Loading…
In-person
November 12-15
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Mountain Standard Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis. 
Tuesday November 12, 2024 12:13pm - 12:18pm MST
Supply chain security is an increasingly important issue in cloud-native computing. It is common for pipelines to build and push images to the cluster, but uncommon for those images to be removed from a node’s local store once a CVE has been disclosed. Kubernetes has no built-in solution to this problem: its garbage collection only responds to disk pressure. As images become outdated, they present a risk as users may run a vulnerable container. Eraser, a CNCF sandbox project, is an open source solution that automates the scanning and removal of non-running images.
What distinguishes Eraser is that it gives more control over removal: the developer decides what gets removed and when. By default, Eraser uses Trivy to scan images based on a given threshold of vulnerability. Images can also be removed based on custom logic, including support for using different scanners.
The talk will begin with an overview of Eraser and discuss new features added to the project.
Tuesday November 12, 2024 12:13pm - 12:18pm MST
Hyatt Regency | Level 4 | Regency Ballroom B
Log in to leave feedback.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Share Modal

Share this link via

Or copy link