OpenShift Commons Briefing: State of Container Security – Urvashi Mohnani and Sally O’Malley (Red Hat)

Linux Containers continue to rapidly proliferate in the software industry. With the vast amount of solutions pertaining to containers out there, it is important to note the various security features that each provide. In this Briefing, Red Hat’s Urvashi Mohnani and Sally O’Malley  introduced four emerging container tools, Buildah, Podman, Skopeo, and CRI-O, and spoke about the security benefits that each project has to offer. They demonstrate recent updates that have been added to each project and also discuss how each tool is being used in OpenShift throughout the stack. Further, they assess the security improvements each project provides as well as demonstrate some cool features unique to each of these tools.

Slides are available here.

Additional Resources:

• Open Repository for Container Tools & Demo Scripts:  https://github.com/containers
• OCI hooks to generate seccomp Profiles: https://github.com/containers/oci-seccomp-bpf-hook
• Pod Manager tool (podman): https://podman.io/
• Buildah tool for Open Container Initiative (OCI) container images: https://buildah.io/

Coloring Books:

SELinux:  https://github.com/mairin/selinux-coloring-book

Container Commandos: https://github.com/mairin/coloringbook-container-commandos

To stay abreast of all the latest releases and events, please join the OpenShift Commons and join our mailing lists & slack channel.

What is OpenShift Commons?

Commons builds connections and collaboration across OpenShift communities, projects, and stakeholders. In doing so we’ll enable the success of customers, users, partners, and contributors as we deepen our knowledge and experiences together.

Our goals go beyond code contributions. Commons is a place for companies using OpenShift to accelerate its success and adoption. To do this we’ll act as resources for each other, share best practices and provide a forum for peer-to-peer communication.

Join OpenShift Commons today!