 2021\u7684\u7b2c17\u5929\u7684\u6587\u7ae0\u3002 \u6628\u5929\u662f@satto_sa […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u8ba9\u6211\u4eec\u5728kubescape\u4e0a\u5c1d\u8bd5\u5bf9kubernetes\u96c6\u7fa4\u8fdb\u884c\u5f31\u70b9\u626b\u63cf\u3002\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-11-24T12:36:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-03T21:40:08+00:00\" \/>\n<meta name=\"author\" content=\"\u9038, \u79d1\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u9038, \u79d1\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e8%ae%a9%e6%88%91%e4%bb%ac%e5%9c%a8kubescape%e4%b8%8a%e5%b0%9d%e8%af%95%e5%af%b9kubernetes%e9%9b%86%e7%be%a4%e8%bf%9b%e8%a1%8c%e5%bc%b1%e7%82%b9%e6%89%ab%e6%8f%8f%e3%80%82\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e8%ae%a9%e6%88%91%e4%bb%ac%e5%9c%a8kubescape%e4%b8%8a%e5%b0%9d%e8%af%95%e5%af%b9kubernetes%e9%9b%86%e7%be%a4%e8%bf%9b%e8%a1%8c%e5%bc%b1%e7%82%b9%e6%89%ab%e6%8f%8f%e3%80%82\/\",\"name\":\"\u8ba9\u6211\u4eec\u5728Kubescape\u4e0a\u5c1d\u8bd5\u5bf9Kubernetes\u96c6\u7fa4\u8fdb\u884c\u5f31\u70b9\u626b\u63cf - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-11-24T12:36:42+00:00\",\"dateModified\":\"2024-05-03T21:40:08+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e8%ae%a9%e6%88%91%e4%bb%ac%e5%9c%a8kubescape%e4%b8%8a%e5%b0%9d%e8%af%95%e5%af%b9kubernetes%e9%9b%86%e7%be%a4%e8%bf%9b%e8%a1%8c%e5%bc%b1%e7%82%b9%e6%89%ab%e6%8f%8f%e3%80%82\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e8%ae%a9%e6%88%91%e4%bb%ac%e5%9c%a8kubescape%e4%b8%8a%e5%b0%9d%e8%af%95%e5%af%b9kubernetes%e9%9b%86%e7%be%a4%e8%bf%9b%e8%a1%8c%e5%bc%b1%e7%82%b9%e6%89%ab%e6%8f%8f%e3%80%82\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e8%ae%a9%e6%88%91%e4%bb%ac%e5%9c%a8kubescape%e4%b8%8a%e5%b0%9d%e8%af%95%e5%af%b9kubernetes%e9%9b%86%e7%be%a4%e8%bf%9b%e8%a1%8c%e5%bc%b1%e7%82%b9%e6%89%ab%e6%8f%8f%e3%80%82\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u8ba9\u6211\u4eec\u5728Kubescape\u4e0a\u5c1d\u8bd5\u5bf9Kubernetes\u96c6\u7fa4\u8fdb\u884c\u5f31\u70b9\u626b\u63cf\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487\",\"name\":\"\u9038, \u79d1\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g\",\"caption\":\"\u9038, \u79d1\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/keyi\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e8%ae%a9%e6%88%91%e4%bb%ac%e5%9c%a8kubescape%e4%b8%8a%e5%b0%9d%e8%af%95%e5%af%b9kubernetes%e9%9b%86%e7%be%a4%e8%bf%9b%e8%a1%8c%e5%bc%b1%e7%82%b9%e6%89%ab%e6%8f%8f%e3%80%82\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u8ba9\u6211\u4eec\u5728Kubescape\u4e0a\u5c1d\u8bd5\u5bf9Kubernetes\u96c6\u7fa4\u8fdb\u884c\u5f31\u70b9\u626b\u63cf - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u8ba9\u6211\u4eec\u5728kubescape\u4e0a\u5c1d\u8bd5\u5bf9kubernetes\u96c6\u7fa4\u8fdb\u884c\u5f31\u70b9\u626b\u63cf\u3002\/","og_locale":"zh_CN","og_type":"article","og_title":"\u8ba9\u6211\u4eec\u5728Kubescape\u4e0a\u5c1d\u8bd5\u5bf9Kubernetes\u96c6\u7fa4\u8fdb\u884c\u5f31\u70b9\u626b\u63cf","og_description":"\u8fd9\u7bc7\u6587\u7ae0\u662fZOZO #1 Advent Calendar 2021\u7684\u7b2c17\u5929\u7684\u6587\u7ae0\u3002 \u6628\u5929\u662f@satto_sa […]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u8ba9\u6211\u4eec\u5728kubescape\u4e0a\u5c1d\u8bd5\u5bf9kubernetes\u96c6\u7fa4\u8fdb\u884c\u5f31\u70b9\u626b\u63cf\u3002\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-11-24T12:36:42+00:00","article_modified_time":"2024-05-03T21:40:08+00:00","author":"\u9038, \u79d1","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u9038, \u79d1","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"1 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e8%ae%a9%e6%88%91%e4%bb%ac%e5%9c%a8kubescape%e4%b8%8a%e5%b0%9d%e8%af%95%e5%af%b9kubernetes%e9%9b%86%e7%be%a4%e8%bf%9b%e8%a1%8c%e5%bc%b1%e7%82%b9%e6%89%ab%e6%8f%8f%e3%80%82\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e8%ae%a9%e6%88%91%e4%bb%ac%e5%9c%a8kubescape%e4%b8%8a%e5%b0%9d%e8%af%95%e5%af%b9kubernetes%e9%9b%86%e7%be%a4%e8%bf%9b%e8%a1%8c%e5%bc%b1%e7%82%b9%e6%89%ab%e6%8f%8f%e3%80%82\/","name":"\u8ba9\u6211\u4eec\u5728Kubescape\u4e0a\u5c1d\u8bd5\u5bf9Kubernetes\u96c6\u7fa4\u8fdb\u884c\u5f31\u70b9\u626b\u63cf - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-11-24T12:36:42+00:00","dateModified":"2024-05-03T21:40:08+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e8%ae%a9%e6%88%91%e4%bb%ac%e5%9c%a8kubescape%e4%b8%8a%e5%b0%9d%e8%af%95%e5%af%b9kubernetes%e9%9b%86%e7%be%a4%e8%bf%9b%e8%a1%8c%e5%bc%b1%e7%82%b9%e6%89%ab%e6%8f%8f%e3%80%82\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e8%ae%a9%e6%88%91%e4%bb%ac%e5%9c%a8kubescape%e4%b8%8a%e5%b0%9d%e8%af%95%e5%af%b9kubernetes%e9%9b%86%e7%be%a4%e8%bf%9b%e8%a1%8c%e5%bc%b1%e7%82%b9%e6%89%ab%e6%8f%8f%e3%80%82\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e8%ae%a9%e6%88%91%e4%bb%ac%e5%9c%a8kubescape%e4%b8%8a%e5%b0%9d%e8%af%95%e5%af%b9kubernetes%e9%9b%86%e7%be%a4%e8%bf%9b%e8%a1%8c%e5%bc%b1%e7%82%b9%e6%89%ab%e6%8f%8f%e3%80%82\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u8ba9\u6211\u4eec\u5728Kubescape\u4e0a\u5c1d\u8bd5\u5bf9Kubernetes\u96c6\u7fa4\u8fdb\u884c\u5f31\u70b9\u626b\u63cf"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/85c1dae56e6ea1e695c73d33c684d487","name":"\u9038, \u79d1","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c94f6d9cbbfbca863fab309840bd690c153c95f8490c290ad2ed54dd693dad16?s=96&d=mm&r=g","caption":"\u9038, \u79d1"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/keyi\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e8%ae%a9%e6%88%91%e4%bb%ac%e5%9c%a8kubescape%e4%b8%8a%e5%b0%9d%e8%af%95%e5%af%b9kubernetes%e9%9b%86%e7%be%a4%e8%bf%9b%e8%a1%8c%e5%bc%b1%e7%82%b9%e6%89%ab%e6%8f%8f%e3%80%82\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/36043","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=36043"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/36043\/revisions"}],"predecessor-version":[{"id":96448,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/36043\/revisions\/96448"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=36043"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=36043"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=36043"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}