In this instalment of our Kubernetes consulting series we take a closer look at security in Kubernetes and where container orchestration fits into your app’s overall security profile.
Classic applications with monolithic architecture have security weaknesses. They are heavily dependant on resources and don’t offer convenient scalability. Very often companies suffer from such a situation, because as applications get more complex, companies may want to connect more services to it.
When an application gets more complex, the more changes that are made, the more the chance of significant mistakes. That’s where Kubernetes comes into play, armed with the most important features that new applications require nowadays: fault tolerance, security, resource isolation and most importantly – scalability.
Kubernetes eliminates very complex monolithic architectures and breaks them down into fundamental parts called microservices, where your team, divided into small groups of people, can easily maintain and develop each microservice further. It means that teams become more effective and the company gets a reliable product faster.
Besides its timesaving benefits, there’s an even more important feature and that’s bulletproof security. In the age of cyber wars, companies need water-tight security in order to keep the application safe from hackers. So how can companies benefit from those security features that Kubernetes offer?
Kubernetes defines a set of rules and best security practices that mean different application processes are isolated from each other in separate containers. At the same time, the Orchestration Engine preserves the boundaries between them and allows important communication only when there’s a need for it. Containers, where micro-processes run, are fully separated from each other and if one gets compromised, the others will stay safe.
It’s important to note that Kubernetes doesn’t run multiple virtual machines when it runs microservices, instead, it runs only one Host OS with Kubernetes installed and provides a unique set of binaries and libraries for each container where the micro-processes will work.
This means that each container is given a specific amount of resources that are isolated from the other containers, resources that can be assigned to containers individually.
Isolation prevents DOS (denial of service) attacks and moreover provides data protection and privacy. Combining isolation with the auto-deployment function makes the whole ecosystem super-reliable. That is, if one host goes down, then the Kubernetes cluster services can easily move a killed process to the different host automatically, meaning the client won’t even notice a change in performance or function loss.
Furthermore, if something goes wrong with your Pod, the Replication Controller can automatically reboot a particular pod so that the microservices can get up and running again.
The Kubernetes API is the core of the whole security environment, as it has built-in admission controls, and authorization and authentication controls as well, which filter and regulate all requests to the API after authentication and authorization. The Kubernetes API is considered to be the central interface for users, administrators, and applications that communicate with each other. Users and services can access API in order to initiate operations.
The security environment is built very intelligently around the API, thus in order to gain access to a specific container, you must pass the three-stage process:
It dramatically increases the security of the environment and makes it hard for unauthorized users to gain access to the API. All users can be divided into groups and the administrator can easily assign privileges and types of access. Moreover, if there’s a need to create a couple of other extra security layers you can easily rely on OpenSSL X509 Client Certificates and Static Token Files that make it impossible to gain an unauthorized access.
Very often things can go wrong and in order to understand what exactly went wrong you have to have detailed system logs and the Kubernetes environment offers that. In addition to classic system logs, you can record Kubernetes-specific logs that shed the light on operations that the particular user has made, a very important function that allows you to keep track of recent changes. The best part is that if there’s any unauthorized access, you are able to quickly fix the vulnerability.
Audit logging is available starting from Kubernetes version 1.9, as currently, it’s only the beta feature that allows you to record actions taken by the API. All records can be easily archived and stored for later analysis, furthermore, every administrator can choose events that must be logged by specifying an audit-policy YAML file.
Due to complex security features that are available inside the Kubernetes environment, the ecosystem allows you to secure your application network in such a manner that it can become a “cyber-fortress”. There often needs to be a complex set of network policies that govern communication between every group of pods and other network endpoints in order to achieve this.
By default, all pods are non-isolated once created and they can receive traffic from everywhere. They can easily become isolated if the Network Policy plugin has selected them and set a number of network rules that can restrict any communication from the outside, yet at the same time, it can set a rule that allows communication only between certain pods. Pretty neat stuff.
*You might also find our article on how Heptio Ark/Velero as part of Kubernetes fits into app security*
Furthermore, Kubernetes allows complex Cluster Networking that can unite big infrastructures together and make them communicate with each other. In order to achieve that, all containers and nodes should be able to communicate without NAT over the network, and moreover, the container should know the IP that it is assigned to and it should be the IP that others see and know.
The Kubernetes environment offers security benefits that are hard to resist, as they save a lot of time, money and allows a company to easily avoid problems associated with cybersecurity criminals. From every standpoint, the Kubernetes environment backs your project up and makes it fault tolerant.
The various functions help you to log everything that happens in the heart of your system. Complex authorization and authentication processes won’t let any intruders get inside, isolation will save many resources and ensure the absence of DOS attacks, and network policies allow you to scale your application in a free way and ensure security at the same time.
It’s a fantastic set of features. Even from the development standpoint, applications that are made using Kubernetes technology are more reliable, stable and it allows companies to create outstanding products. Kubernetes, indeed, takes security and privacy to the next level.