Reimagining Kubernetes Pods - Nested Containers with CRI-O

Explore the evolution of nested containers within Kubernetes pods through this technical conference talk that delves into recent developments in CRI-O and user namespace capabilities. Learn how the traditional limitations of masked /proc and restricted user namespaces are being overcome to provide Podman-like functionality. Discover the implementation of critical Kubernetes security features including privileged mode, rootless containers, and network isolation that enable container execution within pods. Examine various configuration support matrices and gain insights into upcoming developments aimed at bringing virtual machine-like flexibility to Kubernetes pods for enhanced container orchestration security and dynamism.