Kubernetes——也被称为K8s——是一个开源软件, 用于管理容器化工作负载和服务的容器编排平台. Kubernetes is in charge of container deployment and also manages the software-defined networking layer that allows containers to talk to one another. 该平台是可移植的,便于声明式配置和自动化.
Kubernetes官方网站表示, Kubernetes这个名字来源于希腊语, meaning helmsman or pilot. 谷歌在2014年开源了Kubernetes项目. Kubernetes combines over 15 years of Google's experience running production workloads at scale with best-of-breed ideas and practices from the community.”
Kubernetes plays a critical role in managing the scale and complexity of containerized applications by grouping and managing the various containers that run your applications. 容器不断地被旋转和替换, 因此Kubernetes将立即交换容器以确保没有停机时间.
But, what exactly is a container? According to Gartner,容器简化了应用程序打包并支持快速应用程序部署. 这使得跨开发、测试和登台的平台保持一致性. It also helps to accelerate builds and software releases, leading to more repeatable processes.
Kubernetes is important because it abstracts container management and orchestration and automates a task that would otherwise be impossible for humans to manage at scale. In a lot of ways, it's a foundational component of achieving what DevOps teams are trying to accomplish when setting up a continuous integration/continuous deployment (CI/CD) pipeline.
Security risks come into play when that human element is taken away – analysts are now trusting a system to manage the environment, 基于一组声明性策略和命令. To ensure this is done securely, guardrails should be implemented and operations continuously monitored within Kubernetes-based applications. This ensures any compliance 漂移或异常/可疑行为被捕捉和处理.
Because of its benefits, Kubernetes已经迅速成为许多企业DevOps团队事实上的编排工具. As a result, cloud service providers like AWS, Azure和GCP已经发布了Kubernetes的托管版本(EKS, AKS, and GKE, respectively) which almost entirely remove the need to manage and monitor the kubernetes nodes and clusters
将安全性集成到DevOps流程中的实践称为 DevSecOps. Building security checks and guardrails into the development process can be extremely beneficial, both with respect to enabling development teams to iterate quickly without sacrificing security and compliance as well as by allowing teams to catch issues before they ever reach production environments.
Kubernetes的操作可以是复杂的过程来保证安全. Done successfully, it can securely accelerate your development process in a manner that doesn’t increase your risk posture. Let’s take a look at some more prominent issues that can surface when shifting security left into Kubernetes operations.
This process watches an application at runtime (when it is in production) to block potentially malicious activity. 挑战来自于显示相关的见解,如警报和威胁发现. These findings are often missing much of the context needed to perform quickly and conduct proper investigations with confidence. 自动化持续监控的过程可以提高DevSecOps团队的效率, 但这也迫使政府放弃部分控制权, which can lead to security concerns.
小的错误配置可能导致大的漏洞. Making changes to Kubernetes resources in one instance can lead to those changes being overwritten later if they are not tracked. That can lead to unforeseen vulnerabilities even if security checks are working as they should. Version controlling enables a quick restoration to a prior configuration state if a vulnerability or security issue is detected.
Securing Kubernetes containers is the biggest challenge of all. Of course, there are many solutions on the market to mitigate any vulnerabilities or attacks that may show up in this process. 一次部署多个容器尤其难以确保安全. 这将是扩展部署的情况,这也会增加复杂性. Leveraging a single-policy framework to enforce across all Kubernetes workloads can ensure risks are flagged and cloud deployment is protected from malicious attacks.
利用注册表中的容器映像可以加快这个过程, 但这些图片可能包含恶意代码. Indeed, building tools like vulnerability scanning into the process is a must when working with Kubernetes containers that exist on publicly available registries.
Privately storing container images and leveraging vulnerability scanning can ensure that a development pipeline is seeing as little exposure as possible to publicly available resources and container images. Speed can also be a liability, especially if a team skips the step of correlating image vulnerability with already-deployed container images. 这种比较对于理解您的网络所面临的风险至关重要.
那么,什么是最关键的部分 securing Kubernetes operations?
What we’ve covered so far should communicate one very important piece of information: Kubernetes is very beneficial, 但应该谨慎而有条不紊地加以利用. To that point, integrating best practices into a Kubernetes workstream is critical when learning the process and ramping up.
RBACs allows you to configure user access and effectively manage data and user bases as they grow in size and complexity. Assign products, roles, 和资源,以便用户只能访问其角色所需的信息. This encourages the principle of least privilege, which helps prevent users from accessing sensitive data or information irrelevant to their roles.
api控制应用程序之间发出的请求类型, how those requests are made, 以及这些请求的格式. 因为单个应用程序通常可以包含许多api的使用, 它们给开发和部署过程增加了漏洞. 因此,最好将api的访问权限限制在绝对需要的人员.
Secure Shell (SSH) 有助于使用加密安全性保护开发协议. 它本质上是一个外壳,用强化的安全检查覆盖信息系统. 如果SSH不安全且防御不当, 它可能会使云应用程序和Kubernetes工作负载暴露于漏洞和攻击之下, 特别是对于上市公司和向互联网开放的系统.
This probably goes without saying, but the best way to ensure workloads and deployments are protected and properly containerized is to keep Kubernetes up to date. In fact, Kubernetes features rolling updates processes so users can update deployments with zero downtime by incrementally updating instances with new versions.
Continuous and proactive scanning and monitoring can protect against unexpected vulnerabilities and malicious threats. 在最近的云工作负载保护平台市场指南中, Gartner表示,工作负载正变得更加细化, with shorter life spans. 有时每周甚至每天部署多个迭代.
A proactive approach is the best way to secure these rapidly changing and short-lived workloads. Pre-deployment vulnerability management and continuous code scanning helps to protect cloud-based workloads from the very beginning through to deployment and runtime.