I'm the Staff Engineer at Ant Group, the main contributor and developer of Kata community;
I'm also the Community Award winner of 2019;
in addition, I'm the member of infrastructure team of AntGroup.
Last year, we released Kata Containers 3.0. Meanwhile, we have updated the deployment in AntGroup to isolate the heterogeneous workloads.
However, given on the trend of Service Mesh and application runtime (such as dapr), the current Kata can’t deal with the evolved security challenges well.
Thinking of the service mesh scenarios, there are sidecars for the data plane processing in sandbox, thus Kata allows access to the control plane in sandbox. If there are any exploits in it, they may attack the control plane.
In short, service mesh break the security boundary of Kata and we should protect the infrastructure.
In the current release cycle, we are working on solve the above issue.
In this speech, we will illustrate the updated threat model in the mesh context, and some prototype designs that move the infrastructure sidecars out of the sandbox. initial PoC benchmark results will be given as well.