Container isolation aim to protect the underlying host OS that runs containers and functions against malicious escape and breakout attempts into other targets on the same host or on the shared infrastructure. They attempt to provide VM-level isolation while maintaining the expected speed and efficiency. This page gathers resources about isolation technologie such as Kata Containers, Amazon Firecracker, gVisor and Nabla Containers.
Table of Contents:
Below we have compiled publicly available sources from around the world that present views on container isolation.
The Container Security book by Liz Rice Fundamental Technology Concepts that Protect Containerized Applications