Enabling Security via Container Runtimes


An overview of the work performed at various levels—Linux kernel, OCI runc, containerd/cri-o and Docker—to bring core security features into the runtime layers and, where applicable, available to platforms like Kubernetes. In this talk we cover everything from seccomp to user namespaces, to cross-cutting features like rootless containers and encrypted layers.

Feb 12, 2020 1:40 PM — 2:10 PM
Seattle, WA
Phil Estes
Phil Estes
Principal Software Engineer

I work on container runtime technology in upstream open source communities on behalf of AWS.