Study of Security Issues in Kubernetes (K8s) Architectures; Tradeoffs and Opportunities

Abstract: Cloud computing has emerged as a significant model, providing flexibility, scalability, and on-demand resources, transforming the way organizations manage and handle data. The shift to microservices architectures, a design approach in which applications are built as groups of loosely linked services, is a critical component of this transformation. This architecture has numerous advantages. This trend has resulted in an increase in containerization technology, and thus, Kubernetes has become indispensable due to its robust handling of containers. It addresses the complexity of deploying, scaling, and managing applications, allowing organizations to accelerate their digital transformation. Its features make it an essential tool in modern infrastructures. However, like any system, Kubernetes is vulnerable to security issues. This master's thesis investigates security issues in Kubernetes architectures, identifies vulnerabilities, and provides realistic mitigating solutions. We will look at several aspects of Kubernetes security, as well as, try to address the research questions of: Finding the most common vulnerabilities, how to mitigate them and what are the tradeoffs and opportunities of doing so in Kubernetes architectures. This study suggests practical ways to protect the system against many attack vectors. The results can help practitioners and researchers in improving the security of Kubernetes and its ecosystem.