Best Practices for Tenant Isolation in a Virtualized Environment with VMWare, Kubernetes Containers,

Tenant Isolation in a Virtual Environment with VMWare and Kubernetes Containers

You are the security architect for a cloud service provider offering an ERP system. You are responsible for ensuring tenant isolation across the environment. Include diagrams and explain how to best provide tenant isolation in a virtualized environment assuming use of VMWare with Kubernetes containers and NXT (GENEVE routing overlay protocol). Two competitors will be hosted on the same infrastructure and it would be detrimental to the business if any information leaked between the two.

Tenant isolation will incorporated in a virtual environment with the help of an effective cloud computing service like VMware. Diverse categories of SaaS deployment models has to be considered while ensuring tenant isolation. An isolation strategy has to be created before making all the changes in the virtual environment (VMware & Calculator, 2018). The use of VMWare with Kubernetes container is very much significant to improve the network service of the environment and efficient storage.  The use of the GENEVE routing overlay protocol will be very much significant for the virtual environment to encapsulate the data packets.  The scalability of the data which will be transmitted to and from the ERP system will be enhanced in the first place using the kubernetes containers. There will not have any delay in communication due to the use of this protocol. The chances of information leakage will also reduce due to the use of the VMware (Netto et al., 2017). Thus, it can be said that the transparency shall be maintained among the two competitors which will be hosted on the same infrastructure. At the same time, it can also be said that reduction of the data leakage is one of the other major contribution of VMWare which will be containing the Kubernetes containers and NXT, the incorporation of the GENEVE routing overlay protocol shall also ensure the security of the data packets coming inside or going outside an ERP system. The following pictorial illustration will be very much useful to understand the process to provide tenant isolation in a virtual environment.

Figure 1: Tenant isolation in a virtual environment

References

Netto, H. V., Lung, L. C., Correia, M., Luiz, A. F., & de Souza, L. M. S. (2017). State machine replication in containers managed by Kubernetes. Journal of Systems Architecture, 73, 53-59.

VMware, I., & Calculator, R. O. I. (2018). VMware.