Current Kubernetes security models rely on pre-fail controls like detection agents and scanners that assume breaches can be prevented or caught early — but this approach has a fundamental flaw: all containers on a node share a single Linux kernel. A single kernel exploit compromises every workload and blinds every monitoring tool simultaneously. Drawing a parallel to how SRE and Kubernetes handle reliability by designing for failure rather than preventing it, the argument is made that security needs the same architectural shift. Instead of relying on policies as the last line of defense, workloads should run in structurally isolated kernel instances so that a compromise is contained to one failure domain. The AI industry independently arrived at this same conclusion when building autonomous agent sandboxes — containment-first architecture where policy failures can't cascade beyond a sandbox boundary.
Table of contents
Dashboards of doomThe design questionThe Kubernetes ironyThe structural fixThe AI agents proofThe shift1 Comment
Sort: