Abstract image of a woman sitting on books and studying on a laptop

LinuxKit

Download as PPTX, PDF
Moby Project, profile picture
Moby Project

LinuxKit is a toolkit for building secure, portable, and lean container-based operating systems. Over the past six months, it has gained 75 contributors and seen improvements like support for additional platforms, TPM support, immutable images, and newer kernel versions. Looking ahead, the next six months will focus on stable releases when Containerd 1.0 is available, using LinuxKit as the basis for Docker desktop and cloud editions, and expanding Kubernetes integration and production usage. The LinuxKit Security SIG has also deep dived several security projects and aims to contribute further to upstream Linux security.

Technology
1 of 10
Download to read offline
1
2
3
4
5
6
7
8
9
10
LinuxKit: the first six months
What is LinuxKit? A toolkit for building secure, portable and lean operating systems for containers. ● uses Moby tooling to build system images ● everything is a container ● runs with Containerd 1.0 branch for over four months ● lightweight, fully customizable
Some metrics ● 75 contributors! ● first maintainer appointed from the community ● 50 commits a week since DockerCon
Platform support The community added support for so many platforms... ● LCOW ● Azure ● OpenStack ● VMware and vCenter ● Packet.net ● Vultr
Lots of smaller improvements ● TPM support ● containers to run on clean shutdown ● fully immutable images, eg CD-ROM images ● 4.10, 4.11, 4.12 kernels, 4.13 coming soon ● namespace sharing for system containers ● rewrote a lot of shell scripts in Go for better maintainability ● OCI runtime spec 1.0
What about the next six months? ● stable releases when we have Containerd 1.0 ● Docker desktop and cloud editions based on LinuxKit very soon ● more work on Kubernetes: infrakit integration for production ● production production production ● help wanted improving CI for multiple platforms ● tell us about your production use cases
LinuxKit Security SIG
Security SIG Deep Dives ● WireGuard - graduated from projects! ● Type Safe System Daemons ● LandLock LSM ● Memorizer ● HPE okernel
What’s next? LinuxKit Security ● Cultivate security community and testbed ● Directly contribute to upstream Linux development ○ XPFO ○ eBPF hardening ○ Namespacing IMA ● Talk with us if you are interested in upstream Linux security!
@justincormack @riyazdfThank you!

More Related Content

PDF
The State of containerd
Moby Project
 
PDF
Using linuxKit to build custom rancherOS systems
Moby Project
 
PDF
Docker Engine Evolution: From Monolith to Discrete Components
Phil Estes
 
PPTX
CRI-containerd
Moby Project
 
PDF
Embedding Containerd For Fun and Profit
Phil Estes
 
PDF
It's 2018. Are My Containers Secure Yet!?
Phil Estes
 
ODP
LinuxKit Swarm Nodes
Moby Project
 
PDF
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Phil Estes
 
The State of containerd
Moby Project
 
Using linuxKit to build custom rancherOS systems
Moby Project
 
Docker Engine Evolution: From Monolith to Discrete Components
Phil Estes
 
CRI-containerd
Moby Project
 
Embedding Containerd For Fun and Profit
Phil Estes
 
It's 2018. Are My Containers Secure Yet!?
Phil Estes
 
LinuxKit Swarm Nodes
Moby Project
 
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Phil Estes
 

What's hot (20)

PPTX
Moby Summit introduction
Moby Project
 
PPTX
Introduction kubernetes 2017_12_24
Sam Zheng
 
PDF
CRI Runtimes Deep-Dive: Who's Running My Pod!?
Phil Estes
 
PDF
Introduction to Kubernetes
Ross Kukulinski
 
PDF
Kubernetes 架構與虛擬化之差異
inwin stack
 
PDF
An Open Source Story: Open Containers & Open Communities
Phil Estes
 
PDF
What's Running My Containers? A review of runtimes and standards.
Phil Estes
 
PDF
Project Atomic-Nulecule
Lalatendu Mohanty
 
PDF
Virtualization inside kubernetes
inwin stack
 
PPTX
State of Builder and Buildkit by Tonis Tiigi (Docker)
Docker, Inc.
 
PDF
Containerd Project Update: FOSDEM 2018
Phil Estes
 
PDF
Network plugins for kubernetes
inwin stack
 
PDF
Continuous integration with Docker and Ansible
Dmytro Slupytskyi
 
PDF
Looking Under The Hood: containerD
Docker, Inc.
 
PDF
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeAcademy
 
PDF
Project Moby
Neependra Khare
 
PDF
Kubernetes Basics & Monitoring
Mist.io
 
PDF
Docker London Meetup: Docker Engine Evolution
Phil Estes
 
PDF
Getting started with kubernetes
Janakiram MSV
 
PDF
Containers & container orchestration
Liviu Costea
 
Moby Summit introduction
Moby Project
 
Introduction kubernetes 2017_12_24
Sam Zheng
 
CRI Runtimes Deep-Dive: Who's Running My Pod!?
Phil Estes
 
Introduction to Kubernetes
Ross Kukulinski
 
Kubernetes 架構與虛擬化之差異
inwin stack
 
An Open Source Story: Open Containers & Open Communities
Phil Estes
 
What's Running My Containers? A review of runtimes and standards.
Phil Estes
 
Project Atomic-Nulecule
Lalatendu Mohanty
 
Virtualization inside kubernetes
inwin stack
 
State of Builder and Buildkit by Tonis Tiigi (Docker)
Docker, Inc.
 
Containerd Project Update: FOSDEM 2018
Phil Estes
 
Network plugins for kubernetes
inwin stack
 
Continuous integration with Docker and Ansible
Dmytro Slupytskyi
 
Looking Under The Hood: containerD
Docker, Inc.
 
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeAcademy
 
Project Moby
Neependra Khare
 
Kubernetes Basics & Monitoring
Mist.io
 
Docker London Meetup: Docker Engine Evolution
Phil Estes
 
Getting started with kubernetes
Janakiram MSV
 
Containers & container orchestration
Liviu Costea
 
Ad

Similar to LinuxKit (20)

PPTX
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
Docker, Inc.
 
PPTX
Moby Open Source Summit North America 2017
Patrick Chanezon
 
PDF
Container Runtimes: Comparing and Contrasting Today's Engines
Phil Estes
 
PDF
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
PDF
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Ambassador Labs
 
PDF
Speed & Agility of Innovation with Docker & Kubernetes
ICS
 
PDF
LinuxKit Deep Dive
Docker, Inc.
 
PDF
Introduction to Containers
Dharmit Shah
 
PDF
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Phil Estes
 
PPTX
Innovating Out in the Open
Dev_Events
 
PDF
DCSF19 How Docker Simplifies Kubernetes for the Masses
Docker, Inc.
 
PDF
Docker Container Introduction
Innfinision Cloud and BigData Solutions
 
PDF
Innovating Out In The Open - OSCON 2016
Phil Estes
 
PPTX
Moby KubeCon 2017
Patrick Chanezon
 
PDF
Docker Introduction - DevOps Montreal Meetup
Colin Surprenant
 
PDF
Craig Box (Google) - The road to Kubernetes 1.0
Outlyer
 
PDF
Intro to GitOps & Flux.pdf
Weaveworks
 
PDF
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
Ambassador Labs
 
PDF
Docker Concepts for Oracle/MySQL DBAs and DevOps
Zohar Elkayam
 
PPTX
Run automated tests in Docker
Oleksandr Metelytsia
 
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
Docker, Inc.
 
Moby Open Source Summit North America 2017
Patrick Chanezon
 
Container Runtimes: Comparing and Contrasting Today's Engines
Phil Estes
 
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Ambassador Labs
 
Speed & Agility of Innovation with Docker & Kubernetes
ICS
 
LinuxKit Deep Dive
Docker, Inc.
 
Introduction to Containers
Dharmit Shah
 
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Phil Estes
 
Innovating Out in the Open
Dev_Events
 
DCSF19 How Docker Simplifies Kubernetes for the Masses
Docker, Inc.
 
Docker Container Introduction
Innfinision Cloud and BigData Solutions
 
Innovating Out In The Open - OSCON 2016
Phil Estes
 
Moby KubeCon 2017
Patrick Chanezon
 
Docker Introduction - DevOps Montreal Meetup
Colin Surprenant
 
Craig Box (Google) - The road to Kubernetes 1.0
Outlyer
 
Intro to GitOps & Flux.pdf
Weaveworks
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
Ambassador Labs
 
Docker Concepts for Oracle/MySQL DBAs and DevOps
Zohar Elkayam
 
Run automated tests in Docker
Oleksandr Metelytsia
 
Ad

More from Moby Project (8)

PDF
Libnetwork updates
Moby Project
 
PDF
FaaS-and-Furious
Moby Project
 
PPTX
Notary - container signing
Moby Project
 
PDF
Declare your infrastructure: InfraKit, LinuxKit and Moby
Moby Project
 
PPTX
Moby and kubernetes entitlements
Moby Project
 
PDF
Builder and BuildKit
Moby Project
 
PDF
OpenWhisk and IBM cloud functions
Moby Project
 
PDF
LinuxKit and OpenOverlay
Moby Project
 
Libnetwork updates
Moby Project
 
FaaS-and-Furious
Moby Project
 
Notary - container signing
Moby Project
 
Declare your infrastructure: InfraKit, LinuxKit and Moby
Moby Project
 
Moby and kubernetes entitlements
Moby Project
 
Builder and BuildKit
Moby Project
 
OpenWhisk and IBM cloud functions
Moby Project
 
LinuxKit and OpenOverlay
Moby Project
 

Recently uploaded (20)

PDF
August Patch Tuesday
Ivanti
 
PDF
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
PDF
Hybrid horned lizard optimization algorithm-aquila optimizer for DC motor
IAESIJAI
 
PPTX
Benefits of Physical activity for teenagers.pptx
Nokwanda Thabethe
 
PDF
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
PDF
sustainability-14-14877-v2.pddhzftheheeeee
VenkateshGovindaraja9
 
PDF
A review of recent deep learning applications in wood surface defect identifi...
IAESIJAI
 
PPTX
Web Crawler for Trend Tracking Gen Z Insights.pptx
Actowiz Solustions
 
PDF
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
PDF
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
PDF
Five Habits of High-Impact Board Members
OnBoard
 
PDF
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
PDF
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
PPT
Geologic Time for studying geology for geologist
ssuser738f5a
 
PDF
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
PDF
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
PDF
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
PPTX
The various Industrial Revolutions .pptx
bandileshozi3
 
PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PPT
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 
August Patch Tuesday
Ivanti
 
Hindi spoken digit analysis for native and non-native speakers
IAESIJAI
 
Hybrid horned lizard optimization algorithm-aquila optimizer for DC motor
IAESIJAI
 
Benefits of Physical activity for teenagers.pptx
Nokwanda Thabethe
 
From MVP to Full-Scale Product A Startup’s Software Journey.pdf
KodekX
 
sustainability-14-14877-v2.pddhzftheheeeee
VenkateshGovindaraja9
 
A review of recent deep learning applications in wood surface defect identifi...
IAESIJAI
 
Web Crawler for Trend Tracking Gen Z Insights.pptx
Actowiz Solustions
 
Univ-Connecticut-ChatGPT-Presentaion.pdf
ry7r52mzb4
 
Architecture types and enterprise applications.pdf
ChristopherTHyatt
 
Five Habits of High-Impact Board Members
OnBoard
 
Video forgery: An extensive analysis of inter-and intra-frame manipulation al...
IAESIJAI
 
Zenith AI: Advanced Artificial Intelligence
Biz Preneurs
 
Geologic Time for studying geology for geologist
ssuser738f5a
 
Developing a website for English-speaking practice to English as a foreign la...
IAESIJAI
 
Microsoft Solutions Partner Drive Digital Transformation with D365.pdf
Microsoft Dynamics
 
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
The various Industrial Revolutions .pptx
bandileshozi3
 
Modernising the Digital Integration Hub
Daniel Toomey
 
Module 1.ppt Iot fundamentals and Architecture
nanditha7766
 

LinuxKit

  • 1. LinuxKit: the first six months
  • 2. What is LinuxKit? A toolkit for building secure, portable and lean operating systems for containers. ● uses Moby tooling to build system images ● everything is a container ● runs with Containerd 1.0 branch for over four months ● lightweight, fully customizable
  • 3. Some metrics ● 75 contributors! ● first maintainer appointed from the community ● 50 commits a week since DockerCon
  • 4. Platform support The community added support for so many platforms... ● LCOW ● Azure ● OpenStack ● VMware and vCenter ● Packet.net ● Vultr
  • 5. Lots of smaller improvements ● TPM support ● containers to run on clean shutdown ● fully immutable images, eg CD-ROM images ● 4.10, 4.11, 4.12 kernels, 4.13 coming soon ● namespace sharing for system containers ● rewrote a lot of shell scripts in Go for better maintainability ● OCI runtime spec 1.0
  • 6. What about the next six months? ● stable releases when we have Containerd 1.0 ● Docker desktop and cloud editions based on LinuxKit very soon ● more work on Kubernetes: infrakit integration for production ● production production production ● help wanted improving CI for multiple platforms ● tell us about your production use cases
  • 8. Security SIG Deep Dives ● WireGuard - graduated from projects! ● Type Safe System Daemons ● LandLock LSM ● Memorizer ● HPE okernel
  • 9. What’s next? LinuxKit Security ● Cultivate security community and testbed ● Directly contribute to upstream Linux development ○ XPFO ○ eBPF hardening ○ Namespacing IMA ● Talk with us if you are interested in upstream Linux security!