Welcome to Confidential Containers!





The goal of the CoCo project is to standardize confidential computing at the pod level and simplify its consumption in Kubernetes. This enables Kubernetes users to deploy confidential container workloads using familiar workflows and tools without extensive knowledge of the underlying confidential computing technologies.


With CoCo, you can deploy your workloads on shared infrastructure yet significantly reduce the risk of unauthorized entities accessing your workload data and extracting your secrets.


Confidential Containers is an open source community working to enable cloud native confidential computing by leveraging Trusted Execution Environments to protect containers and data.

Goals

Multiple TEEs

Support for multiple Trusted Execution Environments (TEEs) and hardware platforms

Please follow this space for updates!

Containers

Transparent deployment of unmodified containers

Cloud Service Providers (CSP)

A trust model which separates CSPs from guest applications

Application Security

Allow cloud native application owners to enforce application security requirements

Privilege

Least privilege principles for the Kubernetes Cluster administration capabilities which impact delivering Confidential Computing for guest application or data inside the TEE.

Community

Contributions welcome!

We do a Pull Request contributions workflow on GitHub. New users are always welcome!

Read more

We are on CNCF Slack!

Join channel #confidential-containers by getting invitation for the CNCF slack.

Read more

Weekly Meetings

Check out our previous meetings and join our future ones.

Read more

Community Guidelines

How to contribute, style guides, governance…

Read more

Code of Conduct

We follow the CNCF Code of Conduct.

Read more