CRI-O - Secure, Performant, and Boring as Ever
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore a comprehensive conference talk on CRI-O, the OCI-compliant implementation of the Kubernetes Container Runtime Interface (CRI). Discover how CRI-O aims to be secure, performant, and "boring" by focusing solely on Kubernetes' needs. Learn about recent improvements highlighting these key aspects, including the smooth transition between CRI versions, optimizations in container exec probes with conmon-rs, and security enhancements such as SELinux relabelling for container volumes and default seccomp implementation. Gain insights into what CRI-O offers as a container manager specifically designed for Kubernetes, whether you're an experienced end-user or a new community member.
Syllabus
CRI-O: Secure, Performant, and Boring... Peter Hunt, Urvashi Mohnani, Mrunal Patel & Sascha Grunert
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Scenario Based LXD/LXC SecurityA Cloud Guru Scenario Based Docker Security
A Cloud Guru Using Seccomp to Limit the Kernel Attack Surface
Linux Foundation via YouTube Trace Me if You Can - Bypassing Linux Syscall Tracing
Black Hat via YouTube Sandboxing Based on SECCOMP for Linux Kernel
Ekoparty Security Conference via YouTube