Transcript
This transcript was autogenerated. To make changes, submit a PR.
Hello friends, a very warm welcome from my side to conf42 JavaScript 2024 conference.
Today, I will be presenting on Kubernetes security for JavaScript applications.
I will talk about myself.
I'm Manpreet Singh Sachdeva.
I work for Walmart Global Tech in United States.
I'm an industry expert in DevSecOps, MLOps, incident
management, and quality assurance.
So I have experience in Asia, in Europe, as well as in North America.
I've worked on various technologies, cloud technologies, different cloud
providers, AWS, Azure, GCP, as well as on open source technology
like OpenStack, Kubernetes, virtual machines, containerized applications.
So I'm really excited to share my thoughts on this topic and I hope we learn together
and take some key learnings with us.
So let's get started.
this is all about securing our JavaScript applications on the Kubernetes clusters.
I'll share some best practices and strategies we use in the modern era.
So we'll talk about how Kubernetes became so important and so
necessary in today's world.
we'll go a bit, around in the area of 2015, where we were just started
to containerize the applications.
So the Docker became popular.
And we saw many applications like Java, JavaScript applications, and they
all sort, sorted, their, apps and we started deploying on the containers.
So the advantage of having containers is that it becomes platform agnostic and the
application really becomes lightweight.
You can deploy.
locally in your machine, you can take it to production, you can
scale in and you can scale out.
And there was a lot of flexibility around containers.
Then we started, thinking about the orchestration of containers that how
to make applications work on scale.
So that was the next challenge the industry had.
Then we started using Docker Swarm, where we could use.
to scale out the applications, do networking between all, the containers,
communicate and secure container, you know, workloads, but that also there
was a disadvantage or set of a sort of, issue while scaling on Docker swarm.
So it couldn't support large scale applications where we had to.
Run, production workloads for a very high intensified apps
using memory as well as CPU.
then came Kubernetes and really became popular because, the way it handled
the Docker orchestration, the way it handled all the container containers
in a, distributed environment, we could see the applications being
scaled in, scaled out and, a massive workloads being supported, then.
There was, networking between the applications.
How can we restrict the app to communicate or how can we, allow an app
to communicate to the outside world?
And then came the most important part, which was how to secure the
communication among the applications, how to make sure that we are covered
on the vulnerabilities and the cyber threats we have in the, on the internet.
So cyber security, as is one of the most or the hottest topic nowadays where there
are so many cyber threats causing so much damage to the reputation, financial damage
and so much, customers suffer so much at the stake of cyber security threats.
So today we'll focus on how to secure our JavaScript applications and how to
run them, efficiently using Kubernetes.
So guys, let's get started.
as I talked about containerizing the JavaScript applications, so
why should we on the first hand containerize an application?
So containers provide a very lightweight, portable, and consistent
environment for applications.
As we just spoke about, Docker is one of the most popular containerization
platform, which allows the developers to package their applications
with all their dependencies.
So that's what we do in Node.
js or Java applications, we package them with their dependencies.
So the other advantage is, that there is a consistency across all the environments.
We ensure that the applications runs the same way in all the different
environments, like dev environment, testing, pre staging or a pre
prod kind of environment, and then actually on a production environment.
So we can do all the cycles of testing, starting from the dev to our pre
prod and make sure that, we are well accustomed with all the scalability.
And the networking perspective of our applications, and then, deploy
the application on production and the other important factors, the, all the
containers are totally isolated, all the applications, they run all the
services they run without conflicts.
in their own storage space, so they do not interact or interfere with the
other apps which are also containerized.
Then we spoke about scalability already where, it's very easy
to scale the applications horizontally as well as vertically.
So we will talk about the horizontal pod auto scaling on Kubernetes that
how easily we can scale the application when there is an increase in the
surge in traffic and we can also basically scale in the applications.
Where if the traffic is less and you're going to, we can, make sure
that we are running on less number of containers to, do cost optimization.
And, we already spoke about the Kubernetes, which is, one of the
most popular container orchestration platforms, which helps the
applications to run at scale with different, Cloud providers nowadays.
So we also have a hybrid kind of a cloud environment, which most of
the companies nowadays support that they have their native inbuilt cloud
platform and they leverage the, cloud providers in a hybrid way.
So talking about now Kubernetes, which has actually transformed the way
we deploy our applications, the way we, scale our applications and it's
so easy to manage the applications.
just with few commands and, just on, even if I have a UI to manage very easy
to manage, all these applications in just one click, but we, that, we've
given such a big, or a powerful tool.
Now we also have a big responsibility to make sure that, we protect
our internet world or all the applications which are hosted.
We protect them.
from all the kind of cyber threats we are having now.
So we'll talk about different kind of, security implementation for Kubernetes.
How can we secure our, applications, especially what are the best practices and
some tips for the JavaScript applications.
I'll also share some of the examples for JavaScript
applications later in the slides.
Yeah, we'll just go through, one of, one of the examples, and I also share some
resources at the end of the presentation where you can refer it for later.
So this presentation will mainly outline a multi layered approach to secure
it, securing our Kubernetes clusters.
So we'll focus on the different planes where the security
vulnerabilities can catch us.
So first will be the control plane.
then we'll talk about the.
Securing our node, securing actual applications, which we
call as workloads in Kubernetes world or the containerized world.
And then we'll talk about how we can secure the communication of
all these apps on the network side.
So we'll give, give you a real world examples and best practices.
And, try to demonstrate how to protect Kubernetes environments and
vulnerabilities from the vulnerabilities.
So when we talk about security, there are mainly four C's, which we talk about.
So first C is the cluster, where, how can we secure the cluster
where our, application is hosted.
Then the container.
Container is nothing but the workload security.
How to secure the container which is running, our JavaScript application.
And we'll talk about the security on the cloud.
Then we'll talk about that how can we leverage the cloud providers such as AWS.
As your, as well as GCP, and then we'll talk about the actual code
vulnerability and the code security.
So just give an example of cloud securities like, AWS, Azure, they
have some network policies and they have their own kind of security,
mechanisms, which they support.
So we'll not go in, in depth of those security mechanisms, but there's
a lot of cloud security measures, which these cloud providers take.
and we can definitely leverage, on our Kubernetes clusters.
So moving forward, why does Kubernetes security matters that much?
So as we were talking about the Kubernetes, it's now very popular
in container orchestration and mostly all the big applications.
They use kubernetes, at the back end of the cluster.
So kubernetes has become the backbone of our modern cloud infrastructure
with adoption growing rapidly across industries like, healthcare,
finance, retail, telecommunications.
So organizational organizations are totally relying on kubernetes
for mission critical operations, like running big websites, retail
websites, healthcare systems, and even.
even the defense or the, different kind of industries like, AI industry
and healthcare industry, all are using Kubernetes on large scale.
But again, with the increased use comes the threat of cyber attacks, targeting
vulnerabilities with Kubernetes clusters.
We all are aware of the log4j vulnerability which happened
a couple of years back.
And there was another threat in 2021, which, a hacker was able to access a
Kubernetes cluster through, like an admin and able to, destroy and delete
so many apps, which were really mission critical supporting, the payment systems.
And it hit a lot of reputation of that company.
And, also a lot of financial damage happened, which the company had
to pay back to the customers.
So that is the reason, prime reason why the Kubernetes
security matters so much now.
So failing to secure Kubernetes environments can lead to severe
consequences, the kind of one which we just discussed.
So including data breaches, right?
Service disruptions, you can completely delete the running application pods and
just do a complete service disruption.
You can filter out the secrets, the username passwords
of the actual customers.
And which is a big data breach for any company.
And then there, the financial losses, that, that can actually
cripple the, the operation centers.
So the stakes are especially high for organizations undergoing
digital transformation nowadays.
Properly securing Kubernetes clusters will basically ensure trust,
reliability, and safety, not only for the business, but also for the end users.
Who rely on these digital services?
Suppose, customers are using a banking app customers, like last week, there
was a big outage on the bank of America.
The user not, we're not even able to log into the app.
So all of these, apps are hosted on Kubernetes and at the end, the end
users are suffering and it's bringing so much loss, to these digital services.
So now we'll talk about the multi layered approach, which we will follow to secure
our Kubernetes clusters and workloads.
as I was talking that we will talk about different kind of security planes where
we need to, apply the security measures.
securing Kubernetes requires a layered security strategy.
Addressing vulnerabilities across different components.
So each layer is crucial here for reducing the attack surface and mitigating threat.
So we constitute, all these layers constitute a attack surface.
So we will see where are attack surfaces and how to mitigate, the attack area.
So first up, first of all, we'll talk about the control plane security, how
we can protect the cluster's central brain where, you know, all the logic
lives, then we'll talk about the node security that, we, the node, the host
where our application is running, how to secure that node, then eventually
we'll talk about, the workload security, which is nothing but securing our
JavaScript applications, that how the applications run within the cluster.
can be protected, right?
And then we'll talk about the network security at last, that how we can control
the traffic inflow and, which we call the ingress traffic and the egress traffic.
How we can, control the inflow and the outflow traffic and manage the
secure communications among the apps.
basically we'll have a holistic approach to ensure that, all the vulnerabilities
are addressed from all the angles.
first we talk about control plane security.
what is control plane security?
It's the API server authentication and authorization, happens
on the control plane.
control plane is the brain of your Kubernetes cluster.
Some of the, terms we use, we call it as the master component.
or the one which is running the control, plane.
So we also call it as a control plane component or a master component where
are, all of the API servers are hosted.
So the Kubernetes API server is the core interface for
managing the cluster operations.
Secure it by using strong authentication methods like OAuth or OpenID.
So these are all open, source way of, providing an authorization,
to the cluster level.
And we can also use RBAC policies.
So RBAC is nothing but Role Based Access Control policies by which we can
limit the access to critical functions.
So every org they implement RBAC, what is RBAC is like, with our, user ID,
they will tie us to a particular group.
And through a particular group, we will have a role based access that if
I'm part of a developer group, I can only, do a read only on the cluster.
If I'm part of a DevOps or a like incident management group, I will
have access to production as an admin.
And if I'm part of some testing group.
I may not even have access to production.
I may only have access to pre prod or a staging or testing environment.
So that way we can secure, the user making it part of a certain
group through RBAC policies.
Then we have to, encrypt the etcd.
So etcd is nothing but a database is a key value database like Redis.
It stores, the cluster sensitive data, including some secrets
and configuration details.
So these configuration details, are very sensitive.
They are actually, storing very sensitive data about the, secrets as well as
the keys, as well as the certificates, which are used by the API server.
So it's very important to encrypt all the etcd data, at rest and, only
certain users with admin access be able to access the etcd database.
Then we will talk about the network policies by default.
Kubernetes networking is open, which can expose the cluster to risk.
So that is the way Kubernetes has been designed.
the networking is open.
We have to make sure that these network policies are not
accessible by external users.
So we can implement the network policies using tools like Calico
or Cal, Cillium to control the communication between the ports and
minimize our potential attack surfaces.
So we'll talk about network policies in details that how can we make
sure that we have network policies to secure our infrastructure.
So next we talk about the node security.
so node is how our kubelet, interacts with the API will be hosted on a node.
So there are, certain aspects we will talk about here.
So first is the operating system hardening.
How we can show, make sure that our operating system like Ubuntu
or wheresoever our application is hosted, how we can make sure that all
of the operating system is secure.
So nodes should run a minimal hardened OS version with regular security patches.
Adopting standards, such as the CIS benchmark, which is the standard
benchmark for security, it's help reducing vulnerabilities at the OS level.
So important thing here to.
you know, notice that there is always a security patch, update from
the OS level supports Ubuntu, 20.
04 is secure at a certain level, which supports a particular
version of Kubernetes.
Once, the Kubernetes patch new patch comes, it might not be secure.
And that on that particular OS version, it's always, you have,
we have to make sure that we have.
Updated the OS or the kernel version with the latest security
patches so we don't open our node for any kind of vulnerabilities.
So operating system hardening is really important.
Then we talk about the container runtime security.
The container runtime security like Docker or ContainerD with what kind
of, the runtime environment we use is responsible for managing our containers.
So enforcing security controls like AppArmor.
AppArmor or SE Linux can limit the actions containers can take
protecting the host system.
So we'll talk about AppArmor.
we can make a profile and upload that profile or link that profile to
AppArmor and make sure that only these kind of rules are allowed in our node.
Like only these kind of rules we will be allowing on the
node to run and certain rules.
Which are not associated with the profiles will be discarded.
So we'll create a profile and, filter all the rules based on the
profile kind of profile we have.
So we have security measures like app armor.
I will share the resources that how we can use our app armors.
really cool tool.
it's an open source.
And we can maintain our profiles with the help of AppArmor and,
secure our run, container runtime.
Then we talk about the kubelet security.
The kubelet, which is an agent on each node, it runs
as a daemon set on each node.
Each of the node handles the communication with the control plane.
the node interacts with the control plane with kubelet, with the kubelet and
that also on a TLS secure communication.
So securing the kubelet with TLS and restricting the API
access prevents attacker from manipulating the node operations.
So securing our kubelet is also really important because I've seen some teams,
they will secure the API server, they will secure the workloads, but the kubelet
security sometimes is discarded and, ignored, which, which will allow the
hackers, to make any changes on the node level and it can create a lot of damage.
Now we spoke about the node security.
Let's talk about the actual workload security and coming
to the JavaScript applications.
How to secure a JavaScript application is, part of the workload security.
suppose a JavaScript application is containerized on a Docker container and
then, is orchestrated on Kubernetes.
that JavaScript container running application will be
running as a pod inside, and a pod will be having containers.
initially we had used to.
Call something called port security policies.
They have been deprecated, but now we use, something called PSA, which
is port security admission, which allows the admins to enforce security
policies such as privileged baseline restricted kind of access on the port.
So the basic fundamental on securing a workload is give least,
privilege to a running container.
means you give a least privilege that the user is not able to exec into a container
and run commands on the root level.
Because if any user is able to execute inside a container and run commands
on a root level, that can even disrupt all the running applications that
can destroy the network policies and, the user can you eventually, just do
anything if they have the admin access.
So the least access principle always is applicable on the workload while
we are talking about security.
And then we talk about runtime security that we can use tools
like Falco or Aqua security.
To detect some suspicious activity within the containers.
So what we can do in Falco is create some rules and if we, if, if those rules are
met, like we have, triggered that if we see some 5x kind of errors or, 3x kind
of redirects in a container, traffic, which should not be ideally happening.
So we can actually, write some Falco rules.
create a Falco policy, write some rules and, trigger real time monitoring.
If we see those rules are getting, break, so we can trigger alerts and notify the
users with the help of runtime security.
Then comes the most important part of securing our, workloads,
which is managing of the secrets.
So secrets are in general, some, workloads have exposed secrets, which is.
Not a good practice.
So we should always be using, tools like HashiCorp Vault or maybe, AWS
Secrets Manager or Azure Secrets, which, whichever cloud provider you're using.
So storing secrets directly in plain text with Kubernetes
manifest is a common mistake.
it is actually a very big mistake.
if you do, and it can cause, it can expose your secrets and
anybody access to that secrets.
Can, run your APIs, on the cluster and, can even, change the data
inside the applications and even, delete some of the important
configurations in the application.
So secrets management on the workload security is one of the most, important
way of, securing our applications and always use, something which has
been provided by the cloud provider, or, we already have HashiCorp Vault.
they're, ultra secure way of, managing the secrets.
So now at last, we will talk about network security, how we can secure
our communication with the outside world or with the other apps.
So we have something called service mesh.
So like service mesh, most of the, organizations use, where they
will limit the incoming traffic.
And from there they will distribute the, traffic based on the network rules.
commonly used service mesh are HTO or Linkerd, which add an additional layer
of security by enabling a mutual TLS.
So mutual TLS is very secure way of, communicating, over, a secure protocol.
They encrypt the service to service communication and they make sure
that, there's a very fine grained access control given to the user.
So they also use their RBAC policies on the STO level and they make sure
that the communication is very secure.
So one is using service mesh on your network.
Second is like you can use ingress and egress control.
So you can control what traffic can enter and leave your, cluster by deploying
an nginx ingress controller, which is a very common ingress controller.
You can define your ingress rule that you want to, talk to this app.
You don't want to like you restrict the traffic from this app.
You can create your ingress rules on the Kubernetes cluster.
So like ingress, controller also have their inbuilt network policies.
So where you can restrict the external or internal, IPs, whichever IPs
you want to, allow traffic to, or you don't want to allow traffic to,
you can just create your network policies using the ingress control.
Then we'll talk about the DDoS protection.
Kubernetes clusters that are exposed to the public internet are susceptible to
distributed denial of service attacks.
It's a very common attack nowadays in the cyber world.
So implement DDoS protection mechanisms like, again, leverage your cloud
provider, use AWS Shield or there is Google Cloud Armor as well to
defend against DDoS kind of attacks.
So this was all about, network security.
We Now, talking about the global impact of Kubernetes security.
basically, what security does it, it enhances trust.
So securing Kubernetes clusters, JavaScript applications running on
Kubernetes clusters, we secure them, it directly impacts the trust that customers
and stakeholders have in digital services.
Security incidents can lead to significant reputational damage,
As we, talked about before as well and erode confidence in the digital
transformation efforts of organizations.
So it's so important to, enhance our trust, in our end users.
So protecting our critical infrastructure, Kubernetes is now a very critical
part of managing infrastructure in industries like healthcare,
finance and telecommunications.
A security breach in these environments, suppose, some
person's health data is breached.
Such a, big data loss and such a, Big thing to, lose the confidence of customers
providing their health data so it can actually have catastrophic effects.
Global sec, cybersecurity contribution.
As Kubernetes becomes, more widespread, its security becomes a vital part of the
global cybersecurity ecosystem as a whole.
By enhancing Kubernetes security, we protect our, broader digital landscape.
working on security, cybersecurity.
Sometimes I feel, I'm a cyber warrior protecting.
The internet.
I really feel proud of, I'm part of, securing something and helping
users to, protect their data.
So it's a big ownership, cyber security engineers carry with them and, working
on such, cutting edge technologies like Kubernetes and learning how
to leverage all this technology to protect the data is actually, amazing.
open source standards like Kubernetes also is open sources.
Most of the things are, actually free to use.
like so much code is, posted on GitHub where we can leverage that
code and secure our clusters.
It basically sets a security standard for the broad and open source community,
encourages them influencing the security practices of other projects.
Being this open source is actually a very much, an inspiration for
all to, even, use the code and even contribute to the open source community.
So now, We'll do some examples on the JavaScript applications, some
security considerations, which I spoke about, but I want to give
some examples on that as well.
So always run containers as non root users.
That's a rule of thumb that, if I, if you see that always create a non root user,
and never give a root kind of access.
So here I've used user called app user.
So I'm not giving a root kind of access.
To the user implement network security, policies like restrict traffic between
the ports, leverage namespace and labels, which are Kubernetes properties.
And even with, using the labels, proper labels and namespace, you can
secure applications like the way, examples shows that we have used,
something, metadata called name allow node js, and we have pod selectors.
We will match the labels.
With the help of these, pod selectors and we can define rules like ingress or
egress where we can, make sure that, the only this kind of namespace is allowed
or only these kind of pods, which have those labels matching are being allowed,
to serve the traffic and then manage secrets securely, already spoke about
Kubernetes secrets and, never expose your secrets in plain text, at least
have a base 64 type of encoding for your secrets and use HashiCorp Vault.
They will, there's a very super way of securing your secrets.
also we'll go through some security best practices.
Always do or perform regular audits on your infrastructure, perform, audits
of your Kubernetes configuration and ensure that all the components
are configured securely, do a MFA, enforce MFA in your projects, in your
organizations, encourage people to use MFA for, enforce MFA for accessing
critical systems like the Kube, Kube API to add in regional layer of protection.
Monitoring and alerting is always important.
We can use.
Leverage tools like Prometheus, Grafana, Kibana, and integrate
runtime security solutions to detect any kind of suspicious behavior.
So we can use our Falco rules, integrate them with, Prometheus and the user,
an engineer on call can get notified of any, rules getting, if the rules
are getting, break during and we can, detect vulnerabilities in that case.
Also, again, pointing out, apply the least privilege principle always,
always give a least privilege to any users or systems, having, they should
have the minimum access necessary to perform their basic functions until and
unless they're part of the admin team.
Stay updated, always stay updated with the security patches.
even the OS level patches and, the Kubernetes, kernel patches because,
the security patches will make sure that the vulnerabilities are removed
from the latest security patch and all the dependencies with the underlying
OS match with those security patches.
really important to focus on.
Then, sharing these additional resources for you to check on like official
documentation from Kubernetes, some Falco related docs, some cheat sheets
of Kubernetes, sharing resources about AppArmor, SecCom, and encrypting the
data at rest, really crucial for, securing, our, JavaScript applications
running on these, Kubernetes clusters.
also listed some couple of really, vital books, which helped me gain
knowledge and, apply that, implement that knowledge, on my projects.
so this is Kubernetes up and running by Kelsey Hightower,
really, big, fan of this book.
And then this is Node.
js design patterns by, Mario.
This also is a really good book if you want your expert in Node.
js applications, it can really help you leverage what kind of, security measures
as well as the scalable measures you can take for the JavaScript applications.
And then feel free to join these communities because these are
open source communities like the Kubernetes community and the Node.
js community as well as the Kubernetes public slack.
It's really handy to, give you the, what are the latest developments going on and,
what kind of, people, issues people are having in their JavaScript applications,
as well as, what kind of issues they're having in deploying these applications
and running them on Kubernetes, platform.
now I like, I'm almost at the, conclusion part of my talk.
We have discussed a lot about security, how we can prevent our
applications, from vulnerabilities, how we can at least secure our
JavaScript applications running.
And we also went through some examples.
So concluding my talk, I will talk about, leveraging Kubernetes with
JavaScript empowers developers to build scalable, resilient, as
well as efficient applications by embracing containerization.
Automated deployments and robust orchestration JavaScript applications
can actually meet the demands of modern dynamic environments.
Whether we are building microservices, real time applications, or serverless
functions, the synergy between Kubernetes and JavaScript offers a very powerful
foundation of innovation and growth.
We saw, so much growth is possible and there's so many options
for these applications to run.
Kubernetes security is not just about protecting a single cluster.
It's about safeguarding the critical infrastructure that
businesses and societies depend on.
As the adoption of Kubernetes continues to rise, securing these clusters becomes
paramount to ensuring trust and security.
Reliability and scalability, stability in digital systems.
So by this, I'm coming to the end of my talk.
I hope you guys learned here and you will take key learnings with you.
it was really a privilege to speak on this conference.
I just thank all the organizers to giving me an opportunity to present my thoughts.
And, also thank you all my listeners who were there to, witness my talk.
I hope.
You really liked it.
And if you have any questions, you can reach me out to the email, which
is being showed on your screen.
Again, it was, really a wonderful experience giving this talk and hope to
connect with you guys soon in future.
Thank you so much.