[Japan Container Days v18.04 Keynote (Production User Stories)]
CyberAgentではプライベートクラウド上にGKEライクなコンテナ基盤を展開するサービスを提供しています。最近では様々な利便性からコンテナでの開発が増えており、オンプレ環境でも Kubernetes as a Serviceの需要があります。サーバ上にKubernetesを展開するだけでは利用できないLoadBalancerやIngressを実現する方法やOpenStackとの連携方法について説明しながら、アドテク領域での利用に耐えうるコンテナ基盤の事例を紹介します。
by Masaya Aoyama (@amsy810)
[Japan Container Days v18.04 Keynote (Production User Stories)]
CyberAgentではプライベートクラウド上にGKEライクなコンテナ基盤を展開するサービスを提供しています。最近では様々な利便性からコンテナでの開発が増えており、オンプレ環境でも Kubernetes as a Serviceの需要があります。サーバ上にKubernetesを展開するだけでは利用できないLoadBalancerやIngressを実現する方法やOpenStackとの連携方法について説明しながら、アドテク領域での利用に耐えうるコンテナ基盤の事例を紹介します。
by Masaya Aoyama (@amsy810)
DCSF19 Hardening Docker daemon with Rootless modeDocker, Inc.
Akihiro Suda, NTT Corporation
Docker CE 19.03 is going to support "Rootless mode", which allows running the entire Docker daemon and its dependencies as a non-root user on the host, so as to protect the host from malicious containers in a simple but very strong way.
Rootless mode is also attractive for users who cannot get `sudo` permission for installing Docker on shared computing machines. e.g. HPC users.
In this talk, Akihiro Suda, the author of the Rootless mode (PR: moby#38050), will explain how users can get started with Rootless mode.
He will also explain the implementation details of Rootless mode and planned enhancements such as LDAP integration.
DCSF19 Hardening Docker daemon with Rootless modeDocker, Inc.
Akihiro Suda, NTT Corporation
Docker CE 19.03 is going to support "Rootless mode", which allows running the entire Docker daemon and its dependencies as a non-root user on the host, so as to protect the host from malicious containers in a simple but very strong way.
Rootless mode is also attractive for users who cannot get `sudo` permission for installing Docker on shared computing machines. e.g. HPC users.
In this talk, Akihiro Suda, the author of the Rootless mode (PR: moby#38050), will explain how users can get started with Rootless mode.
He will also explain the implementation details of Rootless mode and planned enhancements such as LDAP integration.