Container Security and Multi-Tenancy Tales from Kata and Nabla
With the introduction of the Kubernetes CRI many different choices have emerged for users to run their various containerized workloads. There have been concerns about the complexity of making traditio …
| Talk Title | Container Security and Multi-Tenancy Tales from Kata and Nabla |
| Speakers | Ricardo Aravena (SRE Manager, Rakuten), James Bottomley (DE, IBM) |
| Conference | KubeCon + CloudNativeCon North America |
| Conf Tag | |
| Location | Seattle, WA, USA |
| Date | Dec 9-14, 2018 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
With the introduction of the Kubernetes CRI many different choices have emerged for users to run their various containerized workloads. There have been concerns about the complexity of making traditional containers more secure using Linux kernel facilities such as AppArmor, SELinux, and seccomp.In this talk, Ricardo will showcase how Kata and Nabla Containers can be used to isolate your tasks effortlessly. He’ll describe the unique capabilities of each containerized approach along with their pros and cons, and how both of their communities are collaborating. He will also demonstrate how to make use of the Kubernetes RuntimeClass with both of these runtimes.By the end of this talk, the audience will be able to understand how to use Kata and Nabla Containers with Kubernetes and its new RuntimeClass to fully enable multi-tenancy with minimal risks in their infrastructure.
