Dive deep into the security aspects of CRI-O, a container runtime for Kubernetes, in this 37-minute conference talk presented by Sascha Grunert from SUSE and Daniel Walsh from Red Hat. Explore the critical role of container runtime security in the Kubernetes ecosystem, focusing on CRI-O's security principles and safe defaults. Learn about common container workload securing practices and their implementation on target systems. Gain insights into best practices for SELinux, AppArmor, seccomp, Linux capabilities, and namespace isolation techniques to enhance the security of Kubernetes-based applications. Conclude with an overview of the current state of container runtime security, equipping you with valuable knowledge to strengthen your containerized environments.
Overview
Syllabus
CRI-O: Deep Diving into the Security - Sascha Grunert, SUSE & Daniel Walsh, Red Hat
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
What's New in CRI-O?
-
CRI-O - The Runtime Control Room
-
CRI-O - Secure, Performant, and Boring as Ever
-
CRI-O's Graduation Celebration - Container Runtime Interface Overview and Future Plans
-
CRI-O's Senior Year - Overview and New Developments
-
CRI-O Features for Fun and Profit - Advanced Kubernetes Container Runtime Capabilities
