Discover Cloud Security News
Microsoft Makes Azure Kubernetes Service Secure To Run Multi-Tenant Workloads
Last week Microsoft launched a new feature that lets customers run modern applications on Azure Kubernetes Service (AKS) in an isolated and secure form. Initially announced at the last KubeCon, the feature is currently available in public preview.
Kubernetes has become the gold standard for running modern applications in the cloud. However, one of the key challenges is the lack of multi-tenancy features, making it hard for SaaS applications and enterprise workloads requiring strict isolation. Infrastructure architectures recommend deploying Kubernetes applications in dedicated namespaces and applying role-based access control to add a layer of security. But this approach becomes complex and turns into an administrative nightmare. The other option is to provision a dedicated cluster per workload is not a cost-effective solution.
Modern applications designed as microservices and packaged as containers share the same underlying operating system. Technically, each container maps to an operating system process on the host with almost no strict isolation between containers belonging to different workloads. One mechanism is to run one container per host, but it is not technically and financially viable to run one container per host - physical or virtual.