Azure Defender for container registries

And if you want to deploy an image to Docker instance and make it fault-tolerant, you would need to deploy it to every single of the Docker containers. This is where Kubernetes comes to play.
Kubernetes
Kubernetes (also known as k8s or “kube”) is an open source container orchestration platform that automates many of the manual processes involved in deploying, managing, and scaling containerized applications.
- Service discovery and load balancing Kubernetes can expose a container using the DNS name or using their own IP address. If traffic to a container is high, Kubernetes is able to load balance and distribute the network traffic so that the deployment is stable.
- Storage orchestration Kubernetes allows you to automatically mount a storage system of your choice, such as local storages, public cloud providers, and more.
- Automated rollouts and rollbacks You can describe the desired state for your deployed containers using Kubernetes, and it can change the actual state to the desired state at a controlled rate. For example, you can automate Kubernetes to create new containers for your deployment, remove existing containers and adopt all their resources to the new container.
- Automatic bin packing You provide Kubernetes with a cluster of nodes that it can use to run containerized tasks. You tell Kubernetes how much CPU and memory (RAM) each container needs. Kubernetes can fit containers onto your nodes to make the best use of your resources.
- Self-healing Kubernetes restarts containers that fail, replaces containers, kills containers that don't respond to your user-defined health check, and doesn't advertise them to clients until they are ready to serve.
- Secret and configuration management Kubernetes lets you store and manage sensitive information, such as passwords, OAuth tokens, and SSH keys. You can deploy and update secrets and application configuration without rebuilding your container images, and without exposing secrets in your stack configuration
So with Kubernetes you can automate the orchestration of the Docker images. All docker images are inside pool that are their own unit.
Azure Kubernetes Service
Back in 2017 Microsoft release AKS (Azure Kubernetes Service)
Azure Container Registry is a private registry service for building, storing, and managing container images and related artifacts. In this quickstart, you create an Azure container registry instance with the Azure portal. Then, use Docker commands to push a container image into the registry, and finally pull and run the image from your registry

So with AKS developer can keep images for container in the registry and put them to pipelines that do the compliance check and then push to image to the clusters that have example docker in them.
And for this reason there is Defender for container registries, to protect the images from any harm.
Defender for container registries
Here is nice picture that will tell what will happen when you enable the protection and thus the monitoring.

And there is also an Defender for Kubernetes instead of only registries, really depends on your configuration and needs.

Azure Defender for Kubernetes - the benefits and features
And with this one you can go even further with Azure ARC and on-premises deployments of Kubernetes.

Protect hybrid and multi-cloud Kubernetes deployments with Azure Defender for Kubernetes
Defender for Kubernetes is currently in Public Preview so it's free and you shouldn't be using it in production, but it's a nice feature when it comes out.

Availability
And this is why I love Microsoft products, they provide the compliance, and governance and security for the whole set of various solutions and you can even use your Azure AD credentials in most of them.
What's new and coming
- For AKS https://azure.microsoft.com/en-us/updates/?query=aks
- For Security Center https://azure.microsoft.com/en-us/updates/?query=security%20center
- And for containers https://azure.microsoft.com/en-us/updates/?query=container
And there is at least seven new features releases concerning Kubernetes in the Book Of News.

Innovate from cloud to edge on your terms with Azure
And link to whole book, nice reading.

Microsoft Inspire 2021 Book of News
More to come as Microsoft Ignite is on it's way November 2–4! Stay tuned and safe!
