Contents

What's more secure... Docker or Kubernetes?

Contents

I get this question a lot from various acquaintances trying to choose the best platform to migrate to; ideally using https://cloud.oracle.com/cloud-infrastructure. The standard response is that every platform has it own pros and cons. My general advice is that the choice should be based on your company’s skill set regarding each platform, the complexity of the project your migrating, and their ability the manage the security risks related to each one.

Most people believed that Kubernetes was the most secured solution, until https://access.redhat.com/security/cve/cve-2018-1002105 came out last month. However, the people at CNCF have released an outline of best practices that everyone should already be following on their cloud platform.

  1. Patch regularly
  2. Implement role-based access control and policies
  3. Separate sensitive components
  4. Secure your metadata using proper key management
  5. Turn on Auditing

https://www.cncf.io/blog/2019/01/14/9-kubernetes-security-best-practices-everyone-must-follow/