research-article

Public Access

Suture: Stitching Safety onto Kubernetes Operators

Authors:
Akshat Mahajan

Brown University

Brown University
View Profile

,
Theophilus A. Benson

Brown University

Brown University
View Profile

Authors Info & Claims

CoNEXT'20: Proceedings of the Student WorkshopDecember 2020Pages 19–20https://doi.org/10.1145/3426746.3434055

Published:11 December 2020Publication History

CoNEXT'20: Proceedings of the Student Workshop

Pages 19–20

ABSTRACT

Kubernetes operators allow custom automation for applications to be packaged with the application in a cluster-agnostic manner. This unique property eliminates the need for inhouse operational expertise with the application --- such domain knowledge, encoded once, can be distributed to any environment --- but requires trusting the operator to run arbitrary actions across an entire cluster. Little is known about the security or reliability implications of this paradigm. We present results from a survey of 54 Kubernetes developers and an analysis of 215 feature requests against 19 operator repositories demonstrating the ways users have experienced nontrivial safety issues with operators. We further propose the development of Suture, an access-control mechanism that seeks to prevent the majority of these safety issues with operators.

References

Red Hat Inc. 2020. OperatorHub. (2020). https://operatorhub.io/Google Scholar
Kubernetes. 2020. Authorization Overview. (2020). https://kubernetes.io/docs/reference/access-authn-authz/authorization/Google Scholar
Kubernetes. 2020. Using RBAC Authorization. (2020). https://kubernetes.io/docs/reference/access-authn-authz/rbac/Google Scholar
Brandon Philips. 2016. Introducing Operators: Putting Operational Knowledge Into Software | Coreos. (2016). https://coreos.com/blog/introducing-operators.htmlGoogle Scholar

Recommendations

The induced generalized OWA operator

We present the induced generalized ordered weighted averaging (IGOWA) operator. It is a new aggregation operator that generalizes the OWA operator, including the main characteristics of both the generalized OWA and the induced OWA operator. This ...
Read More
Constructing Choquet integral-based operators that generalize weighted means and OWA operators

A new class of aggregation operators is proposed to generalize weighted means and OWA operators.SUOWA operators are defined by using Choquet integral.These operators are continuous, monotonic, idempotent, compensative and homogeneous of degree 1 ...
Read More
Distributivity between semi-t-operators and Mayor's aggregation operators

The problem of distributivity was first posed over forty years ago and it has been investigated for families of certain operations such as t-norms, t-conorms, uninorms, and nullnorms. In this paper, we investigate this topic further by focusing on Mayor'...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in

CoNEXT'20: Proceedings of the Student Workshop
December 2020
35 pages
ISBN:9781450381833
DOI:10.1145/3426746

Copyright © 2020 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 11 December 2020
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- research-article
- Research
- Refereed limited
Conference

Acceptance Rates
Overall Acceptance Rate198of789submissions,25%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 0
  Total Citations
  View Citations
- 160
  Total Downloads
- Downloads (Last 12 months)29
- Downloads (Last 6 weeks)0
Other Metrics
View Author Metrics
Cited By
This publication has not been cited yet

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Suture: Stitching Safety onto Kubernetes Operators

CoNEXT'20: Proceedings of the Student Workshop

ABSTRACT

References

Cited By

Recommendations

The induced generalized OWA operator

Constructing Choquet integral-based operators that generalize weighted means and OWA operators

Distributivity between semi-t-operators and Mayor's aggregation operators

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

Suture: Stitching Safety onto Kubernetes Operators

CoNEXT'20: Proceedings of the Student Workshop

ABSTRACT

References

Cited By

Recommendations

The induced generalized OWA operator

Constructing Choquet integral-based operators that generalize weighted means and OWA operators

Distributivity between semi-t-operators and Mayor's aggregation operators

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media