• Privacy Policy
Tuesday, March 21, 2023
Data Centre & Network News
ADVERTISEMENT
  • Data Centres
  • Networking
  • Infrastructure
  • Data
  • Media Kit
  • Events
  • SUBSCRIBE
  • Contact
No Result
View All Result
  • Data Centres
  • Networking
  • Infrastructure
  • Data
  • Media Kit
  • Events
  • SUBSCRIBE
  • Contact
No Result
View All Result
Data Centre & Network News
No Result
View All Result

Trousseau Open Source Project Software made available to add security in Kubernetes

Beatrice by Beatrice
February 9, 2022
in Security
7 0
0
Share on FacebookShare on Twitter

Today, managing secrets to protect access to sensitive data in Kubernetes is complicated. It adds lots of components which is troublesome for security professionals. As a result, this security layer in Kubernetes is not optimal.

This changes with Trousseau’s open source project software, available today. Secrets management can now be added to Kubernetes along with support for any key management encryption, starting with HashiCorp Vault. The Trousseau open source software is available here on GitHub.

Romuald Vandepoel, principal cloud architect with Ondat and the project lead for Trousseau, says, “There have been previous projects that attempted to solve this problem, but they required adding lots of components. Naturally, security teams didn’t like that approach because it introduced additional complexity making security more difficult. Secrets management has always been one of the most difficult issues in Kubernetes and Trousseau Vault integration provides the long-sought answer to that problem.“

Trousseau uses Kubernetes etcd to store API object definitions and states. The Kubernetes secrets are shipped into the etcd key-value store database using an in-flight envelope encryption scheme with a remote transit key saved in a KMS. Secrets protected and encrypted with Trousseau and its native Kubernetes integration can connect with a key management system to secure database credentials, a configuration file or TLS (Transport Layer Security) certificate that contains critical information and is easily accessible by an application using the standard Kubernetes API primitives.

“We’re realising two big benefits of Trousseau – first, simplicity as a plugin with the existing KMS, HashiCorp Vault, and second, integrating with GitOps workflows using the native Kubernetes API,” says Bill Wong, CEO, SunnyVision Limited. “It’s provided us with the added security we need without disruption.”

With Trousseau, any user/workload can leverage the native Kubernetes way to store and access secrets in a safe way by plugging into any KMS provider, like Hashicorp Vault (Community and Enterprise editions), using the Kubernetes KMS provider framework. No additional changes or new skills are required. It’s also possible to transition among Kubernetes platforms using the consistent Kubernetes API.

Trousseau is currently being rolled out in a production customer implementation on Suse  Rancher Kubernetes Engine 2 leveraging Ondat as the data management platform, along with Hashicorp Vault. 

“This lack of a standardised approach to secrets management in Kubernetes has been a real detriment to security, and the complexity has been an impediment to adoption in certain cases,” comments Asvin Ramesh, senior director, technology alliance, Hashicorp. “We’re excited to support the Trousseau Vault open-source initiative which tackles this problem by delivering a new level of simplicity for Kubernetes users, along with better security protection.”

Tags: CloudKubernetesproductprojectprotectionSecuritysolution
Share3Tweet2Share

Related Posts

New security platform to fight AI-based cyber attacks

New security platform to fight AI-based cyber attacks

March 16, 2023
78
Jane Frankland takes up advisory role at e2e-assure

Jane Frankland takes up advisory role at e2e-assure

March 10, 2023
44
New group formed to overcome attacks against data centres

New group formed to overcome attacks against data centres

March 10, 2023
70
Neterra stopped nearly 500,000 DDoS attacks in 2022

Neterra stopped nearly 500,000 DDoS attacks in 2022

March 6, 2023
34
Is your business compliant with data sovereignty requirements?

Is your business compliant with data sovereignty requirements?

March 3, 2023
56
Colt launches VMware Cloud Web Security and Secure Access

Colt launches VMware Cloud Web Security and Secure Access

February 23, 2023
53
Next Post
Kong releases even faster cloud native API Management Platform

Kong releases even faster cloud native API Management Platform

Zumtobel and Thorn Lighting set to exhibit at Data Centre World 2022

Zumtobel and Thorn Lighting set to exhibit at Data Centre World 2022

ADVERTISEMENT
nLighten signs Letter of Intent with City of Eschborn
Data Centres

nLighten signs Letter of Intent with City of Eschborn

March 21, 2023
32
Datum Datacentres wins Megabuyte award
News

Datum Datacentres wins Megabuyte award

March 21, 2023
32

Head office & Accounts:
Suite 14, 6-8 Revenge Road, Lordswood
Kent ME5 8UD
T: +44 (0)1634 673163
F: +44 (0)1634 673173

Data Centres

nLighten signs Letter of Intent with City of Eschborn

March 21, 2023
32
News

Datum Datacentres wins Megabuyte award

March 21, 2023
32
  • Privacy Policy

© 2023 All Things Media Ltd.

No Result
View All Result
  • Data Centres
  • Networking
  • Infrastructure
  • Data
  • Media Kit
  • Events
  • SUBSCRIBE
  • Contact

© 2023 All Things Media Ltd.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Cleantalk Pixel
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.