This article is more than 1 year old
Microsoft brings K8s Security Center out of preview, replaces CoreOS Container Linux with Flatcar
Azure security dashboard now covers Kubernetes service - at a price
Microsoft's integration of Azure Kubernetes Service (AKS) with Security Center is now out of preview. In addition, the company has added Flatcar Linux to the Azure marketplace to replace CoreOS Container Linux, which goes end of life in May.
The Azure Security Center is a dashboard which inspects your various services and makes automated recommendations. It uses the concept of "Secure Score" in a similar manner to the Microsoft Secure Score in Office 365 and Microsoft 365, assigning points based on the policies and practices it detects. Security Center is free, but implementing some recommendations involves further cost, and there is also a paid-for upgrade to Security Center Standard.
The Security Center features a mix of preview and generally available features, something which customers of Microsoft's cloud will be well used to. One thing which is now out of preview is support for Azure Kubernetes Service (AKS) – though to use this you will need the Standard version.
Customers using this integration are promised monitoring of clusters and Docker configurations as well as detection of suspicious network or process events, both at the cluster level and on individual hosts. For example, if an SSH server (used for remote access) is running inside a container, this will generate a medium alert, on the grounds that while it may be intentional, it is also typical of a misconfigured or breached container. An example of a high alert would be detection of a container running cryptocurrency mining software.
What will it cost? A good question, since while Microsoft has removed the "Preview" designation from its documentation, the pricing page still says "Pricing displayed is preview price. Price will change at GA." For what it is worth, the current price is £0.001 per vCore per hour, for AKS integration with Security Center.
The snag with Security Center, pricing aside, is that, as with any automated service, it only knows its own rules, and may miss issues that are obvious to humans, or flag issues that upon investigation are not real problems. There is also an element of upsell in some recommendations.
Microsoft has also responded to the coming end of life of CoreOS Container Linux, popular for hosting containers. The company has added Flatcar Linux to the Azure Marketplace, Flatcar being a compatible fork of CoreOS. The company has also suggested that you migrate from CoreOS to Flatcar by running a script provided by Flatcar sponsor Kinvolk, which converts a host from CoreOS to Flatcar by changing the update server and forcing an update.
At times like this, you wonder whether the Azure folk may be looking with interest at what AWS is doing with Bottlerocket, a dedicated new Linux distro for hosting containers, managed by the cloud provider. ®