Container security? #398
Comments
|
For info on Docker security generally: There are efforts underway to make it easier to use Linux security mechanisms with Docker, such as restricted capabilities, AppArmor, SELinux, non-root users, etc. Are you asking how to access these features through Kubernetes? That said, our position is that Docker doesn't yet provide a sufficient security boundary: |
|
Closing this since I think @bgrant0607's response addresses the issue, and anything remaining is likely a broader issue for Docker/libcontainer/... rather than k8s. |
keontang
pushed a commit
to keontang/kubernetes
that referenced
this issue
May 14, 2016
Fix kube-down delete etcd data
keontang
pushed a commit
to keontang/kubernetes
that referenced
this issue
Jul 1, 2016
Fix kube-down delete etcd data
harryge00
pushed a commit
to harryge00/kubernetes
that referenced
this issue
Aug 11, 2016
Fix kube-down delete etcd data
mqliang
pushed a commit
to mqliang/kubernetes
that referenced
this issue
Dec 8, 2016
Fix kube-down delete etcd data
mqliang
pushed a commit
to mqliang/kubernetes
that referenced
this issue
Mar 3, 2017
Fix kube-down delete etcd data
k8s-github-robot
pushed a commit
that referenced
this issue
Dec 18, 2017
k8s-github-robot
pushed a commit
that referenced
this issue
Dec 18, 2017
Automatic merge from submit-queue (batch tested with PRs 54379, 56593, 56685, 54174, 57309). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. e2e test layout changes for vsphere (#398) **What this PR does / why we need it**: For vSphere Cloud Provider there are many tests added. But all those tests are in e2e/storage directory. This change is an effort to make vsphere tests modular. New package 'vsphere' under test/e2e/storage/ is being created. **Which issue(s) this PR fixes**: Fixes # vmware-archive#353 **Special notes for your reviewer**: This is a change purely for vSphere tests Engineers in VMware have reviewed it. **Release note**: ```release-note None ```
seans3
pushed a commit
to seans3/kubernetes
that referenced
this issue
Apr 10, 2019
Added 'Taint nodes by condition' release notes.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there any effort being made to increase the security of Docker containers? Are they or will they ever be secure enough to run untrusted code, while protecting the host and each of the containers from one another?
The text was updated successfully, but these errors were encountered: