How do I restrict custom image replacement in K3s containerd

[ashok-mariyala]

I am using K3s cluster to run my application. My application is having 3 docker images which are pulling from my private repository. There is a possibility to hack my cluster and inject some malicious code and then replace my docker images in containerd using
k3s ctr i pull <docker image name>:<docker image version and retag with k3s ctr i tag command
with same docker images names. Here K3s will assume, image is already present in cluster and hence not pulling images from my private repository as my ImagePullPolicy is PullIfNotPresent.
Is there any way to restrict my application should run with my private repository images only.

[brandond]

k3s ctr i pull <docker image name>:<docker image version>

That's not the 'image version', that part of the image spec is referred to as the tag.

If you care about the integrity of your images, you should use image references that specify the digest instead of the tag, or combine both tag and digest:

docker.io/library/busybox@sha256:9e2bbca079387d7965c3a9cee6d0c53f4f4e63ff7637877a83c4c05f2a666112
docker.io/library/busybox:1.36.0@sha256:9e2bbca079387d7965c3a9cee6d0c53f4f4e63ff7637877a83c4c05f2a666112

This isn't really a k3s question though.

[ashok-mariyala]

Hi @brandond thanks for your response. My Query is How do I restrict custom image replacement in K3s containerd. My deployment should run with my docker image only. If we specify the image digest in kubernetes deployment then attackers may change the digest value also.

[brandond]

Any change to the image will change the digest. That is how cryptographic hashes work. You know what a sha256 digest is, right?

If an attacker can change the target image digest in your pod spec without you noticing, then you have problems that cannot be solved at this layer. I suggest you revisit your threat model and figure out what problem you're trying to solve.