Security Challenges with Kubernetes

The motivation behind this blog is to highlight security aspects around how to build/deploy/run secure containers using kubernetes as the orchestration engine. The aspects entail security from what kind of ownership a container runs as and what privileges in terms of file system/port access / capabilities a container should be allowed so that the whole environment runs in a secure way and chances of breach are limited. The very fact that by using Docker as the container runtime which shares the kernel, the kernel vulnerabilities found in the wild increase the attack vector tremendously. To mitigate this the approach taken is around the lines of defense in depth principle which entails having different layers of security around the workloads. So, the document is not just limited to applying static checks in terms of security but also proposes some runtime aspects which can be applied to harden the security perimeter.

K8s cluster operator security perspective:

From a cluster operations POV, a cluster should have hardening of the default setup. This will include how from network perspective; the cluster security looks like. How are the tenants isolated from the network standpoint? This also entails with what privileges a containerized workload can run. Keeping this in mind, and using the concept of pod security policies certain aspects can be hardened as illustrated below

Pod Security Policies: Kubernetes v1.13 [beta]