The docker client (CLI, or the go language docker client library, in the case of Kubelet) is responsible for setting whether trust should be enabled, and what notary server to use, on each call to docker. The Integrity Measurement Architecture (IMA) provides a way for parties to remotely verify the integrity of programs running on a machine.https://sourceforge.net/p/linux-ima/wiki/Home/#integrity-measurement-architecture-ima It appears to be a quite complex system.Vendors tend to publish the MD5 or SHA1 checksums (or both) for downloadable files, so it’s silly not to do checksum validation and confirm that the file has downloaded completely and uncorrupted. N1.1.bin) = 9a00b78dc42bb12f233aeff572e87d09 osx_bash-3.2$ openssl md5 n6000-uk188.8.131.52. N1.1.bin)= 9a00b78dc42bb12f233aeff572e87d09 osx_bash-3.2$ openssl sha1 n6000-uk184.108.40.206. There are plenty of third party application that can be installed, some of which add checksums to file properties, and some which are standalone applications. N1.1.bin)= b211eef614c0566c7729292228ded44c82272d5d [[email protected]]# sha1sum n6000-uk220.127.116.11. N1.1b211eef614c0566c7729292228ded44c82272d5d n6000-uk18.104.22.168. I try to validate after each time I transfer a file so that I don’t waste time sending a corrupted file on to the next hop. Sadly, I’m not in a position to recommend any of them, as I haven’t used them. A customer has asked for a feature which would ensure that only certain "approved" binaries are run on the cluster.This issue is to get feedback from other users on whether this would be useful, and to clarify requirements, and to see if some simple implementations would be sufficient.
Operational teams may delegate access to build images to users, but still control the trusted bases. So a trusted image is only trusted because it comes from a trusted base. Do you have a use case for overriding the policy in an emergency?
The threat some users are trying to protect against is that an otherwise authorized user of a kubernetes cluster accidentally or intentionally creates a pod that runs a binary that was built from untrusted, possibly malicious, source code.
It might actually cause direct harm, or just require costly auditing after the fact.
Auditing requirements may be dictated by Service Organization Controls.
Policy enforcement in the apiserver is easier to change and easier to surface errors, but probably more work to get something we all agree on working.