Kubernetes security has "room for improvement"

The CNCF (Cloud Native Computing Foundation) has published the results of an "open source security audit" of the Kubernetes container orchestration framework. The actual results and reports are accessible in a public GitHub repository. Live testing Kubernetes environments were setup with Kops and Kubespray.

Overall the audit found 37 vulnerabilities ranging from "Informational Severity" to "High Severity". From the report: "The assessment team found configuration and deployment of Kubernetes to be non-trivial, with certain components having confusing default settings, missing operational controls, and implicitly designed security controls." In addition to the flaws in the design and implementation of the Kubernetes there's also "significant operational complexity" that may create additional security problems. The assessment team found "configuration and deployment of Kubernetes non-trivial, with certain components having confusing default settings, missing operational controls, and implicitly defined security controls."