Résumé:
Containerization, also known as "operating system virtualization" has been gaining popularity
in recent years, unlike classic virtualization, Containerization is a lightweight version
of virtualization where containers share the same host’s kernel which makes them faster and
portable.
The adoption of cloud computing and containers have promoted the “MicroServices” architecture,
also brings a new concept like function as a service “FaaS” in the cloud, which allows developers
to run their code directly without managing any servers. However, containers are less secure
compared to VMs because of sharing the host’s kernel. Those containers can scale as much as
the services on our system and we can have millions of them, which make the attack surface
wide, thus securing containers is critical.
In this project, our goal is to offer a security solution to ensure high availability and security that
can be implemented in a cloud environment, using containers’ security best practices and the
newest technologies like docker , CRI-O and the famous orchestration tool Kubernetes to manage
our containers. All of this work has been implemented in our local machines, in Formini’s testing
environment and in cloud platforms such as Microsoft Azure and Google cloud platform.
Keywords:
Containerization , MicroServices , Cloud Computing , Kubernetes, High availability
