Confidential containers on Azure Kubernetes Service (AKS) leveraging Kata confidential containers open-source project are coming soon to Azure. If you would like to be part of the preview, please express your interest here https://aka.ms/cocoakspreview
Zero trust cloud architecture is a security framework that focuses on maintaining security and protecting data by assuming that no device or user should be automatically trusted, even if they are within the network perimeter.
In a cloud hosted container platform, applications that handle sensitive personally identifiable information (PII) and Intellectual Property (IP) seek enhanced security and threat control to be in place. This is to shield the data they process and the code they run from known and unknown adversaries. The highest isolation and integrity of the environment is often dictated by the data compliance and cyber security teams.
Confidential virtual machines (VMs) based on AMD’s SEV-SNP hardware backed Trusted Execution Environments (TEEs) provide the underlying core capabilities like integrity for code and data in use, protection of data in memory from Azure operator, and remote cryptographic verification through attestation - all while running existing unmodified applications.
VM based TEEs can run a full Linux kernel and make it easy to achieve running unmodified applications natively, but the trust boundaries can be different compared to application-level enclaves. To enable isolation like an application enclave and achieve higher level of protection from VM admins, confidential containers on AKS run in dedicated “child VMs” per pod. Every child VM comes with its own memory encryption key with AMD SEV-SNP protections and the lifecycle of a child VM is associated with the lifecycle of the confidential Kubernetes pod.
By running the Kubernetes pods at this isolation level using nested virtualization, customers can benefit from app isolation from the parent VM and the tenant OS admin (operator of that VM), while still meeting the need of natively running any Linux container.
To foster an ecosystem with broad Kubernetes workload support, the Kata Confidential Containers (CoCo) open-source sandboxed Cloud Native Cloud Foundation (CNCF) project provides an ideal set of building blocks and security constructs to achieve the following security goals:
With added isolation for your workloads from other pods, host VM OS, and Kubernetes software in a single AKS container host, this deployment architecture is ideal for developers who want to run existing OCI compliant containers without negligible impact on existing DevOps practices. Confidential containers run as part of AKS agent nodes making finding an ideal balance between DevOps and Developers.
The goal of the Kata Confidential Containers (CoCo) project is to standardize confidential computing at the container level and simplify its consumption in Kubernetes. This is to enable Kubernetes users to deploy confidential container workloads using familiar workflows and tools. We are also taking our Confidential containers on Azure Container Instances (ACI) learning to community with container enforcement policy/full attestation and OCI image snapshotter with DM verity enforcement.
To improve our product goals of transparency and to enable a cross-industry open-source software effort, Kata CoCo and Cloud- Hypervisor Virtual Machine Monitor (VMM) combined with Microsoft hypervisor were chosen as the foundation for AKS support. Confidential containers on AKS leverage the base underling technology stack that enables “Kata VM Isolated Containers on AKS for Pod Sandboxing” but using specific Azure confidential computing (ACC) VM sizes.
As confidential computing matures to mainstream, Microsoft will continue to contribute by hardening the security and isolation to shape future releases based on customer and community learnings.
Confidential containers on AKS are designed with these principles based on customer feedback and will evolve as needs change.
As we work through these design principles and ratify them openly, we aim to bring these contributions to community projects such as Kata CoCo and Cloud-Hypervisor.
Confidential containers are attractive for deployment scenarios that involve sensitive data (for instance, PII or any data with strong security needed for regulatory compliance). Some examples of common scenarios with containers are:
If you would like to get first access to confidential containers on AKS, please express your interest here https://aka.ms/cocoakspreview. See below for answers to various questions.
We also welcome you to join the confidential containers community, participate in the weekly meetings to share your problems, contribute with us, and shape the projects that solve your zero trust requirements in a public cloud.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.