6 guides on making containers secure
2019 is the year where we really started taking advantage of user namespaces and containers. I have been talking about user namespaces for years as a security measure, and with the advent of Podman, we are finally starting to take advantage. Running rootless containers and using user namespaces for container separation are two of the biggest security features to come along for some time.
We have seen a huge uptick in Podman use, based on the fact that it doesn't require running a daemon as root. We also see lots of interest in running Buildah inside of locked down containers. All of these features take advantage of user namespaces.
I hope that we get this feature all wired up into Kubernetes in 2020. For now, check out the great work on this topic that we've accomplished this year.
Dan Walsh
Daniel Walsh has worked in the computer security field for over 30 years. Dan is a Consulting Engineer at Red Hat. He joined Red Hat in August 2001. Dan leads the Red Hat Container Engineering team since August 2013, but has been working on container technology for several years. More about me