Permitting agility whilst enforcing security – a story of making Docker a win-win proposition
At Yelp we built PaaSTA – our own platform as a service – on top of Mesos, Marathon and Chronos. It runs our microservices in Docker containers on autoscaling clusters according to resource specification, and has helped us move from running hundreds of specialized servers to heterogenous Mesos agents. The move to a service oriented architecture has also seen us move the operational ownership of individual services away from the operations team to service authors.
But now that we have containerisation and developers have more flexibility how do we ensure that an engineer is not inadvertently introducing a security hole in a service? This is where the new security-check in our build pipelines comes in.
This talk will introduce the PaaSTA security-check: a suite of security tests which is run each time a service is built, including checks for Docker best practices, known vulnerabilities and whether the latest versions of the packages are installed. Upon completion, service owners are notified of any test failures, creating an unobtrusive way of keeping our services secure while making the developers aware and responsible for the security of their services. Not only does this integrate around the original development workflow for services in our PaaS with minimal disruption, but the basic pattern can be applied to any Docker image. It means it can be applied by anyone who is able to run containers, from the comfort of their desk.
We will also look in closer depth at how we implemented the tests in a cross-platform manner, how we integrated them seamlessly into our build pipelines and how we leveraged PaaSTA’s Sensu alerting integration to notify developers to help them keep Yelp’s microservices secure.