Rootless Kubernetes. Pros and Cons

Methods of cluster deployment that allow to significantly reduce the attack surface of an attacker on a Kubernetes cluster. I will focus on the podsec-k8s package, which allows deploying a native Kubernetes cluster of versions 1.26 and higher in rootless mode. I will touch on the second method of reducing the attack surface — SSHless cluster (fork of the Talos@SideroLabs project)