Running Not Root Made Easy - Luboslav Pivarc, Red Hat
Abstract
Kubevirt project recently transitioned to using non-root users for pods running virtual machines (VMs). The journey was far from smooth, and there were a number of problems that we had to overcome to achieve this. Most of the problems are not specific to Kubevirt: Anybody coming to Kubernetes or transitioning their application to non-root can run into these same problems and feel discouraged. But don’t worry, you can learn from our journey. This presentation will run through the general problems of running Kubernetes workloads without a root user, the solutions that are available now, and the features that are coming to Kubernetes. By the end of this talk, you should be able to understand the problems behind running as non-root and be able to secure your application much easier!