Pull to refresh

Comments 5

Логично. С докером конкурировать очень сложно было.

UFO just landed and posted this here
Поддерживает тот же самый набор из ядерных CAP, SELinux, AppArmour и Seccomp.

"CRI-O is secure by default. It implements every security feature needed by Kubernetes such as: SELinux, Apparmor, Seccomp, and added/dropped Capabilities. As OCI runtimes adds new security features CRI-O will take advantage of them. CRI-O will provide the necessary security for your container needs."


"However if your organization prefers the security provided by virtual machines, CRI-O is still a very valid solution. CRI-O is the only CRI container runtime which can run virtual machines using Intel Clear Containers technology as if they were containers."


отсюда

Sign up to leave a comment.