The last post covered the PodMan usage as a more secure container management (and Docker replacement) and how to use the PodMan-compose project to run multiple container at once. This time, we want to go even further and only run container images that we authorized and even stop a podman-compose up process if some unauthorized images were to start. To do so we use the CodeNotary vcn project, that is a blockchain-based software notarization and enables us to run a compliant container infrastructure without any complexity. Its an enhanced version of Notary, just without the complex server setup and the internal silo limitation. We also use the podman-compose fork of CodeNotary, to enforce container authentication and block the start of unwanted container.



Read more

join Faun to receive similar hand-curated and must-read articles and news.

Related Posts


Vineet Agarwal , 1 month, 2 weeks ago

On-premises Serverless Architecture

Serverless architecture is one of the most sought after technologies today in Software Architecture ..

Jérôme Petazzoni , 2 months ago

Kubernetes Deployments: The Ultimate Guide

One of the first Kubernetes commands that we learn and use is kubectl run. Folks who have experience..

2 months, 3 weeks ago

Saschagrunert/Demystifying-containers

A series of blog posts and talks about the world of containers 📦..

Bryan Betts , 2 months, 3 weeks ago

Kubernetes Catches up With Operational Reality

With Kubernetes now established in many organisations as the container orchestration platform of the..

1 month, 2 weeks ago

Write Maintainable Integration Tests With Docker

Testcontainer is an open source community focused on making integration tests easier across many lan..

1 month ago

Muesli/Scratchy

Quickly Bootstrap a Linux Distro in a (Non-docker) Container And Interactively Execute Something in ..