Skip to main content

Confidential Containers

Confidential Containers is an open source project under the Cloud Native Computing Foundation (CNCF) that enables running container workloads inside hardware-based trusted execution environments (confidential computing / runtime security).

  • Framework for running containers inside trusted execution environments on hardware that supports confidential computing (runtime security).
  • Integration layer that connects Kubernetes and container runtimes with confidential virtual machines (container orchestration / confidential computing).
  • Provides attestation workflows so platforms and workloads can verify the integrity and configuration of confidential environments (identity and attestation).
  • Supports multiple confidential computing backends and hardware technologies through a pluggable architecture (infrastructure abstraction).
  • Targets cloud, edge, and multi-tenant environments that require isolation of data and code from host infrastructure operators (cloud security).

More About Confidential Containers

Confidential Containers focuses on enabling cloud-native workloads to run inside confidential computing environments, where data and code are protected from access by the underlying infrastructure, including hypervisors and host operators (runtime security). The project operates under the Cloud Native Computing Foundation (CNCF) and addresses the problem of how to combine container-based workflows and orchestration with hardware-backed trusted execution environments. It targets use cases where tenants require hardware-enforced isolation and attestation while still using Kubernetes and common container tooling.

At a high level, Confidential Containers connects container orchestration platforms, such as Kubernetes, with confidential virtual machines supplied by hardware vendors that implement trusted execution environments (confidential computing). It does this by providing components that integrate with container runtimes and Kubernetes, so that a pod or container can be scheduled into a confidential Virtual Machine (VM) rather than a standard VM or bare-metal host. The project aligns with confidential computing technologies made available on major Central Processing Unit (CPU) architectures, and uses those capabilities to protect workload memory and state from host-level access.

The architecture follows cloud-native patterns and is designed as an abstraction layer over multiple underlying implementations (infrastructure abstraction). This allows platform operators to expose confidential computing capabilities via Kubernetes constructs while mapping them to the specific attestation, launch, and memory protection mechanisms of their chosen hardware or cloud environment. Confidential Containers also incorporates attestation workflows, so that a workload or control plane component can verify the identity and configuration of the confidential environment before releasing secrets or sensitive data (identity and attestation).

In enterprise environments, Confidential Containers is used to support scenarios such as multi-tenant Software-as-a-Service (SaaS) platforms, regulated workloads, and collaborative data processing where tenants require confidentiality from infrastructure operators (cloud security). Platform engineering teams can integrate Confidential Containers into existing Kubernetes clusters, extending their platforms to schedule workloads into confidential Vulnerability Management System (VMS) through defined APIs and CRDs where applicable. This allows reuse of container images, Continuous Integration and Continuous Deployment (CI/CD) pipelines, and operational practices while adding hardware-backed isolation.

Within a directory or taxonomy, Confidential Containers fits into categories such as confidential computing, Kubernetes ecosystem tooling, container runtime integration, and runtime security. It acts as a bridge between confidential VM technologies and higher-layer orchestration, providing enterprises with a way to adopt confidential computing without replacing their container-centric workflows. The project’s association with CNCF situates it among other cloud-native building blocks that emphasize interoperability and composable infrastructure.