K8s-MultiTenancy

• Control Plane (masters)
• Data Plane Tenancy

Although workloads from different tenants are running on different nodes, it is important to be aware that the kubelet and (unless using virtual control planes) the API service are still shared services. A skilled attacker could use the permissions assigned to the kubelet or other pods running on the node to move laterally within the cluster and gain access to tenant workloads running on other nodes. If this is a major concern, consider implementing compensating controls such as seccomp, AppArmor or SELinux or explore using sandboxed containers or creating separate clusters for each tenant.

• from the Node Isolation second paragraph in
• https://kubernetes.io/docs/concepts/security/multi-tenancy/

• https://kubernetes.io/docs/concepts/cluster-administration/flow-control/

• https://kubernetes.io/docs/concepts/extend-kubernetes/operator/
• https://kubernetes.io/docs/concepts/security/multi-tenancy/#operators

• https://kubernetes.io/docs/concepts/security/multi-tenancy/#virtual-control-plane-per-tenant