Security: Hosts, Registries, Content and Pipelines
Show Overview: Brian and Tyler talk address some of the many layers of security required in a container environment. This show will be part of a series on container and Kubernetes security. They look at security requirement in the Container Host, Container Content, Container Registry, and Software Build Processes.
Show Notes and News:
- 10 Layers of Container Security
- Google, VMware and Pivotal announced a Hybrid Cloud partnership with Kubernetes
- Google and Cisco announced a Hybrid Cloud partnership with Kubernetes (and more)
- Docker adds support for Kubernetes to DockerEE
- Rancher makes Kubernetes the primary orchestrator
- Microsoft announces new Azure Container Service, AKS
- Oracle announced Kubernetes on Oracle Linux (and some installers)
- Heptio announces new tools
Topic 1 - Let’s start at the bottom of the stack with the security needed on a container host.
- Linux namespaces - isolation
- Linux capabilities and SECCOMP - restrict routes, ports, limiting process calls
- SELinux (or AppArmor) - mandatory access controls
- cGroups - resource management
Topic 2 - Next in the stack, or outside the stack, is the sources of container content.
- Trusted sources (known registries vs. public registries (e.g. DockerHub)
- Scanning the content of containers
- Managing the versions, patches of container content
Topic 3 - Once we have the content (applications), we need a secure place to store and access it - container registries.
- Making a registry highly-available
- Who manages and audits the registry?
- How to scan container within a container?
- How to cryptographically sign images?
- Identifying known registries
- Process for managing the content in a registry (tagging, versioning/naming, etc)
- Automated policies (patch management, getting new content, etc.)
Topic 4 - Once we have secure content (building blocks) and a secure place to store the container images, we need to think about a secure supply chain of the software - the build process.
- Does a platform require containers, or can it accept code? Can it manage secure builds?
- How to build automated triggers for builds? How to audit those triggers (webhooks, etc.)?
- How to validate / scan / test code at different stages of a pipeline? (static analysis, dynamic analysis, etc.)
- How to promote images to a platform? (automated, manual promotion, etc.)