Loading…
Attending this event?
NOTE: The event will be held in Central Daylight Time (CDT), UTC -5.

View More Details for Open Source Summit + Embedded Linux Conference North America 2020
Registration Information.
Back To Schedule
Tuesday, June 30 • 11:15am - 1:05pm
Tutorial: Using Linux Primitives to Build Your Own Containers - Stephane Graber & Christian Brauner, Canonical Ltd.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Most people are familiar with various container tools including Docker, LXC and LXD. But they rarely are familiar with the kernel features enabling those tools.

To better understand everything involved, we will be creating our own container, from scratch.

Starting to look at the various namespaces, what they do, how to use them together, then setting up a suitable filesystem, integrating with a LSM, do some privilege and capability dropping and putting restrictions in place with cgroups.

At every step, you will see what your container can do and what it probably shouldn't be allowed to do, through this experience you will get a better understanding of all the moving pieces that are put together to create a container.

Speakers
avatar for Stéphane Graber

Stéphane Graber

Project leader for LXD, Canonical Ltd.
Stéphane Graber is the engineering manager for the LXD team at Canonical Ltd. He is the upstream project leader for LXC and LXD and a frequent speaker and track leader at events related to containers and Linux. Stéphane is also a longtime contributor to the Ubuntu Linux distribution... Read More →
avatar for Christian Brauner

Christian Brauner

Senior Software Engineer, Canonical
Christian Brauner is a kernel developer and maintainer of the LXD and LXC projects currently working at Canonical. He works mostly upstream on the Linux Kernel maintaing various bits and pieces. He is strongly committed to working in the open, and an avid proponent of Free Software... Read More →


Tuesday June 30, 2020 11:15am - 1:05pm
Conference Room 7
Feedback form isn't open yet.