Skip to main content

6 guides on making containers secure

With containers becoming ever more popular, check out our top 2019 container security pieces.
Best of Containers
"whitereadesque" by frankh is licensed under CC BY 2.0

2019 is the year where we really started taking advantage of user namespaces and containers. I have been talking about user namespaces for years as a security measure, and with the advent of Podman, we are finally starting to take advantage. Running rootless containers and using user namespaces for container separation are two of the biggest security features to come along for some time. 

We have seen a huge uptick in Podman use, based on the fact that it doesn't require running a daemon as root. We also see lots of interest in running Buildah inside of locked down containers. All of these features take advantage of user namespaces.

I hope that we get this feature all wired up into Kubernetes in 2020. For now, check out the great work on this topic that we've accomplished this year.

Fedora 31 Beta 1.1 Server Installation with Container Support
Fedora 31 contains a new version of control groups, which allow for allocating resources among user-defined processes on a system. Understand how these changes impact containers.
Topics:   Containers   Year in review   Podman  
Author’s photo

Dan Walsh

Daniel Walsh has worked in the computer security field for over 30 years. Dan is a Consulting Engineer at Red Hat. He joined Red Hat in August 2001. Dan leads the Red Hat Container Engineering team since August 2013, but has been working on container technology for several years. More about me

Try Red Hat Enterprise Linux

Download it at no charge from the Red Hat Developer program.