Confidential Containers in Kubernetes

Simplifying Adoption through Standardisation

Introduction

Confidential computing is becoming increasingly important for organisations that handle sensitive data. With the rising adoption of Kubernetes, standardising confidential computing at the pod layer for container workloads will benefit users. The Cloud Native Computing Foundation’s (CNCF) Confidential Containers (CoCo) project aims to address this need by providing a standardised approach to deploying confidential container workloads on Kubernetes. In this blog, we will explore the benefits of this standardised approach and how the CoCo project provides the foundation to enable new business workloads using confidential computing.

Why Standardisation is Helpful for Adoption?

Standardisation plays a crucial role in the widespread adoption of any technology. When it comes to confidential computing in Kubernetes, standardisation brings several benefits:

1. Interoperability: Standardisation ensures that different implementations of confidential computing technologies can work together seamlessly. It allows users to choose from various providers while ensuring compatibility and reducing vendor lock-in.
2. Ease of Deployment: Standardisation simplifies deployment by providing a consistent and familiar framework. Kubernetes users can leverage their existing workflows and tools without needing in-depth knowledge of the underlying confidential computing technologies.
3. Security: Standardisation accelerates and helps with security evaluations and audits, instilling confidence in organisations adopting the technologies.
4. Community Collaboration: Standardisation fosters collaboration within the community, allowing experts to come together and contribute towards developing best practices, guidelines, and tooling. This collaborative effort drives innovation and ensures the continuous improvement of confidential computing technologies.

Ultimately, deployment and maintenance should be boring to derive business benefits from the technology. And this is the whole premise of the CNCF CoCo project.

A brief look at the CNCF CoCo Project

The CoCo project provides a common foundation for deploying confidential containers on Kubernetes using VM- or process-based TEEs. The CoCo project aims to enable users to run confidential containers on any Kubernetes cluster with minimal changes to their existing applications and workflows.

The CoCo project provides three different approaches to deploying and managing confidential containers catering to a broad spectrum of confidential computing environments:

1. Confidential containers using VM-based TEEs on a local hypervisor
2. Confidential containers using VM-based TEEs on a remote hypervisor
3. Confidential containers using process-based TEEs

Further, the CoCo project provides a standard mechanism for remote attestation of TEEs (and workloads) using an attestation-agent and a Key Broker Service.

Let’s look at the three deployment approaches and remote attestation in brief.

Confidential containers using VM-based TEEs on a local hypervisor

This approach primarily requires bare-metal Kubernetes worker nodes supporting AMD SEV, Intel TDX or IBM SE with QEMU, cloud hypervisor etc. The architecture overview diagram is shown below.

The guest-components, Key Broker Service, Attestation Service, and Kata runtime with support for confidential computing are made available via the CoCo project and are shared across the different approaches.

Confidential Containers using a local hypervisor on the Kubernetes worker node

Confidential containers using VM-based TEEs on a remote hypervisor

This approach is also called the peer-pods approach and relies on Kata Containers’ remote hypervisor support and the CoCo cloud-api-adaptor project. This approach works on any Kubernetes cluster without needing confidential computing hardware for the worker nodes. It uses confidential VM services made available by public cloud or third-party IaaS providers. The following diagram shows the high-level architecture of this approach.

Confidential Containers on a remote hypervisor independent of the Kubernetes worker node

Confidential containers using process-based TEEs

This approach requires a Kubernetes worker node with Intel SGX support and uses the CoCo enclave-cc project. The high-level architecture overview is shown in the following diagram.

Confidential Containers using process-based TEEs

As you can see, depending on whichever confidential containers deployment and management approach you choose for your environment, the building blocks are provided by the CoCo project.

Remote attestation in CoCo

Remote attestation is a mechanism that allows a software component running in a confidential computing environment to prove its trustworthiness to an external, trusted service. It involves generating and verifying an Evidence, which is a set of claims about the state of the system and the software stack, signed by a hardware key.

The Confidential Containers (CoCo) project follows the IETF Remote Attestation Procedures (RATS) as described in the diagram below:

An Attester is the component that generates and sends the Evidence to the trusted service, which acts as a Relying Party. The CoCo project implements an attestation-agent as the Attester for Kubernetes pods. The Attester needs to obtain secrets from the Relying Party to decrypt or verify the container images that compose the pod. The Attester can also be used to obtain secrets for the workload deployed in the pod.

A Key Broker Service (KBS) is a trusted service that acts as a Relying Party for the Attester. It verifies the Evidence with the help of an Attestation Service, which compares it against reference values and policies. If the verification is successful, it retrieves secrets from a Key Management Service and sends them back to the Attester. The KBS ensures that only trustworthy Attesters can access the secrets and run the pod workload. The CoCo project provides a KBS implementation.

Please refer to my earlier blog for more details on the attestation process.

How CNCF CoCo Project can help ?

The CoCo project’s goal is to establish a standard for confidential computing within the Kubernetes pod layer. It achieves this by utilizing trusted execution environments (TEEs) to safeguard containers and data. With CoCo, using confidential computing in Kubernetes becomes more accessible.

Here are a few benefits of utilizing the CoCo project for your confidential containers usage:

1. Simplified Deployment: The CoCo project provides a Kubernetes operator, allowing one to quickly set up a confidential containers environment on a Kubernetes cluster. This eliminates the need for complex manual configurations and empowers the users to focus on their applications rather than the underlying infrastructure.
2. Enhanced Security: Organisations can confidently deploy sensitive workloads, knowing they are well-protected within the TEEs. Using TEEs for Kubernetes workloads provides additional protection in your defence-in-depth strategy.
3. Streamlined Workflows: With the CoCo project, you can seamlessly integrate confidential computing into your existing DevOps workflows and toolchains. You continue using the familiar Kubernetes workflows to deploy container workloads leveraging confidential computing capabilities.
4. Active Community: Being a CNCF project, CoCo benefits from the active and vibrant cloud-native community. Users and developers participate in weekly meetings, contribute code, report issues, and collaborate on the evolution of the project. This active community involvement ensures the continuous improvement and maintenance of the standardised confidential computing solution.

Conclusion

Standardisation of confidential computing at the Kubernetes pod layer brings numerous benefits, including interoperability, ease of deployment, enhanced security, and community collaboration.

The Cloud Native Computing Foundation’s Confidential Containers (CoCo) project aims to simplify the consumption of confidential computing in Kubernetes by providing a standardised and familiar framework. The CoCo project is poised to significantly impact confidential computing, as it enables organisations to securely execute sensitive workloads and harness the capabilities of confidential computing, even without extensive knowledge of the underlying technologies.

By embracing standardisation, the industry moves closer towards a future where confidential computing becomes a widely accepted practice, enabling newer workloads and ensuring the secure processing and protection of sensitive data.

Please consider joining the community and contribute to the development of confidential computing for container workloads. You can attend our weekly meetings. Additionally, you can join the #confidential-containers channel on Slack for discussions.