Running KubeVirt Workloads with No Additional Privileges
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the advancements in running KubeVirt workloads without additional privileges in this informative conference talk by Ľuboslav Pivarč from Red Hat. Dive into the journey of KubeVirt's evolution towards minimizing required capabilities for running virtual machines alongside containers on Kubernetes. Learn about the implementation of rootless user execution, seamless SELinux integration, and the challenges faced in achieving unprivileged networking. Discover the importance of considering security best practices when developing virtualization features, including the use of Linux Security Modules like SELinux and AppArmor. Gain insights into addressing issues related to storage, devices, and file capabilities, and understand the significance of Cell Linux in this context. Acquire valuable knowledge on enhancing security and efficiency in containerized and virtualized environments.
Syllabus
Introduction
Policy Spectrum
What is restricted
Unprivileged networking
How to address the problem
Running the workloads as normal
Security policies
Storage
Devices
Solution
Problem
File capabilities
File capabilities drawbacks
Cell Linux
Whats left
Outro
Taught by
Linux Foundation
Tags
Related Courses
Amazon Aurora Service Primer (Traditional Chinese)Amazon Web Services via AWS Skill Builder Amazon DynamoDB Service Primer (Simplified Chinese)
Amazon Web Services via AWS Skill Builder Amazon DynamoDB Service Primer (Traditional Chinese)
Amazon Web Services via AWS Skill Builder Amazon ElastiCache Service Primer (Simplified Chinese)
Amazon Web Services via AWS Skill Builder Amazon Neptune Service Primer (Traditional Chinese)
Amazon Web Services via AWS Skill Builder