Security in Docker Swarm: orchestration service for distributed software systems

Abstract

With a constantly increasingly number of services in modern software systems (SOA and micro services), managing such service infrastructure becomes a challenge. Docker Swarm is a popular service orchestration solution that addressed this issue. This makes it a target for attacks, as the orchestrator is entrusted with critical information for a system. This thesis investigates the security of Docker Swarm and the underlying technologies used for providing a secure orchestration service. Despite the increasing popularity of Docker Swarm, the security properties of it are poorly understood. The security mechanisms that underpin Docker Swarm are not well documented if at all described. The custom protocols used in Docker Swarm for joining a swarm and rotating manager keys lack public security evaluation. This thesis aims to improve our understanding of the high-level security features of Docker Swarm by exploring several attack vectors that are likely to be pursued by a real-world attacker, such as MITM and DoS attacks. Results of investigation show that Docker Swarm provides a secure platform for service orchestration, as it is resilient towards selected high level attacks and follows best security practices.