Kubernetes Gets Security Audit 

An open source group is expanding its third-party security audits to include the popular but vulnerable Kubernetes cluster orchestrator.

The Cloud Native Computing Foundation (CNCF) announced this week it would add Kubernetes to its pilot program of public security audits. Earlier audits of other open-source projects—CoreDNS, Envoy and Prometheus—uncovered security issues ranging from “general weaknesses to critical vulnerabilities,” the group said.

The expansion also responds to a steady stream of Kubernetes vulnerabilities, including an API flaw uncovered this week that allowed unauthorized access to cluster-wide resources.

Kubernetes is among a growing list of open source projects overseen by CNCF that are widely used in production. The earlier audits would serve as a framework for securing Kubernetes as it grows in popularity.

“The main takeaway from these initial audits is that a public security audit is a great way to test the quality of an open source project along with its vulnerability management process and more importantly, how resilient the open source project’s security practices are,” CNCF Director Chris Aniszczyk noted in a blog post.

An evolving “threat model” will probe key components of the cluster orchestrator, including authentication, authorization, cryptography, multi-tenancy, networking and “secrets management.”

The Kubernetes audit working group also will scan eight Kubernetes components for security flaws:

• Kube-apiserver
• Etcd
• Kube-scheduler
• Kube-controller-manager
• Cloud-controller-mamager
• Kubelet
• Kube-proxy
• Container runtime

Security vendors praised the Kubernetes security audit.

“While many observers will emphasize the number and severity of vulnerabilities that were reported, that focus misses the forest for the trees,” said Wei Lien Dang, co-founder and vice president of StackRox, an application container security specialist.

The CNCF audit “provides value far more broad and critical than identifying additional vulnerabilities,” StackRox added. “Such vulnerabilities will keep surfacing—with or without this audit, given the combination of the rich code base with such broad, rapid adoption.”

Among the initial security recommendations from the CNCF audit panel aimed at Kubernetes developers are avoiding the “hardcoding” of paths to orchestrator dependencies and monitoring often unsecured Linux code.

Additional details on the Kubernetes security audit are here.

About the author: George Leopold

George Leopold has written about science and technology for more than 30 years, focusing on electronics and aerospace technology. He previously served as executive editor of Electronic Engineering Times. Leopold is the author of "Calculated Risk: The Supersonic Life and Times of Gus Grissom" (Purdue University Press, 2016).