Analyzing Microservice Connectivity with Kubesonde

Jacopo Bufalino*, Mario Di Francesco, Tuomas Aura

*Tämän työn vastaava kirjoittaja

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference article in proceedingsScientificvertaisarvioitu

35 Lataukset (Pure)

Abstrakti

Modern cloud-based applications are composed of several microservices that interact over a network. They are complex distributed systems, to the point that developers may not even be aware of how microservices connect to each other and to the Internet. As a consequence, the security of these applications can be greatly compromised. This work explicitly targets this context by providing a methodology to assess microservice connectivity, a software tool that implements it, and findings from analyzing real cloud applications. Specifically, it introduces Kubesonde, a cloud-native software that instruments live applications running on a Kubernetes cluster to analyze microservice connectivity, with minimal impact on performance. An assessment of microservices in 200 popular cloud applications with Kubesonde revealed significant issues in terms of network isolation: more than 60% of them had discrepancies between their declared and actual connectivity, and none restricted outbound connections towards the Internet. Our analysis shows that Kubesonde offers valuable insights on the connectivity between microservices, beyond what is possible with existing tools.
AlkuperäiskieliEnglanti
OtsikkoESEC/FSE 2023: Proceedings of the 31st ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering
ToimittajatSatish Chandra, Kelly Blincoe, Paolo Tonella
JulkaisupaikkaNew York
KustantajaACM
Sivut2038–2043
Sivumäärä6
ISBN (elektroninen)979-8-4007-0327-0
DOI - pysyväislinkit
TilaJulkaistu - 30 marrask. 2023
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisussa
TapahtumaACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering - San Francisco, Yhdysvallat
Kesto: 3 jouluk. 20238 jouluk. 2023
Konferenssinumero: 31

Conference

ConferenceACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering
LyhennettäESEC/FSE
Maa/AlueYhdysvallat
KaupunkiSan Francisco
Ajanjakso03/12/202308/12/2023

Sormenjälki

Sukella tutkimusaiheisiin 'Analyzing Microservice Connectivity with Kubesonde'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä