YoVDO

Send in the Chown - Systemd Containers in User Namespaces

Offered By: linux.conf.au via YouTube

Tags

linux.conf.au Courses Kubernetes Courses OpenShift Courses System Administration Courses Linux Security Courses Linux Containers Courses Systemd Courses Cgroups Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the challenges and solutions of running systemd-based workloads in containers in this 45-minute conference talk from linux.conf.au 2022. Dive into the security features of Linux kernels and Kubernetes that enable better container isolation. Learn about namespaces, cgroups, and the behavior of systemd in containers as the speaker shares their journey of porting a complex legacy application to Kubernetes. Gain insights into container runtimes, OCI specifications, and the future of containerized systemd deployments. Expect demonstrations and a deep dive into the technical aspects of container security and orchestration.

Syllabus

Intro
Preliminaries
What is a container?
Containers on linux
Container standards
OCI Runtime Specification
Kubernetes - container orchestration
Kubernetes - terminology
Kubernetes - Pod definition
OpenShift - terminology
OpenShift runtime environment (today)
FreelPA on Kubernetes/OpenShift - use cases
Runtime user namespaces
Runtime - user namespaces - Kubernetes support
Runtime - OCI cgroup ownership semantics
Runtime - cluster configuration (OCP 4.10) - 3/3
Status and future


Taught by

linux.conf.au

Related Courses

Linux Server Management and Security
University of Colorado System via Coursera Cybersecurity Roles, Processes & Operating System Security
IBM via Coursera Operating Systems and Security
IBM via edX Linux Security and Hardening, The Practical Security Guide.
Udemy The Complete Cyber Security Course : Hackers Exposed!
Udemy