Kubernetes Security

Attack matrix for Kubernetes, using the MITRE ATT&CK framework. A good first step towards understand the security of this suddenly popular and very complex container orchestration system.

Posted on April 10, 2020 at 6:24 AM • 4 Comments

Comments

Michael HamptonApril 10, 2020 7:44 AM

Zoom is what I would think of as suddenly popular. I'm not sure this description really applies to Kubernetes, which has been steadily growing for years.

uh, MikeApril 10, 2020 1:36 PM

So, Apple and Google are building a sneeze app for our phones.
Now we can pass a computer virus around via bluetooth at the same time as we pass the biological one over the air gap.

RealFakeNewsApril 12, 2020 9:09 AM

My knowledge is pretty limited, but what I understand of it, it's another Google solution in search of a problem.

On the surface it looks like a finer-grained VM, at the application-level rather than system, but it is actually much more, far more dangerous, and far less well-understood by I think anyone but the original developers.

It seems to break certain well-established norms found in virtualized environments, such as sharing host resources between unrelated containers, possibly owned by different people.

Server owners may love it, but it just looks hideous.

It has become popular because someone gave it a "cool" name and someone else decided they must have it, without understanding exactly what it is.

The sooner this fad disappears, the better.

Mike D.April 13, 2020 9:19 PM

The way I see it:

containers : virtual machines :: threads : processes

@RFN I'm not sure what you're referring to. Kubernetes is a container deployment manager. Docker and Podman run containers on a host; the main difference (best I can tell) is whether you want a root-level service managing the containers, or if you want to have fun managing subids and subgroups for your users. There's also LXC, which IIRC is what they run on. Which part is the Google thing?

We've got a GitLab EE setup at work. The pages are loaded with stuff about integrating with Kubernetes, even though we don't have Kubernetes set up.

Ubuntu 18.04 LTS spams out a bunch of stuff about Kubernetes (specifically, microk8s) every time I ssh in to a machine.

It seems to be a lot more than just Google.

I've only been poking at containers for a few months, though. Maybe I missed something. It does seem cool that I can get a full Unreal Engine 4 built and stuffed into a container, so for a nightly build system, I just instantiate the container, build the game in the container, export the artifacts, and trash the container when I'm done. I don't have to create and manage a VM, install an OS in it, and reimage it every night, and have it hogging 100 GB of RAM when it's idle. I don't have to worry about some build state carrying over night to night that could hide a bug. I don't have to make sure the VM is keeping up with security patches for its OS. But I do have to deal with the security issues of the container system. At least, that's how it seems.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Sidebar photo of Bruce Schneier by Joe MacInnis.