Confidential Containers enable cloud native confidential computing by standardizing confidential computing at the container level, allowing users to deploy confidential workloads using familiar workflows and tools. The project aims to seamlessly run Kubernetes workloads in their own confidential computing enclaves, taking the infrastructure owner out of the trust boundary and providing potential use cases for running sensitive workloads anywhere confidential computing is enabled.
- Confidential Containers is an open source project that standardizes confidential computing at the container level
- The project aims to seamlessly run Kubernetes workloads in their own confidential computing enclaves
- Confidential Containers takes the infrastructure owner out of the trust boundary, providing potential use cases for running sensitive workloads anywhere confidential computing is enabled
- The project is expanding to include the attestation side and adding secure storage
- The first official release is expected in a few months
Confidential Containers allows users to run their sensitive workloads anywhere confidential computing is enabled, providing a secure way to move workloads from private to public clouds. This is particularly useful for companies who may not want their infrastructure owner to have access to their workloads, even internally. By taking the infrastructure owner out of the trust boundary, Confidential Containers provides a potential solution to this problem.