Video recording and production done by OpenStack Foundation.
Container technologies offer the exciting prospect of rapidly scaling applications and services without the large overhead of traditional virtualization environments. However, container technologies bring security vulnerabilities that a skilled intruder running inside a container can exploit to infiltrate other containers and eventually take over a cloud environment.
In this talk, Intel’s security, virtualization and Linux technologists collaborate to show how a trusted container environment can be deployed in an OpenStack environment that will:
Ensure a root of trust for the platform on which a containerized app is deployed through trusted platform modules
Encrypt the containerized workload and manage the key exchange process so it can only be decrypted and deployed on the targeted server as a trusted container
Rapidly launch the trusted container in a fraction of the time it would take to launch a traditional VM
Protect each container from other potentially rogue containers through isolation technologies already present in Intel® Architecture servers
This capability opens the door to a variety of Enterprise usages for OpenStack, which will be outlined