Overview
Dive deep into the security aspects of CRI-O, a container runtime for Kubernetes, in this 37-minute conference talk presented by Sascha Grunert from SUSE and Daniel Walsh from Red Hat. Explore the critical role of container runtime security in the Kubernetes ecosystem, focusing on CRI-O's security principles and safe defaults. Learn about common container workload securing practices and their implementation on target systems. Gain insights into best practices for SELinux, AppArmor, seccomp, Linux capabilities, and namespace isolation techniques to enhance the security of Kubernetes-based applications. Conclude with an overview of the current state of container runtime security, equipping you with valuable knowledge to strengthen your containerized environments.
Syllabus
CRI-O: Deep Diving into the Security - Sascha Grunert, SUSE & Daniel Walsh, Red Hat
Taught by
CNCF [Cloud Native Computing Foundation]