We started out using Debian for our base container images and had grown accustomed to only focusing on the security of "our" bits. No one today could question the exceptional importance of security, but honestly we were not ready for this line to move. For the first time, we have to worry about vulnerabilities in more external projects like glibc and bash. Now that containers bundle the application and operating system bits together, we're starting to see that line move. There was a clear line delimiting the attack surface we were responsible for protecting (our own code and the libraries we embedded into it), versus what operating system vendors were responsible for (everything else). Traditionally, the bits we shipped interfaced with lots of other bits shipped by operating system vendors. One challenge is the increased responsibility for security. Container SecurityĪs a software vendor, containers create some unique challenges. These are top of mind for us as we think about our future direction and will need careful consideration by customers pursuing their own deployments. ![]() Our mutual experience has identified a number of additional details and complexities involved in running Splunk on Kubernetes, including security, persistent storage, high availability and performance. Since then, many customers have expressed a desire to learn more about our thoughts and plans for containers, and especially running Splunk on Kubernetes. ![]() In October, we recognized their popularity by beginning to support single instance deployments of Splunk in containers. Our Splunk Enterprise and Universal Forwarder container images on DockerHub are pulled millions of times each month. Attending Red Hat Summit? Find Splunk at booth 314 - we’ll have shirts and swag, and will be showcasing demos and answering any questions you may have about this blog post.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |