Kubernetes security from cloud to edge
Francesco Iadanza, Engineering Ingegneria Informatica S.p.A.
29 March 2021
Container-based deployments that leverage on Kubernetes [1] orchestration benefit from its major key features like automatic scaling, self-monitoring, balancing and thousands of production-ready tools and applications. On the edge, additional requirements can be addressed by Kubernetes such as network latency [2], local data processing and improved resiliency and autonomy to overcome unattended and disconnected operations [3].
Open-source implementations such as K3S [4] and MicroK8S [5], thanks to CNCF certification [6], aim to bring the resiliency of Kubernetes to the edge and are light enough to run on low-cost hardware. This allows the possible interconnection of thousands of small infrastructures with obvious impact on security.
Sponsored by networking and multi cluster Working Groups, CNCF formed the Kubernetes IoT Edge WG with the objective of improving Kubernetes IoT and Edge deployments on distributed infrastructures. As a first result, it published a whitepaper [7] to identify the main edge security challenges and the high-level guidelines to mitigate the risks:
- Trusting hardware
- Trusting connected devices
- Operating system
- Network concerns
- Edge microservices
According to a recent survey [8] from Alcide, leader in Kubernetes DevSecOps, one of the key features to improve K8S security on the distributed clusters is the adoption of a secure CI/CD platform along with tools that can continuously scan workloads to ensure that they remain secure.
As most of the infrastructure in Pledger is based on Kubernetes, it represents one of the most critical assets to protect; so, along with the need to provide a centralised registration and resource management, workload placement and cluster-to-cluster connectivity [9], we will focus on the monitoring of the whole container supply-chain in order to reduce the possibility of a security breach.
For this reason, in Pledger we are working to provide a secure platform which includes both application and infrastructure hardening from different perspectives. For example, while we aim to integrate security scan of the container images to reduce the CVE [10] and whitelist the container registries and images, we also plan to provide guidelines to the developers to build immutable application containers and limit the surface of attack.
In addition, limitations about POD connectivity to allow only the strictly necessary traffic will be configured according to the application requirements to promote a security-first approach to the project. Finally, we aim to apply best practices from CNCF [11] to further improve Kubernetes security, in particular access audit and encryption of sensitive configuration data such as ETCD [12] and secrets.
[1] https://kubernetes.io/
[2] Haja, David & Szalay, Mark & Sonkoly, Balázs & Pongracz, Gergely & Toka, László. (2019). Sharpening Kubernetes for the Edge. 136-137. 10.1145/3342280.3342335.
[3] Xiong, Ying & Sun, Yulin & Xing, Li & Huang, Ying. (2018). Extend Cloud to Edge with KubeEdge. 373-377. 10.1109/SEC.2018.00048.
[4] https://k3s.io/
[5] https://microk8s.io/
[6] https://www.cncf.io/certification/software-conformance/
[7] https://github.com/kubernetes/community/tree/master/wg-iot-edge/whitepapers/edge-security-challenges
[8] https://get.alcide.io/2019-report-the-state-of-kubernetes-adoption-and-security
[9] https://containerjournal.com/topics/container-networking/is-kubernetes-really-ideal-for-edge/
[10] https://cve.mitre.org/
[11] https://www.cncf.io/certification/cks/
[12] https://etcd.io/
