Sandboxing your containers with gVisor (Cloud Next '18)

Опубликовано 26 июля 2018, 22:07

While containers have become a popular way to deploy applications, securing them is not well understood. How do you run code that users have uploaded without exposing your entire infrastructure? How do you run third-party applications where you don't have access to the source code? This talk will explore various practices to run trusted and untrusted workloads on Kubernetes Engine and discuss the pros and cons of them. In addition to the technical highlights, we will present key use cases and solutions to harden the security of your containers using gVisor.

IO310

Event schedule → g.co/next18

Watch more Infrastructure & Operations sessions here → bit.ly/2uEykpQ
Next ‘18 All Sessions playlist → bit.ly/Allsessions

Subscribe to the Google Cloud channel! → bit.ly/NextSub


re_ty: Publish; product: Cloud - Containers - Google Kubernetes Engine (GKE); fullname: Yoshi Tamura, Ian Lewis; event: Google Cloud Next 2018;