General questions about Managed Service for Kubernetes
What services are available in Managed Service for Kubernetes clusters by default?
The following services are available by default:
- Metrics Server for data aggregation on resource usage in a Kubernetes cluster.
- Kubernetes plugin for CoreDNS for name resolution in a cluster.
- DaemonSet supporting CSI plugins to work with persistent volumes (
PersistentVolume).
Which version of the Kubernetes CLI (kubectl) must be installed for comprehensive work with a cluster?
We recommend using the latest official version of kubectl to avoid compatibility issues.
Can Yandex Cloud restore the health of the cluster if I configure it incorrectly?
The master is managed by Yandex Cloud, that's why you can't damage it. If you have issues with Kubernetes cluster components, contact technical support.
Who will be monitoring the health of the cluster?
Yandex Cloud. A cluster is monitored for corrupted file system, kernel deadlock, internet connection loss and Kubernetes component issues. We're also developing a self-healing mechanism for faulty components.
How quickly does Yandex Cloud address vulnerabilities discovered in the security system? What do I do if an attacker has taken advantage of a vulnerability and my data is damaged?
Yandex Cloud services, images and master configuration initially undergo various security tests and checks for standard compliance.
Users can choose frequency of updates depending on their tasks and cluster configuration. It is important to consider attack targets and vulnerabilities in applications deployed in a Kubernetes cluster. Application security can be affected by such factors as network security policies between applications, vulnerabilities inside Docker containers, and incorrect launch mode of containers in a cluster.
Can I connect to a cluster node via OS Login, similar to a Yandex Cloud VM?
Yes, you can. To do this, follow the guide.