Nabla Containers - A New Approach to Container Isolation
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore a conference talk on Nabla Containers, a novel approach to container isolation presented by Brandon Lum and Ricardo Koller from IBM. Delve into the security concerns surrounding horizontal attacks in cloud environments and learn how Nabla Containers address these issues by leveraging library OS/unikernel techniques to reduce the attack surface on host kernels. Discover how this innovative solution allows popular applications like Node.js, Python, and Redis to run with only 9 syscalls via seccomp. Compare Nabla Containers' isolation and performance metrics against other technologies such as gVisor and Kata Containers. Gain insights into how this technology could potentially revolutionize container security and isolation in container-native cloud environments.
Syllabus
Nabla Containers: A New Approach to Container Isolation - Brandon Lum & Ricardo Koller, IBM
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Secure and Fast MicroVM for Serverless ComputingGOTO Conferences via YouTube KVM Status Update and Kata Containers - Keynote Sessions
Linux Foundation via YouTube Introducing SPDK Vhost FUSE Target for Accelerated File Access in VMs and Containers
Linux Foundation via YouTube From Secure Container to Secure Service
Linux Foundation via YouTube Build Serverless with Kubernetes, Kata Containers and Bare Metal Cloud - Alibaba's Approach
Linux Foundation via YouTube