Skip to content

Commit 3b370a7

Browse files
mburke5678mburke5678
authored
Merge pull request #71867 from mburke5678/winc-define-hostile
Perhaps this term should be defined further to help people determine if it applies to them?
2 parents 6fd139c + aef0d76 commit 3b370a7

File tree

1 file changed

+3
-1
lines changed

1 file changed

+3
-1
lines changed

windows_containers/understanding-windows-container-workloads.adoc

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,9 @@ toc::[]
1010

1111
[NOTE]
1212
====
13-
Multi-tenancy for clusters that have Windows nodes is not supported. Hostile multi-tenant usage introduces security concerns in all Kubernetes environments. Additional security features like link:https://kubernetes.io/docs/concepts/policy/pod-security-policy/[pod security policies], or more fine-grained role-based access control (RBAC) for nodes, make exploits more difficult. However, if you choose to run hostile multi-tenant workloads, a hypervisor is the only security option you should use. The security domain for Kubernetes encompasses the entire cluster, not an individual node. For these types of hostile multi-tenant workloads, you should use physically isolated clusters.
13+
Multi-tenancy for clusters that have Windows nodes is not supported. Clusters are considered _multi-tenant_ when multiple workloads operate on shared infrastructure and resources. If one or more workloads running on an infrastructure cannot be trusted, the multi-tenant environment is considered _hostile_.
14+
15+
Hostile multi-tenant clusters introduce security concerns in all Kubernetes environments. Additional security features like link:https://kubernetes.io/docs/concepts/policy/pod-security-policy/[pod security policies], or more fine-grained role-based access control (RBAC) for nodes, make exploiting your environment more difficult. However, if you choose to run hostile multi-tenant workloads, a hypervisor is the only security option you should use. The security domain for Kubernetes encompasses the entire cluster, not an individual node. For these types of hostile multi-tenant workloads, you should use physically isolated clusters.
1416
1517
Windows Server Containers provide resource isolation using a shared kernel but are not intended to be used in hostile multitenancy scenarios. Scenarios that involve hostile multitenancy should use Hyper-V Isolated Containers to strongly isolate tenants.
1618
====

0 commit comments

Comments
 (0)