Navigation Menu

What is CRICTL and Why Should You Care?

By on Jul 13, 2018 in Article

Container Engines are like wheel bearings, you should be able to replace them when they stop working. Also, you shouldn’t have to care about what brand they are. That’s what the Kubernetes Container Runtime Interface (CRI) aims to solve. CRI defines the API used to talk to container engines and all the major container engines support CRI either natively...

Read More

What is sVirt and How Does it Isolate Linux Containers?

By on Jul 10, 2018 in Article

Background What is sVirt and, why does it matter for your containers? The short answer is, because sVirt is another layer of security and defense in depth is a good approach to security. The longer answer is, sVirt dynamically generates an SELinux label for every single one of your containers, which makes them less likely to be able to break into each other, break...

Read More