General questions about Managed Service for Kubernetes

• What services are available in Managed Service for Kubernetes clusters by default?

• Which Kubernetes CLI (kubectl) version do I need to install for comprehensive cluster management?

• Can Yandex Cloud restore the health of a cluster if I configure it incorrectly?

• Who will be monitoring the cluster health?

• How quickly does Yandex Cloud address vulnerabilities discovered in the security system? What should I do if an attacker has taken advantage of a vulnerability and my data is compromised?

• Can I connect to a cluster node via OS Login, similar to a Yandex Cloud VM?

What services are available in Managed Service for Kubernetes clusters by default?What services are available in Managed Service for Kubernetes clusters by default?

The following services are available by default:

• Metrics Server for data aggregation on resource usage in a Kubernetes cluster.
• Kubernetes plugin for CoreDNS for name resolution in a cluster.
• DaemonSet supporting CSI plugins to work with persistent volumes (PersistentVolume).

Which Kubernetes CLI (kubectl) version do I need to install for comprehensive cluster management?Which Kubernetes CLI (kubectl) version do I need to install for comprehensive cluster management?

We recommend using the latest official version of kubectl to avoid compatibility issues.

Can Yandex Cloud restore the health of the cluster if I configure it incorrectly?Can Yandex Cloud restore the health of the cluster if I configure it incorrectly?

The master is managed by Yandex Cloud, that's why you can't damage it. If you have issues with Kubernetes cluster components, contact support.

Who will be monitoring the cluster health?Who will be monitoring the cluster health?

Yandex Cloud. A cluster is monitored for corrupted file system, kernel deadlock, internet connection loss and Kubernetes component issues. We're also developing a self-healing mechanism for faulty components.

How quickly does Yandex Cloud address vulnerabilities discovered in the security system? What should I do if an attacker has taken advantage of a vulnerability and my data is compromised?How quickly does Yandex Cloud address vulnerabilities discovered in the security system? What should I do if an attacker has taken advantage of a vulnerability and my data is compromised?

Yandex Cloud services, images and master configuration initially undergo various security tests and checks for standard compliance.

Users can choose frequency of updates depending on their tasks and cluster configuration. It is important to consider attack targets and vulnerabilities in applications deployed in a Kubernetes cluster. Application security can be affected by such factors as network security policies between applications, vulnerabilities inside Docker containers, and incorrect launch mode of containers in a cluster.

Can I connect to a cluster node via OS Login, similar to a Yandex Cloud VM?Can I connect to a cluster node via OS Login, similar to a Yandex Cloud VM?

Yes, you can. To do this, follow the guide.