CRI-O's Back, Alright!

In this talk, Peter Hunt and Urvashi Mohnani from Red Hat discuss CRI-O, a lightweight daemon that implements the Kubernetes Container Runtime Interface. They cover what CRI-O is, its benefits for running containers securely and stably in production, and new features such as FreeBSD support, NRI support, and seccomp notify support. The presentation also delves into security enhancements like mitigating man-in-the-middle attacks with seccomp notify and checkpoint-restore capabilities for debugging and security analysis, as well as using Sigstore for image verification.