Container based virtualization Security In Cloud computing environment

Abstract

Containerization, also known as "operating system virtualization" has been gaining popularity in recent years, unlike classic virtualization, Containerization is a lightweight version of virtualization where containers share the same host’s kernel which makes them faster and portable. The adoption of cloud computing and containers have promoted the “MicroServices” architecture, also brings a new concept like function as a service “FaaS” in the cloud, which allows developers to run their code directly without managing any servers. However, containers are less secure compared to VMs because of sharing the host’s kernel. Those containers can scale as much as the services on our system and we can have millions of them, which make the attack surface wide, thus securing containers is critical. In this project, our goal is to offer a security solution to ensure high availability and security that can be implemented in a cloud environment, using containers’ security best practices and the newest technologies like docker , CRI-O and the famous orchestration tool Kubernetes to manage our containers. All of this work has been implemented in our local machines, in Formini’s testing environment and in cloud platforms such as Microsoft Azure and Google cloud platform. Keywords: Containerization , MicroServices , Cloud Computing , Kubernetes, High availability