Managed Kubernetes offerings deliver a great set of features [autoscaling, loadbalancing, introspection, backups, automatic updates]. Applying the Confidential Computing concept to entire Kubernetes clusters ensures always-encrypted data and eliminates the service provider's access but also contradicts the managed approach. Fully isolated and self-managed clusters provide maximum control and privacy but do not offer smart features out of the box. This results in a tradeoff between ease of use and security. We present a Kubernetes-native approach, allowing a cluster to manage itself while offering many features known from fully managed alternatives.
The solution comes in the form of open-source microservices that provide secure and autonomous joining of new nodes, autoscaling, failsafe node OS updates, and even Kubernetes upgrades.
The talk covers microservice design patterns that give control back to the Kubernetes administrator.
Additionally, we explain how remote attestation can help our system to verify each software component of a Kubernetes node during the bootstrapping process, adding that extra level of security to an autonomous architecture.
Finally, we explain how you can securely automate the Kubernetes node lifecycle: How nodes can prove their integrity and can join Kubernetes clusters autonomously without relying on a trusted third party to mediate the process.