Understanding security on Kubernetes
When discussing security on Kubernetes, it is very important to note security boundaries and shared responsibility. The Shared Responsibility Model is a common term used to describe how security is handled in public cloud services. It states that the customer is responsible for the security of their applications, and the security of their configuration of public cloud components and services. The public cloud provider, on the other hand, is responsible for the security of the services themselves as well as the infrastructure they run on, all the way to the data center and physical layer.
Similarly, security on Kubernetes is shared. Though upstream Kubernetes is not a commercial product, the thousands of Kubernetes contributors and significant organizational heft from large tech companies ensure that the security of Kubernetes components is maintained. Additionally, the large ecosystem of individual contributors and companies using the technology...