Please log in to watch this conference skillscast.
Take any container running in your Kubernetes cluster. What can you say about it and with what level of certainty? Do you know where it came from? Could an attacker have modified it? Is it up-to-date? Can you identify the exact revision of the code that the image was built from?
This talk will look at what guarantees Kubernetes gives you out-of-the-box, and what you can do to establish a trustworthy and reliable workflow for deploying and updating images. Topics and tooling covered will include:
- mutable vs immutable images
- building images in a repeatable manner
- distributing images through registries
- controlling what images can run in your cluster
YOU MAY ALSO LIKE:
Image Provenance and Security in Kubernetes
Adrian Mouat is Chief Scientist at Container Solutions, a European services company specialising in container technologies. He is currently researching container orchestration platforms and image management. Adrian authored "Using Docker" for O'Reilly publishing and is a member of the Docker Captains program.