Speakers
Description
With the recent integration of container checkpointing in Kubernetes, it is crucial to protect the captured container state in order to maintain the confidentiality and integrity of application data. In this talk, we are going to discuss a built-in mechanism for providing data security by default through asymmetric encryption of CRIU images. By extending CRIU with encryption capabilities, we enable seamless end-to-end security across cluster nodes, without the need for modifications of the underlying container infrastructure. The talk will cover the current state of the project, the necessary changes for integration with existing container environments, and discuss how this mechanism can be utilized in combination with role-based access control in multi-tenant clusters.
