Run Only Compliant Container With Podman And Podman-compose

The last post covered the PodMan usage as a more secure container management (and Docker replacement) and how to use the PodMan-compose project to run multiple container at once. This time, we want to go even further and only run container images that we authorized and even stop a podman-compose up process if some unauthorized images were to start. To do so we use the CodeNotary vcn project, that is a blockchain-based software notarization and enables us to run a compliant container infrastructure without any complexity. Its an enhanced version of Notary, just without the complex server setup and the internal silo limitation. We also use the podman-compose fork of CodeNotary, to enforce container authentication and block the start of unwanted container.


Comments

Be the first to comment !



Related Posts


Vineet Agarwal , 3 months, 2 weeks ago

On-premises Serverless Architecture

Serverless architecture is one of the most sought after technologies today in Software Architectu..

Jérôme Petazzoni , 4 months ago

Kubernetes Deployments: The Ultimate Guide

One of the first Kubernetes commands that we learn and use is kubectl run. Folks who have experie..

4 months, 3 weeks ago

Saschagrunert/Demystifying-containers

A series of blog posts and talks about the world of containers 📦

..

Bryan Betts , 4 months, 3 weeks ago

Kubernetes Catches up With Operational Reality

With Kubernetes now established in many organisations as the container orchestration platform of ..

3 months, 2 weeks ago

Write Maintainable Integration Tests With Docker

Testcontainer is an open source community focused on making integration tests easier across many ..

3 months ago

Muesli/Scratchy

Quickly Bootstrap a Linux Distro in a (Non-docker) Container And Interactively Execute Something ..

-->