The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2021 Virtual to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Today’s containers run in wildly heterogeneous environments. When deployed on multi-tenant clouds, they can span across nodes, regions, and multiple Cloud Service Providers (CSPs) while sharing CSP-owned resources between tenants. In such hostile environments, protecting containers data and code requires full trust on the CSP stack. Confidential computing leverages emerging hardware technologies to build Trusted Execution Environments (TEE) that protect cloud code and data at rest, in transit and in use, allowing tenants to trust no one but themselves. In this presentation, we will describe cloud native gaps for supporting confidential computing through memory encryption, authenticated launch and application attestability. Attendees will learn how secure container runtimes like Kata can close those gaps and leave with a proposed software architecture to bring confidential computing to cloud native workloads.
Eric Ernst is a software developer at Apple, where he focuses on virtualization, containers, container runtimes and Kubernetes. Eric is a contributor to Kubernetes and an architecture committee member for the Kata Containers project.