Rancher 2.0 - compromised cluster and impact on other clusters

Samuel_BOHN · July 27, 2018, 12:15pm

I am setting up a CI/CD pipeline with gitlab at the moment.
Let’s say I would make 2 clusters called :

production
test
The 2 clusters are running on seperate hosts, they don’t share any host.
I would run test and build of containers image on my cluster tests, thus I would need to expose /var/run/docker.sock in my build containers/pods to access the docker command.
If somebody manage to compromise my test cluster, will rancher be safe or compromised ? will my separate production cluster be safe or compromised ?
Thank you for your input

damlub · February 4, 2019, 9:37am

Hi! Have you found out by now?
This can depend on the way, how you installed Rancher. Does it run on its own cluster, on your TEST, or PRODUCTION cluster. In my personal opinion (no hard facts, not verified in any way!) anyone compromising the cluster which is running Rancher on it, can compromise Racher, too, and everything else.

Topic		Replies	Views
New to Rancher, quick question Rancher 2.x	1	336	August 10, 2022
Quick questions from a newcomer Rancher 2.x	0	379	June 30, 2020
GitLab agent in Rancher?	0	676	April 27, 2022
Could rancher be private harbor proxy Rancher 2.x	0	298	August 30, 2022
How to deploy from gitlab ci/cd via rancher? Rancher 2.x	0	1922	March 2, 2021

Rancher 2.0 - compromised cluster and impact on other clusters

Related Topics