A Secure Supply Chain for Kubernetes
The beta release of the Docker Enterprise Edition (Docker EE) container platform last month integrates Kubernetes orchestration, running alongside Swarm, to provide a single container platform that supports both legacy and new applications running on-premises or in the cloud. For organizations that are exploring Kubernetes or deploying it in production, Docker EE offers integrated security for the entire lifecycle of a containerized application, providing an additional layer of security before the workload is deployed by Kubernetes and continuing to secure the application while it is running.
Mike Coleman previously discussed access controls for Kubernetes. This week we’ll begin discussing how Docker EE secures the Kubernetes supply chain.
What is a Software Supply Chain?
When you purchase something from a retail store, there is an entire supply chain that gets the product from raw materials to the manufacturer to you. Similarly, there is a software supply chain that takes an application from code on a developer’s laptop to production.
Every company’s software supply chain may be slightly different; some outsource software development, some have adopted Continuous Integration and Continuous Delivery processes, and some deploy production applications across multiple clouds, some on-premises. Regardless of what the software supply chain consists of, Docker EE provides a set of solutions that integrates with your workflows while ensuring that applications remain secure, trusted and safe through all of these steps using both Kubernetes and Swarm.
In this week’s blog, we’ll take a closer look at one part of this solution – image scanning and policy-based image promotions.
Read the entire article here, A Secure Supply Chain for Kubernetes
Via the fine folks at Docker.