The document discusses the integration of trusted computing in Kubernetes secure runtimes, emphasizing the need for a secure base and system trust through trusted platform modules and attestation. It outlines a two-pronged approach involving authentication and admission controllers to verify system state and ensure secure access. A proof of concept implementation using JSON-based policy is mentioned, along with a question about the potential for in-tree integration.

1. Matthew Garrett
@mjg59 | mjg59@coreos.com | coreos.com
Integrated Trusted Computing in
Kubernetes

2. Secure runtimes require a secure base

3. How do we trust a system?

4. Trusted Computing

5. Trusted Platform Module

6. Unique per-system identity

7. Cryptographically verifiable system state

8. “Attestation”

9. How does this fit into Kubernetes?

10. Verify system state before providing access

11. Two-pronged approach

12. Authentication Controller

13. Initial authentication is TPM based

14. Attestation is slow :(

15. On valid auth, provide secrets

16. Admission Controller

17. Validate state on node operations

18. Can we go further?

19. Measure initial container state

20. Cryptographically verifiable audit trail

21. Proof of concept implementation

22. JSON-based policy description

23. Should this be in-tree?

24. https://github.com/mjg59/kubernetes

25. Thank you!
Matthew Garrett
@mjg59 | mjg59@coreos.com | coreos.com
We’re hiring in all departments!
Email: careers@coreos.com Positions: coreos.com/careers