How should I run a secure swarm in production?

bluepuma77 · July 9, 2024, 6:17am

First thing is to understand your attack vectors. How could you be hacked?

We use VMs and dedicated servers, they are in a VLAN at a hoster, with an “external” firewall.

Personally I feel there are a lot of bigger risks: what happens if your reverse proxy has a bug and an attacker can take over the container. Does the container run with a restricted user? Is it up to date?

Is the Docker Socket mounted into the container, is it only readable (:ro won’t do!), is access limited? Is a docker-socket-proxy used? Then it’s another attackable component, is the source, code and build pipeline trustworthy?

What about the application? Can a attacker take over the container? Restricted user? Is the user auth working? Is the code correct? Can an attacker see more through additional parameters passed?

In general I think that the Docker ports are pretty secure, not sure if fail2ban is supported, but there are a lot of other risks.

Check this post for further reading.

Topic		Replies	Views
Understanding swarm secrets and rootless mode General security , swarm	9	584	July 6, 2024
Restrict exposed ports to worker nodes only? Swarm	1	1933	December 25, 2018
Docker swarm overlay network encryption & verification Swarm security , swarm	1	2799	March 21, 2022
Docker swarm: Deploy container only to worker nodes / Service only reachable from manager General	6	15248	July 21, 2019
Security docker and ufw setup - Vserver General	4	2427	December 5, 2022

How should I run a secure swarm in production?

Related topics