Pull to refresh

Comments 5

Логично. С докером конкурировать очень сложно было.

Поддерживает тот же самый набор из ядерных CAP, SELinux, AppArmour и Seccomp.

"CRI-O is secure by default. It implements every security feature needed by Kubernetes such as: SELinux, Apparmor, Seccomp, and added/dropped Capabilities. As OCI runtimes adds new security features CRI-O will take advantage of them. CRI-O will provide the necessary security for your container needs."


"However if your organization prefers the security provided by virtual machines, CRI-O is still a very valid solution. CRI-O is the only CRI container runtime which can run virtual machines using Intel Clear Containers technology as if they were containers."


отсюда

Only those users with full accounts are able to leave comments. Log in, please.