Capping IT Off

Capping IT Off

Opinions expressed on this blog reflect the writer’s views and not the position of the Capgemini Group

DevOps and Microservices – a Security View

Most organisations I work with have complex, laborious procedures for installing applications into a production environment.  These can be very frustrating when you’re working to a deadline, but they do perform some valuable functions from the security point of view: they protect the integrity of the production environment, and they separate the operations staff from the developers.

However, these procedures are oriented towards organisations that deploy a code change once a quarter.  They’re not workable if, like many modern organisations, you need to deploy a code change once a day, or once an hour.

The DevOps movement is intended to address this new requirement.  DevOps brings development, operations and QA staff together to streamline and unify deployment processes.  DevOps makes heavy use of automation to achieve this.

DevOps works closely with micro service architectures such as Docker.  Micro services are small, independently deployable services that communicate using lightweight protocols.  Micro services are deployed automatically and hosted using containerised virtualisation.

Like conventional virtual machines, micro services are isolated within containers so that they cannot interfere with each other.  Containers in Linux use a number of specialised features to provide isolation:

  • Namespaces, which provide separate process spaces, network instances, IPC resources, mount points etc. for each container.

  • Cgroups (control groups), which manage the use and sharing of physical resources.

  • Union file systems, which allow file structures from different sources to overlay each other.

How secure is a micro service architecture?  The concept is too new to give a definitive answer, here are my thoughts:

  • Containers are a new technology so we can assume (without the need to consider any actual evidence) that they contain numerous security bugs.

  • We can also assume that these bugs will be discovered and corrected rapidly over time as containers are subjected to more scrutiny.

  • Containers are more lightweight than virtual machines and present a much smaller attack surface.

  • It will always be difficult to protect a UNIX type OS against a process running as root.

  • The high degree of automation when installing a micro service will bring significant security benefits.  It will become much easier to deploy standard hardening and to avoid error-prone manual install steps.

In conclusion: I wouldn’t put anything sensitive on a multi-tenanted micro service platform today.  But in a couple of years it should be a different story.

About the author

John Arnold
3 Comments Leave a comment
Very nice article, Ihave had maby doubts about DevOps and you to understand better these new tech concepts. Many thanks. Congrats!!!
Very nice article, I have had many doubts about DevOps and you help me to understand better these new tech concepts. Many thanks. Congrats!!!
This technology is not new. Actually its been in UNIX like operating systems for a decade. They are just using the services what the underlying operating system offers, so "root" is not very valid point from the security aspect. One might say that using the any OS is not recommended because its using memory. Docker has been implemented in some huge systems that have millions of users and but its rather new implementation of containers but has new twist to it and with trivial benefits. Microsoft have announced their next server OS version has Docker.

Leave a comment

Your email address will not be published. Required fields are marked *.