The Node SIG is the Special Interest Group that is responsible for Kubernetes node management. We work on things including Kubelet, container runtime, node level performance and scalability, node reliability, node lifecycle management, node resource management, node monitoring, node/pod level security, kernel interactions, etc. Basically, most things happen on a Kubernetes node is related to sig node.
In this session, we'll mainly cover 3 topics:
* Secure Container (Tim Allclair, Google): VM sandboxes, docker entitlements, and container hardening. What are the right levels of abstractions for container security, and how can we make secure containers more usable?
* Containerd (Stephen Day, Docker): Status update of containerd 1.0 and cri-containerd, the containerd-based implementation of Kubernetes Container Runtime Interface.
* CRI-O (Mrunal Patel, Red Hat): Status update of cri-o, the OCI-based implementation of Kubernetes Container Runtime Interface.
Besides the topics above, we'll also have free discussion about Node SIG's future plan, where you are very welcome to contribute to the discussion.