Linux container technologies (e.g. Docker, Kubernetes, LXC, etc.) perform virtualisation at the operating system level. While virtualisation over a shared operating system kernel is far from a new idea, Linux containers have been shown to be a good fit for many of today's cloud workloads. Google recently stated that they run "everything" within containers. The lightweight nature of container technology makes Google's workload practical: they start up more than two billion containers per week.
In this talk, after introducing container technology, I will discuss how recent "DevOp" tools, such as Vagrant, are making the management of Linux containers and other virtual machines increasingly straightforward. I will demonstrate how I use containers within my own teaching and research.
Finally, I will explore containers in terms of computer security. I will outline research that employs emerging CPU hardware to provide surprisingly strong security guarantees, despite containers' surface area for attack being larger than that of other forms of hardware virtualisation.
Last modified: Tuesday, 19-May-2015 13:47:05 NZST
This page is maintained by the seminar list administrator.