Protecting workloads in Kubernetes

Aspects of the invention include obtaining, via a processor, an original docker image from a customer, encrypting a disk image using content from the original docker image and encrypting a bootloader. A re-packaged image is created using the encrypted disk image and the secure encrypted bootloader....

Full description

Saved in:
Bibliographic Details
Main Authors Herrendoerfer, Dirk, Nunez Mencias, Angel, Polepalli Yeshwanth, Preethi, Morjan, Peter
Format Patent
LanguageEnglish
Published 16.11.2021
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC DIGITAL DATA PROCESSING
PHYSICS
Online AccessGet full text

Cover

More Information
Summary:Aspects of the invention include obtaining, via a processor, an original docker image from a customer, encrypting a disk image using content from the original docker image and encrypting a bootloader. A re-packaged image is created using the encrypted disk image and the secure encrypted bootloader. The re-packaged image is deployed by inserting the re-package image into a pod container and by means of using a mutating webhook, granting elevated privileges to said container and creating a secured Kubernetes pod for protecting workloads, wherein the secured Kubernetes pod has at least one virtual machine containing the pod container.
Bibliography:Application Number: US201916587256