I would like create and manage the Kubernetes Cluster by following the best practices like security,performance and Scalability. Please suggest.
General Configuration Tips from kubernetes.io
When defining configurations, specify the latest stable API version.
Configuration files should be stored in version control before being pushed to the cluster. This allows you to quickly roll back a configuration change if necessary. It also aids cluster re-creation and restoration.
Write your configuration files using YAML rather than JSON. Though these formats can be used interchangeably in almost all scenarios, YAML tends to be more user-friendly.
Group related objects into a single file whenever it makes sense. One file is often easier to manage than several. See the guestbook-all-in-one.yaml file as an example of this syntax.
Note also that many kubectl commands can be called on a directory. For example, you can call kubectl apply on a directory of config files.
Don’t specify default values unnecessarily: simple, minimal configuration will make errors less likely.
Put object descriptions in annotations, to allow better introspection.
Additional Points:
Update Kubernetes to the latest version
- Use Pod Security Policies to prevent risky containers/Pods from being used
- Use Kubernetes namespaces to properly isolate your Kubernetes resources
- Use Network Policies to segment and limit container and pod communication
- Create policies to govern image provenance using the ImagePolicyWebhook
- Securely configure the Kubernetes API server
- Securely configure the kube-controller-manager
- Use namespaces
- Maintain small container images
- Set resource requests & limits
- Use readinessProbe & livenessProbe
- Deploy RBAC for security
- Autoscale
- Monitor control plane components
- Adopt Git-based workflow
- Watch for high disk usage
- Regularly audit policy logs