You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Once we have signed image support in kata-containers, we should get it working in peer pods and add some testing in peer pods to check it works correctly
One complication is that we need to ensure that enable_signature_verification=true and image_policy_file=kbs:///default/security-policy/test in the agent config. At the moment I don't think we have an easy way to set dynamic data into agent-config.toml. There a few possible options I can think of:
Follow the aa_kbc_params approach and add these configuration to peer-pod-cm and then read them in as parameters on the CAA - this feels a bit messy and not very scalable
Follow a similar approach to auth.json and mount a new file with the dynamic data?
Something better than the above
I guess we also want these parameters to be part of the measurement, so that an admin couldn't just turn it off, which probably narrows our options too.
Update - I chatted to Ding about option 2 and it's in progress confidential-containers/guest-components#608 at the moment, so I guess we could either wait for it, or potentially start with a temporary strategy for passing the info into peer pods, and then switch to using CDH via init data after?
Acceptance Criteria
We have more test cases on Kata for different negative and positive test scenarios, but I think a basic positive and negative test on peer pods should be sufficient
Given I have a version of kata deployed with a peer pod image that has an agent with guest_pull feature enabled and the attestation-agent installed, as well as the and nydus-snapshotter installed and configured for guest-pulling And a kbs deployed, which we can interact with via the kbs-client-cli And I have setting enable_signature_verification=true and image_policy_file=kbs:///default/security-policy/test via the agent config somehow
Scenario: Create a pod from an unsigned image, on a 'restricted registry' is rejected Given A public unsigned container image i from registry r and a KBS resources, or agent config configured to read a policy file like:
When I try and create a pod from i Then The pod is not created an we get an appropriate error message in the logs e.g. Validate image failed
Scenario: Create a pod from a signed image, on a 'restricted registry' is successful Given A public signed container image s signed with a key k from registry r and a KBS resources or agent config configured to read a policy file like:
stevenhorsman
changed the title
Add signed image verification support for peer pods
WIP: Add signed image verification support for peer pods
Aug 12, 2024
I'm trying to understand where we are with this feature. Mind to help me with some clarifications?
The confidential-containers/guest-components#608 was merged so I assume we chose the solution (2) (Wait for https://github.com/kata-containers/kata-containers/issues/9266 to be implemented and potentially add these setting to the cdh.toml in initdata annotation). On guest-components side, pull_image() is part of CDH's API and CDH's configuration toml has a [image] section to hold image pull specific configurations (see example.config.toml) for authenticated registries, container policy (signature verification)...etc.
On guest-components side, is there anything else needed?
Guest-components side is ok for now as you mentioned. Different kinds of images (authed registry, encrypted image, signed image) are test each PR with code here.
Once we have signed image support in kata-containers, we should get it working in peer pods and add some testing in peer pods to check it works correctly
One complication is that we need to ensure that
enable_signature_verification=true
andimage_policy_file=kbs:///default/security-policy/test
in the agent config. At the moment I don't think we have an easy way to set dynamic data into agent-config.toml. There a few possible options I can think of:I guess we also want these parameters to be part of the measurement, so that an admin couldn't just turn it off, which probably narrows our options too.
Update - I chatted to Ding about option 2 and it's in progress confidential-containers/guest-components#608 at the moment, so I guess we could either wait for it, or potentially start with a temporary strategy for passing the info into peer pods, and then switch to using CDH via init data after?
Acceptance Criteria
We have more test cases on Kata for different negative and positive test scenarios, but I think a basic positive and negative test on peer pods should be sufficient
Given I have a version of kata deployed with a peer pod image that has an agent with guest_pull feature enabled and the attestation-agent installed, as well as the and nydus-snapshotter installed and configured for guest-pulling
And a kbs deployed, which we can interact with via the kbs-client-cli
And I have setting
enable_signature_verification=true
andimage_policy_file=kbs:///default/security-policy/test
via the agent config somehowScenario: Create a pod from an unsigned image, on a 'restricted registry' is rejected
Given A public unsigned container image i from registry r and a KBS resources, or agent config configured to read a policy file like:
When I try and create a pod from i
Then The pod is not created an we get an appropriate error message in the logs e.g.
Validate image failed
Scenario: Create a pod from a signed image, on a 'restricted registry' is successful
Given A public signed container image s signed with a key k from registry r and a KBS resources or agent config configured to read a policy file like:
And the public gpg key is provide in the KBS resource like:
When I try and create a pod from i
Then The pod is successfully created and runs
The text was updated successfully, but these errors were encountered: