SlideShare a Scribd company logo

LinuxKit

Download as PPTX, PDF
Moby Project
Moby Project

LinuxKit is a toolkit for building secure, portable, and lean container-based operating systems. Over the past six months, it has gained 75 contributors and seen improvements like support for additional platforms, TPM support, immutable images, and newer kernel versions. Looking ahead, the next six months will focus on stable releases when Containerd 1.0 is available, using LinuxKit as the basis for Docker desktop and cloud editions, and expanding Kubernetes integration and production usage. The LinuxKit Security SIG has also deep dived several security projects and aims to contribute further to upstream Linux security.

Technology
1 of 10
LinuxKit: the first six months
What is LinuxKit? A toolkit for building secure, portable and lean operating systems for containers. ● uses Moby tooling to build system images ● everything is a container ● runs with Containerd 1.0 branch for over four months ● lightweight, fully customizable
Some metrics ● 75 contributors! ● first maintainer appointed from the community ● 50 commits a week since DockerCon
Platform support The community added support for so many platforms... ● LCOW ● Azure ● OpenStack ● VMware and vCenter ● Packet.net ● Vultr
Lots of smaller improvements ● TPM support ● containers to run on clean shutdown ● fully immutable images, eg CD-ROM images ● 4.10, 4.11, 4.12 kernels, 4.13 coming soon ● namespace sharing for system containers ● rewrote a lot of shell scripts in Go for better maintainability ● OCI runtime spec 1.0
What about the next six months? ● stable releases when we have Containerd 1.0 ● Docker desktop and cloud editions based on LinuxKit very soon ● more work on Kubernetes: infrakit integration for production ● production production production ● help wanted improving CI for multiple platforms ● tell us about your production use cases
LinuxKit Security SIG
Security SIG Deep Dives ● WireGuard - graduated from projects! ● Type Safe System Daemons ● LandLock LSM ● Memorizer ● HPE okernel
What’s next? LinuxKit Security ● Cultivate security community and testbed ● Directly contribute to upstream Linux development ○ XPFO ○ eBPF hardening ○ Namespacing IMA ● Talk with us if you are interested in upstream Linux security!
@justincormack @riyazdfThank you!

Recommended

The State of containerd
The State of containerdThe State of containerd
The State of containerd
Moby Project
 
Using linuxKit to build custom rancherOS systems
Using linuxKit to build custom rancherOS systems Using linuxKit to build custom rancherOS systems
Using linuxKit to build custom rancherOS systems
Moby Project
 
Docker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete ComponentsDocker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete Components
Phil Estes
 
CRI-containerd
CRI-containerdCRI-containerd
CRI-containerd
Moby Project
 
Embedding Containerd For Fun and Profit
Embedding Containerd For Fun and ProfitEmbedding Containerd For Fun and Profit
Embedding Containerd For Fun and Profit
Phil Estes
 
It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?
Phil Estes
 
LinuxKit Swarm Nodes
LinuxKit Swarm NodesLinuxKit Swarm Nodes
LinuxKit Swarm Nodes
Moby Project
 
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container RuntimesWhose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Phil Estes
 

Recommended

The State of containerd
The State of containerdThe State of containerd
The State of containerd
Moby Project
 
Using linuxKit to build custom rancherOS systems
Using linuxKit to build custom rancherOS systems Using linuxKit to build custom rancherOS systems
Using linuxKit to build custom rancherOS systems
Moby Project
 
Docker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete ComponentsDocker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete Components
Phil Estes
 
CRI-containerd
CRI-containerdCRI-containerd
CRI-containerd
Moby Project
 
Embedding Containerd For Fun and Profit
Embedding Containerd For Fun and ProfitEmbedding Containerd For Fun and Profit
Embedding Containerd For Fun and Profit
Phil Estes
 
It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?
Phil Estes
 
LinuxKit Swarm Nodes
LinuxKit Swarm NodesLinuxKit Swarm Nodes
LinuxKit Swarm Nodes
Moby Project
 
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container RuntimesWhose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Phil Estes
 
Moby Summit introduction
Moby Summit introductionMoby Summit introduction
Moby Summit introduction
Moby Project
 
Introduction kubernetes 2017_12_24
Introduction kubernetes 2017_12_24Introduction kubernetes 2017_12_24
Introduction kubernetes 2017_12_24
Sam Zheng
 
CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?
Phil Estes
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
Ross Kukulinski
 
Kubernetes 架構與虛擬化之差異
Kubernetes 架構與虛擬化之差異Kubernetes 架構與虛擬化之差異
Kubernetes 架構與虛擬化之差異
inwin stack
 
An Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open CommunitiesAn Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open Communities
Phil Estes
 
What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.
Phil Estes
 
Project Atomic-Nulecule
Project Atomic-NuleculeProject Atomic-Nulecule
Project Atomic-Nulecule
Lalatendu Mohanty
 
Virtualization inside kubernetes
Virtualization inside kubernetesVirtualization inside kubernetes
Virtualization inside kubernetes
inwin stack
 
State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)
Docker, Inc.
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018
Phil Estes
 
Network plugins for kubernetes
Network plugins for kubernetesNetwork plugins for kubernetes
Network plugins for kubernetes
inwin stack
 
Continuous integration with Docker and Ansible
Continuous integration with Docker and AnsibleContinuous integration with Docker and Ansible
Continuous integration with Docker and AnsibleDmytro Slupytskyi
 
Looking Under The Hood: containerD
Looking Under The Hood: containerDLooking Under The Hood: containerD
Looking Under The Hood: containerD
Docker, Inc.
 
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeCon EU 2016: "rktnetes": what's new with container runtimes and KubernetesKubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeAcademy
 
Project Moby
Project MobyProject Moby
Project Moby
Neependra Khare
 
Kubernetes Basics & Monitoring
Kubernetes Basics & MonitoringKubernetes Basics & Monitoring
Kubernetes Basics & Monitoring
Mist.io
 
Docker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionDocker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine Evolution
Phil Estes
 
Getting started with kubernetes
Getting started with kubernetesGetting started with kubernetes
Getting started with kubernetes
Janakiram MSV
 
Containers & container orchestration
Containers & container orchestrationContainers & container orchestration
Containers & container orchestration
Liviu Costea
 
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
Docker, Inc.
 
Moby Open Source Summit North America 2017
Moby Open Source Summit North America 2017Moby Open Source Summit North America 2017
Moby Open Source Summit North America 2017
Patrick Chanezon
 

More Related Content

What's hot

Moby Summit introduction
Moby Summit introductionMoby Summit introduction
Moby Summit introduction
Moby Project
 
Introduction kubernetes 2017_12_24
Introduction kubernetes 2017_12_24Introduction kubernetes 2017_12_24
Introduction kubernetes 2017_12_24
Sam Zheng
 
CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?
Phil Estes
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
Ross Kukulinski
 
Kubernetes 架構與虛擬化之差異
Kubernetes 架構與虛擬化之差異Kubernetes 架構與虛擬化之差異
Kubernetes 架構與虛擬化之差異
inwin stack
 
An Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open CommunitiesAn Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open Communities
Phil Estes
 
What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.
Phil Estes
 
Project Atomic-Nulecule
Project Atomic-NuleculeProject Atomic-Nulecule
Project Atomic-Nulecule
Lalatendu Mohanty
 
Virtualization inside kubernetes
Virtualization inside kubernetesVirtualization inside kubernetes
Virtualization inside kubernetes
inwin stack
 
State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)
Docker, Inc.
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018
Phil Estes
 
Network plugins for kubernetes
Network plugins for kubernetesNetwork plugins for kubernetes
Network plugins for kubernetes
inwin stack
 
Continuous integration with Docker and Ansible
Continuous integration with Docker and AnsibleContinuous integration with Docker and Ansible
Continuous integration with Docker and AnsibleDmytro Slupytskyi
 
Looking Under The Hood: containerD
Looking Under The Hood: containerDLooking Under The Hood: containerD
Looking Under The Hood: containerD
Docker, Inc.
 
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeCon EU 2016: "rktnetes": what's new with container runtimes and KubernetesKubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeAcademy
 
Project Moby
Project MobyProject Moby
Project Moby
Neependra Khare
 
Kubernetes Basics & Monitoring
Kubernetes Basics & MonitoringKubernetes Basics & Monitoring
Kubernetes Basics & Monitoring
Mist.io
 
Docker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionDocker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine Evolution
Phil Estes
 
Getting started with kubernetes
Getting started with kubernetesGetting started with kubernetes
Getting started with kubernetes
Janakiram MSV
 
Containers & container orchestration
Containers & container orchestrationContainers & container orchestration
Containers & container orchestration
Liviu Costea
 

What's hot (20)

Moby Summit introduction
Moby Summit introductionMoby Summit introduction
Moby Summit introduction
 
Introduction kubernetes 2017_12_24
Introduction kubernetes 2017_12_24Introduction kubernetes 2017_12_24
Introduction kubernetes 2017_12_24
 
CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
 
Kubernetes 架構與虛擬化之差異
Kubernetes 架構與虛擬化之差異Kubernetes 架構與虛擬化之差異
Kubernetes 架構與虛擬化之差異
 
An Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open CommunitiesAn Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open Communities
 
What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.
 
Project Atomic-Nulecule
Project Atomic-NuleculeProject Atomic-Nulecule
Project Atomic-Nulecule
 
Virtualization inside kubernetes
Virtualization inside kubernetesVirtualization inside kubernetes
Virtualization inside kubernetes
 
State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018
 
Network plugins for kubernetes
Network plugins for kubernetesNetwork plugins for kubernetes
Network plugins for kubernetes
 
Continuous integration with Docker and Ansible
Continuous integration with Docker and AnsibleContinuous integration with Docker and Ansible
Continuous integration with Docker and Ansible
 
Looking Under The Hood: containerD
Looking Under The Hood: containerDLooking Under The Hood: containerD
Looking Under The Hood: containerD
 
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeCon EU 2016: "rktnetes": what's new with container runtimes and KubernetesKubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
 
Project Moby
Project MobyProject Moby
Project Moby
 
Kubernetes Basics & Monitoring
Kubernetes Basics & MonitoringKubernetes Basics & Monitoring
Kubernetes Basics & Monitoring
 
Docker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionDocker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine Evolution
 
Getting started with kubernetes
Getting started with kubernetesGetting started with kubernetes
Getting started with kubernetes
 
Containers & container orchestration
Containers & container orchestrationContainers & container orchestration
Containers & container orchestration
 

Similar to LinuxKit

LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
Docker, Inc.
 
Moby Open Source Summit North America 2017
Moby Open Source Summit North America 2017Moby Open Source Summit North America 2017
Moby Open Source Summit North America 2017
Patrick Chanezon
 
Container Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's EnginesContainer Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's Engines
Phil Estes
 
Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Ambassador Labs
 
Speed & Agility of Innovation with Docker & Kubernetes
Speed & Agility of Innovation with Docker & KubernetesSpeed & Agility of Innovation with Docker & Kubernetes
Speed & Agility of Innovation with Docker & Kubernetes
ICS
 
LinuxKit Deep Dive
LinuxKit Deep DiveLinuxKit Deep Dive
LinuxKit Deep Dive
Docker, Inc.
 
Introduction to Containers
Introduction to ContainersIntroduction to Containers
Introduction to Containers
Dharmit Shah
 
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Phil Estes
 
Innovating Out in the Open
Innovating Out in the Open Innovating Out in the Open
Innovating Out in the Open
Dev_Events
 
DCSF19 How Docker Simplifies Kubernetes for the Masses
DCSF19 How Docker Simplifies Kubernetes for the Masses DCSF19 How Docker Simplifies Kubernetes for the Masses
DCSF19 How Docker Simplifies Kubernetes for the Masses
Docker, Inc.
 
Docker Container Introduction
Docker Container IntroductionDocker Container Introduction
Docker Container Introduction
Innfinision Cloud and BigData Solutions
 
Innovating Out In The Open - OSCON 2016
Innovating Out In The Open - OSCON 2016Innovating Out In The Open - OSCON 2016
Innovating Out In The Open - OSCON 2016
Phil Estes
 
Moby KubeCon 2017
Moby KubeCon 2017Moby KubeCon 2017
Moby KubeCon 2017
Patrick Chanezon
 
Docker Introduction - DevOps Montreal Meetup
Docker Introduction - DevOps Montreal MeetupDocker Introduction - DevOps Montreal Meetup
Docker Introduction - DevOps Montreal Meetup
Colin Surprenant
 
Craig Box (Google) - The road to Kubernetes 1.0
Craig Box (Google) - The road to Kubernetes 1.0Craig Box (Google) - The road to Kubernetes 1.0
Craig Box (Google) - The road to Kubernetes 1.0
Outlyer
 
Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdf
Weaveworks
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
Ambassador Labs
 
Docker Concepts for Oracle/MySQL DBAs and DevOps
Docker Concepts for Oracle/MySQL DBAs and DevOpsDocker Concepts for Oracle/MySQL DBAs and DevOps
Docker Concepts for Oracle/MySQL DBAs and DevOps
Zohar Elkayam
 
Run automated tests in Docker
Run automated tests in DockerRun automated tests in Docker
Run automated tests in Docker
Oleksandr Metelytsia
 

Similar to LinuxKit (20)

LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
 
Moby Open Source Summit North America 2017
Moby Open Source Summit North America 2017Moby Open Source Summit North America 2017
Moby Open Source Summit North America 2017
 
Container Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's EnginesContainer Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's Engines
 
Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
 
Speed & Agility of Innovation with Docker & Kubernetes
Speed & Agility of Innovation with Docker & KubernetesSpeed & Agility of Innovation with Docker & Kubernetes
Speed & Agility of Innovation with Docker & Kubernetes
 
LinuxKit Deep Dive
LinuxKit Deep DiveLinuxKit Deep Dive
LinuxKit Deep Dive
 
Introduction to Containers
Introduction to ContainersIntroduction to Containers
Introduction to Containers
 
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
 
Innovating Out in the Open
Innovating Out in the Open Innovating Out in the Open
Innovating Out in the Open
 
DCSF19 How Docker Simplifies Kubernetes for the Masses
DCSF19 How Docker Simplifies Kubernetes for the Masses DCSF19 How Docker Simplifies Kubernetes for the Masses
DCSF19 How Docker Simplifies Kubernetes for the Masses
 
Docker Container Introduction
Docker Container IntroductionDocker Container Introduction
Docker Container Introduction
 
Innovating Out In The Open - OSCON 2016
Innovating Out In The Open - OSCON 2016Innovating Out In The Open - OSCON 2016
Innovating Out In The Open - OSCON 2016
 
Moby KubeCon 2017
Moby KubeCon 2017Moby KubeCon 2017
Moby KubeCon 2017
 
Docker Introduction - DevOps Montreal Meetup
Docker Introduction - DevOps Montreal MeetupDocker Introduction - DevOps Montreal Meetup
Docker Introduction - DevOps Montreal Meetup
 
Craig Box (Google) - The road to Kubernetes 1.0
Craig Box (Google) - The road to Kubernetes 1.0Craig Box (Google) - The road to Kubernetes 1.0
Craig Box (Google) - The road to Kubernetes 1.0
 
Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdf
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
 
Docker Concepts for Oracle/MySQL DBAs and DevOps
Docker Concepts for Oracle/MySQL DBAs and DevOpsDocker Concepts for Oracle/MySQL DBAs and DevOps
Docker Concepts for Oracle/MySQL DBAs and DevOps
 
Run automated tests in Docker
Run automated tests in DockerRun automated tests in Docker
Run automated tests in Docker
 

More from Moby Project

Libnetwork updates
Libnetwork updatesLibnetwork updates
Libnetwork updates
Moby Project
 
FaaS-and-Furious
FaaS-and-FuriousFaaS-and-Furious
FaaS-and-Furious
Moby Project
 
Notary - container signing
Notary - container signingNotary - container signing
Notary - container signing
Moby Project
 
Declare your infrastructure: InfraKit, LinuxKit and Moby
Declare your infrastructure: InfraKit, LinuxKit and MobyDeclare your infrastructure: InfraKit, LinuxKit and Moby
Declare your infrastructure: InfraKit, LinuxKit and Moby
Moby Project
 
Moby and kubernetes entitlements
Moby and kubernetes entitlementsMoby and kubernetes entitlements
Moby and kubernetes entitlements
Moby Project
 
Builder and BuildKit
Builder and BuildKitBuilder and BuildKit
Builder and BuildKit
Moby Project
 
OpenWhisk and IBM cloud functions
OpenWhisk and IBM cloud functionsOpenWhisk and IBM cloud functions
OpenWhisk and IBM cloud functions
Moby Project
 
LinuxKit and OpenOverlay
LinuxKit and OpenOverlayLinuxKit and OpenOverlay
LinuxKit and OpenOverlay
Moby Project
 

More from Moby Project (8)

Libnetwork updates
Libnetwork updatesLibnetwork updates
Libnetwork updates
 
FaaS-and-Furious
FaaS-and-FuriousFaaS-and-Furious
FaaS-and-Furious
 
Notary - container signing
Notary - container signingNotary - container signing
Notary - container signing
 
Declare your infrastructure: InfraKit, LinuxKit and Moby
Declare your infrastructure: InfraKit, LinuxKit and MobyDeclare your infrastructure: InfraKit, LinuxKit and Moby
Declare your infrastructure: InfraKit, LinuxKit and Moby
 
Moby and kubernetes entitlements
Moby and kubernetes entitlementsMoby and kubernetes entitlements
Moby and kubernetes entitlements
 
Builder and BuildKit
Builder and BuildKitBuilder and BuildKit
Builder and BuildKit
 
OpenWhisk and IBM cloud functions
OpenWhisk and IBM cloud functionsOpenWhisk and IBM cloud functions
OpenWhisk and IBM cloud functions
 
LinuxKit and OpenOverlay
LinuxKit and OpenOverlayLinuxKit and OpenOverlay
LinuxKit and OpenOverlay
 

Recently uploaded

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 

LinuxKit

  • 1. LinuxKit: the first six months
  • 2. What is LinuxKit? A toolkit for building secure, portable and lean operating systems for containers. ● uses Moby tooling to build system images ● everything is a container ● runs with Containerd 1.0 branch for over four months ● lightweight, fully customizable
  • 3. Some metrics ● 75 contributors! ● first maintainer appointed from the community ● 50 commits a week since DockerCon
  • 4. Platform support The community added support for so many platforms... ● LCOW ● Azure ● OpenStack ● VMware and vCenter ● Packet.net ● Vultr
  • 5. Lots of smaller improvements ● TPM support ● containers to run on clean shutdown ● fully immutable images, eg CD-ROM images ● 4.10, 4.11, 4.12 kernels, 4.13 coming soon ● namespace sharing for system containers ● rewrote a lot of shell scripts in Go for better maintainability ● OCI runtime spec 1.0
  • 6. What about the next six months? ● stable releases when we have Containerd 1.0 ● Docker desktop and cloud editions based on LinuxKit very soon ● more work on Kubernetes: infrakit integration for production ● production production production ● help wanted improving CI for multiple platforms ● tell us about your production use cases
  • 8. Security SIG Deep Dives ● WireGuard - graduated from projects! ● Type Safe System Daemons ● LandLock LSM ● Memorizer ● HPE okernel
  • 9. What’s next? LinuxKit Security ● Cultivate security community and testbed ● Directly contribute to upstream Linux development ○ XPFO ○ eBPF hardening ○ Namespacing IMA ● Talk with us if you are interested in upstream Linux security!