Explore a conference talk that delves into the evolution of secure containers and their integration with service mesh technology. Learn about the quantitative comparison between Kata containers and gVisor, including CPU/Networking performance, filesystem storage penalties, memory consumption, and syscall overhead. Discover the advancements in Kata Containers 1.5, including lightweight hypervisor support and the introduction of virtio-fs for improved filesystem sharing. Gain insights into the seamless containerd integration with shimv2 and its potential impact on secure sandbox support for Kubernetes. Examine Ant Financial's approach to end-to-end security, focusing on both secure containers and ServiceMesh implementation to achieve comprehensive service security.
Overview
Syllabus
From Secure Container to Secure Service - Xu Wang & Fupan Li, Ant Financial
Taught by
Linux Foundation
Tags
Related Courses
-
NanoVisor: Revolutionizing FaaS Cold Start Performance with Secure, Lightweight Container Runtime
-
Deploy containers by using Azure Kubernetes Service (AKS)
-
Build and Manage WebAssembly Applications Using Container Tools
-
Service Mesh: Witnessing the Rise of Cloud Computing
-
CNCF Live Webinar - Kata and Arm, a Secure Alternative in the 5G Space
-
Deep Dive on New Container Hosting Options on Azure App Service and App Service
