API
RBAC
Identity Provider
Controller
OpenID
Connector
Scheduler
etcd
Master
AppArmor
Source Repo
CVCD Pipelines
Secrets Management
NS1 NS2
pod A pod B
AppArmor
NS1 NS2
pod C pod A pod C
pod D pod B pod D
Istio Service Mesh
Platform logging
and monitoring
Application logging
and monitoring
Network Policies
Container
Registry
Container images
& runtime scan
SecComp SecComp
Node 1 Node 2
Pipeline Integrations
Kubernetes Environment
Figure 1: Kubernetes - Security Controls Landscape
Container Security
The first step in implementing tight container secu-
rity is to create a pod security policy. One recom-
mended practice is to enable a pair of built-in secu-
rity measures using features in Linux: AppArmor and
seccomp. AppArmor is a Linux kernel security mod-
ule used to set the actual profiles. Seccomp is a com-
puter security facility in the Linux kernel that
restricts the kind of calls the file system can make.
Together, these features allow administrators to put
limits on users’ privileges – a must for keeping a lid on
unauthorized activity after a user is allowed access to
the environment.
Once you create the policies, you can tweak them to
manage user access to specific container functions.
38 | THE DOPPLER | FALL 2018
Everyone does not need access to everything. Instead,
it is best to implement fine-grained controls to allow
users privileges based on job function, the urgency of
activity and the security needs of a particular project.
Now that you have given people pathways, you need
to create walls. These can be done by setting admin-
istrative boundaries between resources. Each
resource can be set aside in a specific namespace,
separated from other resources that others have
access to. You can create new namespaces and man-
age each one dynamically, adding and subtracting
users and resources. Keeping resources organized
and properly designated lowers the risk of mistakes
about malicious activities.