As an application operator I want to reduce the gap between that isolation provided by virtualisation and containers.
AppArmor, SELinux, Seccomp, and gVisor are technologies that help to improve isolation.
Research which aspects are covered by theses technologies and how to enable them in Gardener (keep in mind that we will support more than on OS in the very near future).
Is it possible to offer several profiles (maximum isolation, medium isolation, low isolation)?
Can we dynamically figure out what the best profile would be?
Describe how to enable these features within Karydia
As an application operator I want to reduce the gap between that isolation provided by virtualisation and containers.
AppArmor, SELinux, Seccomp, and gVisor are technologies that help to improve isolation.