Scalable Confidential Computing on Kubernetes with Marblerun- Moritz Eckert & Felix Schuster

Scalable Confidential Computing on Kubernetes with Marblerun- Moritz Eckert & Felix Schuster, Edgeless Systems GmbH

Confidential computing (CC) is a new and emerging security paradigm. It enables the always encrypted and verifiable processing of data on potentially untrusted hosts, e.g., the cloud or maybe even your local cluster. Do you wanna add an extra layer of data protection to your Kubernetes workloads? In this talk, we introduce the open-source project Marblerun and discuss the challenges that arise when you deploy CC-enabled workloads on K8s. Marblerun is the control plane for confidential computing, designed to run on Kubernetes. It is an open-source solution that extends the confidentiality, integrity, and verifiability properties of a single enclave to a Kubernetes cluster. Marblerun does not replace your service mesh; it is built to run alongside your existing cloud-native tooling. In essence, Marblerun simplifies deploying, scaling, and verifying end-to-end encrypted apps on vanilla K8s. We will demo how to CC-fy a cloud-native app and run it with K8s+Linkerd+Marblerun.