Container Security Protection – Orchestration Security Orchestration Security The maturity of the container technology pushes the development and implementation of microservices. More and more enterprises choose to adopt a mircoservice architecture to build their applications. Container orchestration tools are responsible for managing container clusters that carry various services. Arguably, it...
Tag: Container Security
Technical Report on Container Security (IV)-6
Container Security Protection – Runtime Security Runtime Security Security Configuration for Container Launch A container runs on the host as a process. Running container processes are isolated from one another. Each has its own file system, networking, and isolated process tree separate from the host. The following sections detail how...
Technical Report on Container Security (IV)-5
Container Security Protection – Container Network Security Container Network Security (more…)
Technical Report on Container Security (IV)-4
Container Security Protection – Image Security Image Security Images are the basis of containers. Therefore, their security speaks a lot for that of the entire container ecosystem. Container images are a series of images stacked layer by layer. They are distributed and updated through image repositories. The following sections describe...
Technical Report on Container Security (IV)-3
Container Security Protection – Host Security Host Security Hardening of Basic Host Security Containers share the operating system kernel with the host. Therefore, host configuration determines whether containers can be executed in a secure manner. For example, vulnerable software puts the host at risk of arbitrary code execution; opening ports...
Technical Report on Container Security (IV)-2
Container Security Protection – Container Service Security Container Service Security The security of the container management and orchestration service has a direct bearing on that of the container control plane. Take Docker for example. Whether the Docker daemon is properly configured determines the security of Docker to some extent. It...
