Isolating Kubernetes Workloads with gVisor


gVisor is an open source mini-kernel release by Google that allows to run untrusted workloads in Kubernetes while achieving a high level of isolation. If you ever wondered should i run this container ? Is it safe ? Then this talk is for you.

Speaker

abdel-fettah

Abdelfettah Sghiouar

 
Google Cloud Engineer at Google Sweden with focus on DevOps, Kubernetes and interest in IoT and Machine learning. Previous to that he worked several years as a DevOps engineer and sysadmin, long time Linux fan and big OSS supporter.