YoVDO

Running KubeVirt Workloads with No Additional Privileges

Offered By: Linux Foundation via YouTube

Tags

Conference Talks Courses Kubernetes Courses Virtualization Courses Security Policies Courses Container Security Courses Libvirt Courses Kubevirt Courses

Course Description

Overview

Explore the advancements in running KubeVirt workloads without additional privileges in this informative conference talk by Ľuboslav Pivarč from Red Hat. Dive into the journey of KubeVirt's evolution towards minimizing required capabilities for running virtual machines alongside containers on Kubernetes. Learn about the implementation of rootless user execution, seamless SELinux integration, and the challenges faced in achieving unprivileged networking. Discover the importance of considering security best practices when developing virtualization features, including the use of Linux Security Modules like SELinux and AppArmor. Gain insights into addressing issues related to storage, devices, and file capabilities, and understand the significance of Cell Linux in this context. Acquire valuable knowledge on enhancing security and efficiency in containerized and virtualized environments.

Syllabus

Introduction
Policy Spectrum
What is restricted
Unprivileged networking
How to address the problem
Running the workloads as normal
Security policies
Storage
Devices
Solution
Problem
File capabilities
File capabilities drawbacks
Cell Linux
Whats left
Outro


Taught by

Linux Foundation

Tags

Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube
Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube
Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube
What's New in Grails 2.0
ChariotSolutions via YouTube
Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube