Public Preview: Azure Monitor Pod Sandboxing support in Container insights
發佈日期: 七月 05, 2023
Container Insights now supports monitoring pod sandboxed containers.
Pod Sandboxing provides an effective strategy for safeguarding against “Container Breakout” scenarios such as a malicious or legitimate user escaping container isolation to access filesystem, processes, network interfaces, and other resources on the host machine. While one can enforce isolation through node pools, such an approach poses significant operation and resource overhead and increases operational costs. Pod Sandboxing addresses this issue by isolation workloads at the kernel level.
Read more at https://aka.ms/cipodsandboxing