SlideShare a Scribd company logo

Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf

null - The Open Security Community
null - The Open Security Community

Talk on "Immutable Desktop using Container Orchestration" by "Mohammed Danish Amber" at null/OWASP Kolkata Meetup on 27 January 2024

Technology
1 of 12
Download to read offline
By Mohammed Danish Amber IMMUTABLE DESKTOP USING CONTAINER ORCHESTRATION
ABOUT ME ▪ Mohammed Danish Amber ▪ Project Manager (Cognizant) ▪ Security Researcher | IOT Hacker | OSS Contributor ▪ EX NULL HYDERBAD CORE Member/Moderator ▪ www.mohammeddanishamber.com ▪ me@mohammeddanishamber.com
WHAT IS CONTAINER ▪ A container is a standard unit of software that packages up code and all its dependencies, so the application runs quickly and reliably from one computing environment to another. ▪ A Docker container image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings. ▪ Container images become containers at runtime and in the case of Docker containers – images become containers when they run on Docker Engine. ▪ Available for both Linux and Windows-based applications, containerized software will always run the same, regardless of the infrastructure. ▪ Containers isolate software from its environment and ensure that it works uniformly despite differences for instance between development and staging.
CONTAINER & VIRTUAL MACHINE Containers are an abstraction at the app layer that packages code and dependencies together. Multiple containers can run on the same machine and share the OS kernel with other containers, each running as isolated processes in user space. Containers take up less space than VMs (container images are typically tens of MBs in size), can handle more applications and require fewer VMs and Operating systems. Virtual machines (VMs) are an abstraction of physical hardware turning one server into many servers. The hypervisor allows multiple VMs to run on a single machine. Each VM includes a full copy of an operating system, the application, necessary binaries and libraries – taking up tens of GBs. VMs can also be slow to boot.
CONTAINER ENGINES ▪ DOCKER ▪ docker.com ▪ docker.io ▪ PODMAN ▪ podman.io ▪ LXC & LXD ▪ linuxcontainers.org ▪ canonical.com/lxd ▪ OPENSHIFT ▪ redhat.com/en/technologies/cloud- computing/openshift ▪ Kubernetes ▪ kubernetes.io ▪ Rancher ▪ rancher.com ▪ Others ▪ alternativeto.net/software/docker
UNDERSTANDING IMMUTABLE DESKTOP ▪ Not changing,or unable to be changed ▪ Formally defined,an immutable Linux OS (also known as Immutable Infrastructure or Immutable Deployment) is an operating system designed to be unchangeable and read-only. ▪ This means that once the operating system has been installed,the system files and directories cannot be modified.Any changes made to the system are temporary and lost when the system is rebooted. ▪ Immutable systems are particularly useful in environments where security is a top priority, such as cloud computing,embedded systems, kiosks,and container execution
ADVANTAGES ▪ SECURITY ▪ It’s not possible to tamper with the runtime OS. Changes, if accepted, are discarded on the next reboot. ▪ This means that if a hacker or a malicious actor gains access to the system, they cannot make permanent changes that could compromise the system’s security. ▪ MAINTENANCE ▪ Immutable systems is easier because they do not require regular updates or patches at the atomic package level. ▪ Instead, the entire OS is updated, like how updates are handled on Android phones. ▪ RELIABLE ▪ The system is read-only, it is more reliable and less prone to failure. ▪ A declarative configuration model is usually tied to it, simplifying the configuration of the OS when orchestrated with other tools such as Ansible, Terraform, or similar.
IMMUTABLE OS Solution Based on Update Model Target Environment CoreOS Gentoo Transactional Updates Cloud Talos Nothing Container image update Cloud, Containers, General purpose K3OS Alpine A/B Cloud, Containers Project Atomic CentOS Layered Packages Containers Ubuntu Core Ubuntu Transactional Updates IoT, Embedded Systems RancherOS Linux Docker for System Processes Containers Flatcar Container Linux CoreOS Transactional Updates Cloud Red Hat Atomic Host Red Hat Transactional Updates Cloud, optimized for running containers SLE Micro SUSE Transactional Updates Containers, Cloud, Edge, General purpose MicroOS openSUSE Transactional Updates Desktop, Containers, Cloud, Edge, General purpose Fedora Silverblue Fedora Transactional Updates Desktop, Containers Photon OS Linux Immutable File System Cloud Kairos Any Linux distribution Immutable File System Cloud, Edge, General purpose
IMMUTABLE DESKTOP CONTAINER ▪ KASM WORKSPACES ▪ The Container Streaming Platform ▪ Streaming containerized apps and desktops to end-users.The Workspaces platform provides enterprise-class orchestration, data loss prevention, and web streaming technology to enable the delivery of containerized workloads to your browser. ▪ kasmweb.com ▪ Webtop ▪ Alpine, Ubuntu, Fedora, and Arch based containers containing full desktop environments in officially supported flavors accessible via any modern web browser. ▪ linuxserver.io/ ▪ hub.docker.com/r/linuxserver/webtop
KASM WORKSPACES THE CONTAINER STREAMING PLATFORM DESKTOP AS A SERVICE ZERO-TRUST BROWSER ISOLATION APP STREAMING OPEN SOURCE
Q&A
HOW I DID IT?

Recommended

Docker handons-workshop-for-charity
Docker handons-workshop-for-charityDocker handons-workshop-for-charity
Docker handons-workshop-for-charityYusuf Hadiwinata Sutandar
 
Docker Understanding, What is Docker? Why Docker? How do I containerize somet...
Docker Understanding, What is Docker? Why Docker? How do I containerize somet...Docker Understanding, What is Docker? Why Docker? How do I containerize somet...
Docker Understanding, What is Docker? Why Docker? How do I containerize somet...Yogesh Wadile
 
Docker - A curtain raiser to the Container world
Docker - A curtain raiser to the Container worldDocker - A curtain raiser to the Container world
Docker - A curtain raiser to the Container worldzekeLabs Technologies
 
Week 8 lecture material
Week 8 lecture materialWeek 8 lecture material
Week 8 lecture materialAnkit Gupta
 
What is Docker?
What is Docker?What is Docker?
What is Docker?Shubhrank Rastogi
 
Containers and Docker
Containers and DockerContainers and Docker
Containers and DockerDamian T. Gordon
 
Docker 101 for Oracle DBAs - Oracle OpenWorld 2017
Docker 101 for Oracle DBAs - Oracle OpenWorld 2017Docker 101 for Oracle DBAs - Oracle OpenWorld 2017
Docker 101 for Oracle DBAs - Oracle OpenWorld 2017Adeesh Fulay
 
Docker introduction
Docker introductionDocker introduction
Docker introductionMarcelo Ochoa
 

Recommended

Docker handons-workshop-for-charity
Docker handons-workshop-for-charityDocker handons-workshop-for-charity
Docker handons-workshop-for-charityYusuf Hadiwinata Sutandar
 
Docker Understanding, What is Docker? Why Docker? How do I containerize somet...
Docker Understanding, What is Docker? Why Docker? How do I containerize somet...Docker Understanding, What is Docker? Why Docker? How do I containerize somet...
Docker Understanding, What is Docker? Why Docker? How do I containerize somet...Yogesh Wadile
 
Docker - A curtain raiser to the Container world
Docker - A curtain raiser to the Container worldDocker - A curtain raiser to the Container world
Docker - A curtain raiser to the Container worldzekeLabs Technologies
 
Week 8 lecture material
Week 8 lecture materialWeek 8 lecture material
Week 8 lecture materialAnkit Gupta
 
What is Docker?
What is Docker?What is Docker?
What is Docker?Shubhrank Rastogi
 
Containers and Docker
Containers and DockerContainers and Docker
Containers and DockerDamian T. Gordon
 
Docker 101 for Oracle DBAs - Oracle OpenWorld 2017
Docker 101 for Oracle DBAs - Oracle OpenWorld 2017Docker 101 for Oracle DBAs - Oracle OpenWorld 2017
Docker 101 for Oracle DBAs - Oracle OpenWorld 2017Adeesh Fulay
 
Docker introduction
Docker introductionDocker introduction
Docker introductionMarcelo Ochoa
 
Journey to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshiftJourney to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshiftYusuf Hadiwinata Sutandar
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to DockerAditya Konarde
 
Docker Container Introduction
Docker Container IntroductionDocker Container Introduction
Docker Container IntroductionInnfinision Cloud and BigData Solutions
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with DockerAndrey Hristov
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with DockerAndrey Hristov
 
Introduction to Docker Container
Introduction to Docker ContainerIntroduction to Docker Container
Introduction to Docker ContainerSamsul Ma'arif
 
Docker-Intro
Docker-IntroDocker-Intro
Docker-IntroSujai Sivasamy
 
Docker
DockerDocker
DockerCharlie Cai
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deploymentjavaonfly
 
Hadoop on Dockers
Hadoop on DockersHadoop on Dockers
Hadoop on DockersRajiv Kumar
 
Docker Overview
Docker OverviewDocker Overview
Docker OverviewAlexander Moon
 
Docker for Professionals: The Practical Guide
Docker for Professionals: The Practical GuideDocker for Professionals: The Practical Guide
Docker for Professionals: The Practical GuidePaddy Lock
 
Docker up and Running For Web Developers
Docker up and Running For Web DevelopersDocker up and Running For Web Developers
Docker up and Running For Web DevelopersBADR
 
Docker Up and Running for Web Developers
Docker Up and Running for Web DevelopersDocker Up and Running for Web Developers
Docker Up and Running for Web DevelopersAmr Fawzy
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerAniekan Akpaffiong
 
Docker intro
Docker introDocker intro
Docker introNoelMc Grath
 
Docker - HieuHoang
Docker - HieuHoangDocker - HieuHoang
Docker - HieuHoangHieu Hoang
 
The Docker Ecosystem
The Docker EcosystemThe Docker Ecosystem
The Docker EcosystemDmitry Skaredov
 
OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...
OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...
OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...NETWAYS
 
OpenNebulaConf 2014 - Cloud Automation for OpenNebula - Kishorekumar Neelamegam
OpenNebulaConf 2014 - Cloud Automation for OpenNebula - Kishorekumar NeelamegamOpenNebulaConf 2014 - Cloud Automation for OpenNebula - Kishorekumar Neelamegam
OpenNebulaConf 2014 - Cloud Automation for OpenNebula - Kishorekumar NeelamegamOpenNebula Project
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxnull - The Open Security Community
 

More Related Content

Similar to Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf

Journey to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshiftJourney to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshiftYusuf Hadiwinata Sutandar
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to DockerAditya Konarde
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with DockerAndrey Hristov
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with DockerAndrey Hristov
 
Introduction to Docker Container
Introduction to Docker ContainerIntroduction to Docker Container
Introduction to Docker ContainerSamsul Ma'arif
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deploymentjavaonfly
 
Hadoop on Dockers
Hadoop on DockersHadoop on Dockers
Hadoop on DockersRajiv Kumar
 
Docker for Professionals: The Practical Guide
Docker for Professionals: The Practical GuideDocker for Professionals: The Practical Guide
Docker for Professionals: The Practical GuidePaddy Lock
 
Docker up and Running For Web Developers
Docker up and Running For Web DevelopersDocker up and Running For Web Developers
Docker up and Running For Web DevelopersBADR
 
Docker Up and Running for Web Developers
Docker Up and Running for Web DevelopersDocker Up and Running for Web Developers
Docker Up and Running for Web DevelopersAmr Fawzy
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerAniekan Akpaffiong
 
Docker - HieuHoang
Docker - HieuHoangDocker - HieuHoang
Docker - HieuHoangHieu Hoang
 
OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...
OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...
OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...NETWAYS
 
OpenNebulaConf 2014 - Cloud Automation for OpenNebula - Kishorekumar Neelamegam
OpenNebulaConf 2014 - Cloud Automation for OpenNebula - Kishorekumar NeelamegamOpenNebulaConf 2014 - Cloud Automation for OpenNebula - Kishorekumar Neelamegam
OpenNebulaConf 2014 - Cloud Automation for OpenNebula - Kishorekumar NeelamegamOpenNebula Project
 

Similar to Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf (20)

Journey to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshiftJourney to the devops automation with docker kubernetes and openshift
Journey to the devops automation with docker kubernetes and openshift
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Docker Container Introduction
Docker Container IntroductionDocker Container Introduction
Docker Container Introduction
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with Docker
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with Docker
 
Introduction to Docker Container
Introduction to Docker ContainerIntroduction to Docker Container
Introduction to Docker Container
 
Docker-Intro
Docker-IntroDocker-Intro
Docker-Intro
 
Docker
DockerDocker
Docker
 
Docker - Portable Deployment
Docker - Portable DeploymentDocker - Portable Deployment
Docker - Portable Deployment
 
Hadoop on Dockers
Hadoop on DockersHadoop on Dockers
Hadoop on Dockers
 
Docker Overview
Docker OverviewDocker Overview
Docker Overview
 
Docker for Professionals: The Practical Guide
Docker for Professionals: The Practical GuideDocker for Professionals: The Practical Guide
Docker for Professionals: The Practical Guide
 
Docker up and Running For Web Developers
Docker up and Running For Web DevelopersDocker up and Running For Web Developers
Docker up and Running For Web Developers
 
Docker Up and Running for Web Developers
Docker Up and Running for Web DevelopersDocker Up and Running for Web Developers
Docker Up and Running for Web Developers
 
The ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of DockerThe ABC of Docker: The Absolute Best Compendium of Docker
The ABC of Docker: The Absolute Best Compendium of Docker
 
Docker intro
Docker introDocker intro
Docker intro
 
Docker - HieuHoang
Docker - HieuHoangDocker - HieuHoang
Docker - HieuHoang
 
The Docker Ecosystem
The Docker EcosystemThe Docker Ecosystem
The Docker Ecosystem
 
OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...
OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...
OpenNebula Conf 2014 | Cloud Automation for OpenNebula by Kishorekumar Neelam...
 
OpenNebulaConf 2014 - Cloud Automation for OpenNebula - Kishorekumar Neelamegam
OpenNebulaConf 2014 - Cloud Automation for OpenNebula - Kishorekumar NeelamegamOpenNebulaConf 2014 - Cloud Automation for OpenNebula - Kishorekumar Neelamegam
OpenNebulaConf 2014 - Cloud Automation for OpenNebula - Kishorekumar Neelamegam
 

More from null - The Open Security Community

Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdfDigital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdfnull - The Open Security Community
 
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...null - The Open Security Community
 
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptxReverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptxnull - The Open Security Community
 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...null - The Open Security Community
 
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptxDemystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptxnull - The Open Security Community
 

More from null - The Open Security Community (18)

Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
Hardware-Hacking-101 By Asutosh Kumar.pdf
Hardware-Hacking-101 By Asutosh Kumar.pdfHardware-Hacking-101 By Asutosh Kumar.pdf
Hardware-Hacking-101 By Asutosh Kumar.pdf
 
Demystifying-DNS-Attack-by-Rakesh Seal.pdf
Demystifying-DNS-Attack-by-Rakesh Seal.pdfDemystifying-DNS-Attack-by-Rakesh Seal.pdf
Demystifying-DNS-Attack-by-Rakesh Seal.pdf
 
Recon for Bug Bounty by Agnibha Dutta.pdf
Recon for Bug Bounty by Agnibha Dutta.pdfRecon for Bug Bounty by Agnibha Dutta.pdf
Recon for Bug Bounty by Agnibha Dutta.pdf
 
A talk on OWASP Top 10 by Mukunda Tamly
A talk on OWASP Top 10 by Mukunda TamlyA talk on OWASP Top 10 by Mukunda Tamly
A talk on OWASP Top 10 by Mukunda Tamly
 
The Mysterious Paradigm of Fuzzing by Rakesh Seal
The Mysterious Paradigm of Fuzzing by Rakesh SealThe Mysterious Paradigm of Fuzzing by Rakesh Seal
The Mysterious Paradigm of Fuzzing by Rakesh Seal
 
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdfDigital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
Digital Personal Data Protection Act 2023 by S Ramakrishnan.pdf
 
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
Beyond Boundaries-The Power of Zero Trust Networking By Mohammed Danish Amber...
 
Cyber_Forensics_in_the_New_Age_of_Cyber_Security.pdf
Cyber_Forensics_in_the_New_Age_of_Cyber_Security.pdfCyber_Forensics_in_the_New_Age_of_Cyber_Security.pdf
Cyber_Forensics_in_the_New_Age_of_Cyber_Security.pdf
 
GSM-CallFlowAndSecurity Features (2G-3G-4G).pptx
GSM-CallFlowAndSecurity Features (2G-3G-4G).pptxGSM-CallFlowAndSecurity Features (2G-3G-4G).pptx
GSM-CallFlowAndSecurity Features (2G-3G-4G).pptx
 
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptxReverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
Reverse Engineering and It’s Basic by Prasenjit Kanti Paul.pptx
 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...
 
Evolution of Hacking- Ronit Chakraborty .pptx
Evolution of Hacking- Ronit Chakraborty .pptxEvolution of Hacking- Ronit Chakraborty .pptx
Evolution of Hacking- Ronit Chakraborty .pptx
 
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptxDemystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
Demystifying Cyber Threat Intelligence -Debraj Dey Null_OWASP kolkata .pptx
 
C&C Framework- Ayan Saha.pptx
C&C Framework- Ayan Saha.pptxC&C Framework- Ayan Saha.pptx
C&C Framework- Ayan Saha.pptx
 

Recently uploaded

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 

Recently uploaded (20)

The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 

Immutable Desktop using Container Orchestration By Mohammed Danish Amber .pdf

  • 1. By Mohammed Danish Amber IMMUTABLE DESKTOP USING CONTAINER ORCHESTRATION
  • 2. ABOUT ME ▪ Mohammed Danish Amber ▪ Project Manager (Cognizant) ▪ Security Researcher | IOT Hacker | OSS Contributor ▪ EX NULL HYDERBAD CORE Member/Moderator ▪ www.mohammeddanishamber.com ▪ me@mohammeddanishamber.com
  • 3. WHAT IS CONTAINER ▪ A container is a standard unit of software that packages up code and all its dependencies, so the application runs quickly and reliably from one computing environment to another. ▪ A Docker container image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings. ▪ Container images become containers at runtime and in the case of Docker containers – images become containers when they run on Docker Engine. ▪ Available for both Linux and Windows-based applications, containerized software will always run the same, regardless of the infrastructure. ▪ Containers isolate software from its environment and ensure that it works uniformly despite differences for instance between development and staging.
  • 4. CONTAINER & VIRTUAL MACHINE Containers are an abstraction at the app layer that packages code and dependencies together. Multiple containers can run on the same machine and share the OS kernel with other containers, each running as isolated processes in user space. Containers take up less space than VMs (container images are typically tens of MBs in size), can handle more applications and require fewer VMs and Operating systems. Virtual machines (VMs) are an abstraction of physical hardware turning one server into many servers. The hypervisor allows multiple VMs to run on a single machine. Each VM includes a full copy of an operating system, the application, necessary binaries and libraries – taking up tens of GBs. VMs can also be slow to boot.
  • 5. CONTAINER ENGINES ▪ DOCKER ▪ docker.com ▪ docker.io ▪ PODMAN ▪ podman.io ▪ LXC & LXD ▪ linuxcontainers.org ▪ canonical.com/lxd ▪ OPENSHIFT ▪ redhat.com/en/technologies/cloud- computing/openshift ▪ Kubernetes ▪ kubernetes.io ▪ Rancher ▪ rancher.com ▪ Others ▪ alternativeto.net/software/docker
  • 6. UNDERSTANDING IMMUTABLE DESKTOP ▪ Not changing,or unable to be changed ▪ Formally defined,an immutable Linux OS (also known as Immutable Infrastructure or Immutable Deployment) is an operating system designed to be unchangeable and read-only. ▪ This means that once the operating system has been installed,the system files and directories cannot be modified.Any changes made to the system are temporary and lost when the system is rebooted. ▪ Immutable systems are particularly useful in environments where security is a top priority, such as cloud computing,embedded systems, kiosks,and container execution
  • 7. ADVANTAGES ▪ SECURITY ▪ It’s not possible to tamper with the runtime OS. Changes, if accepted, are discarded on the next reboot. ▪ This means that if a hacker or a malicious actor gains access to the system, they cannot make permanent changes that could compromise the system’s security. ▪ MAINTENANCE ▪ Immutable systems is easier because they do not require regular updates or patches at the atomic package level. ▪ Instead, the entire OS is updated, like how updates are handled on Android phones. ▪ RELIABLE ▪ The system is read-only, it is more reliable and less prone to failure. ▪ A declarative configuration model is usually tied to it, simplifying the configuration of the OS when orchestrated with other tools such as Ansible, Terraform, or similar.
  • 8. IMMUTABLE OS Solution Based on Update Model Target Environment CoreOS Gentoo Transactional Updates Cloud Talos Nothing Container image update Cloud, Containers, General purpose K3OS Alpine A/B Cloud, Containers Project Atomic CentOS Layered Packages Containers Ubuntu Core Ubuntu Transactional Updates IoT, Embedded Systems RancherOS Linux Docker for System Processes Containers Flatcar Container Linux CoreOS Transactional Updates Cloud Red Hat Atomic Host Red Hat Transactional Updates Cloud, optimized for running containers SLE Micro SUSE Transactional Updates Containers, Cloud, Edge, General purpose MicroOS openSUSE Transactional Updates Desktop, Containers, Cloud, Edge, General purpose Fedora Silverblue Fedora Transactional Updates Desktop, Containers Photon OS Linux Immutable File System Cloud Kairos Any Linux distribution Immutable File System Cloud, Edge, General purpose
  • 9. IMMUTABLE DESKTOP CONTAINER ▪ KASM WORKSPACES ▪ The Container Streaming Platform ▪ Streaming containerized apps and desktops to end-users.The Workspaces platform provides enterprise-class orchestration, data loss prevention, and web streaming technology to enable the delivery of containerized workloads to your browser. ▪ kasmweb.com ▪ Webtop ▪ Alpine, Ubuntu, Fedora, and Arch based containers containing full desktop environments in officially supported flavors accessible via any modern web browser. ▪ linuxserver.io/ ▪ hub.docker.com/r/linuxserver/webtop
  • 10. KASM WORKSPACES THE CONTAINER STREAMING PLATFORM DESKTOP AS A SERVICE ZERO-TRUST BROWSER ISOLATION APP STREAMING OPEN SOURCE
  • 11. Q&A
  • 12. HOW I DID IT?