Running Confidential Workloads with Podman

Presenters: Sergio Lopez (Red Hat)

Session Type: Presentation (25min)

Topics: Container Runtimes, Container/Image Security/SBOM, Image Building, Containers & Virtualization, podman, crun, libkrun, oci2cw, reference-kbs

Session Details:

While Confidential Computing technologies have been available for quite some time, limitations on the software stack still put a significant entry barrier for users willing to adopt them. In this presentation, we’ll show the work we’ve done to enable the container tools to build and deploy Confidential Workloads (a specialized kind of workload that preserves some of the container’s semantics), leveraging on the Confidential Computing functionality provided by libkrun and crun’s extensibility, bringing that technology to the users through a familiar UX.