How to verify the integrity of notary components during install

[spotlesscoder]

I'm trying out notary but I'm not sure what steps I would have to take when setting up a notary instance for production. Simply cloning a Git repo from GitHub and running a docker-compuse up does not seem very secure.

What would be the easiest while secure method to verify the integrity of all components during setup?

[patoarvizu]

Are you running containers in production (Kubernetes, ECS, pure Docker, etc.)? If so, you can deploy it using the official images. The images are obviously Notary-signed and you can verify them with notary list docker.io/library/notary.

If you're trying things out locally first, you can run the docker-compose instructions in this repo, or if you're more familiar with Kubernetes/Helm, I'm working on a chart in a fork as well.

[spotlesscoder]

But to run a trusted Kubernetes environment on-prem, wouldn't I need to run trusted docker images first which I would need notary for? Seems like a chicken and egg problem.

[patoarvizu]

If you were to run on ECS (the Fargate flavor, not EC2), you can run your Notary containers without having to bootstrap other components first. Other clouds have similar services (I'm just not sure of the names right now). But it sounds like that's not your situation right now.

If you run Kubernetes, whether managed (EKS, GKE, AKS, etc.) or hosted (on-prem or on-cloud), there are some components that will have to be bootstrapped first (kubelet, kube-proxy, etc.), and the trust of those depends on the distribution channel, but in general that's outside of the trust model of Notary. They're not necessarily the root of trust, but they are one of the "turtles" towards the bottom. After all, you're already trusting the underlying hardware, whether you're running directly on top of it, or if there are several layers of virtualization on top of it.

When you spin up a cluster from scratch, you have to inherently trust the components you're installing, and the definition of trust is up to you, e.g. if downloading the binaries from https://github.com/kubernetes/kubernetes/releases and matching the sha512 is good enough for you then good, but if you want each individual binary signed with the Kubernetes' organization GPG key and you have a way to get it, then that's your starting point.

Now, if the adoption of Notary (or any implementation of TUF) gets more widespread traction, then we can start talking about verifying these components via Notary ;)

I hope I answered your question, and open to hear other people's opinions.

[spotlesscoder]

Thanks, that explained a lot for me.

• What does the phrase "they are one of the "turtles" towards the bottom" mean?
• Which other implementations of TUF are you aware about?

Kubernetes is out of scope for the PoC I want to build. I just want to set up some standalone Linux machines and a private registry where only signed images can be started by the Docker daemon.

[patoarvizu]

Ah, the turtle comment comes from the expression of "Turtles all the way down", which in turn comes from the mythology that the world is supported by a turtle, but then that turtle is supported by a larger turtle, and that one supported by another turtle, and so on. The analogy being that each turtle is a layer of trust, e.g. your software is the world, and the first turtle is your platform, then the next turtle the distribution channel for that platform, then the hardware, etc. Does that make sense?

I'm not aware of other implementations of TUF, what I meant to say is that with TUF being a spec, and Notary being the first (or reference) implementation, it's feasible that some other implementation can come along and get more adoption. Keep in mind that Notary is an "opinionated" implementation and other alternatives might address the goals in a different way. I didn't mean to imply that Notary is bad, if it stays as the only implementation and that works forever, that would be great. I just wanted to generalize my comment.

That said, I recently heard about vcn, which is not a TUF implementation, but operates in the same space as Notary. I haven't used it yet, so I can't comment on how it compares to Notary.

And yeah, it was my impression that Kubernetes was outside of your scope, I was just using it to illustrate where the boundaries of trust and Notary's scope were. You should be able to deploy Notary on VMs or on-prem hardware, without requiring Kubernetes.