SlideShare a Scribd company logo

LinuxKit

Download as PPTX, PDF
Moby Project, profile picture
Moby Project

LinuxKit is a toolkit for building secure, portable, and lean container-based operating systems. Over the past six months, it has gained 75 contributors and seen improvements like support for additional platforms, TPM support, immutable images, and newer kernel versions. Looking ahead, the next six months will focus on stable releases when Containerd 1.0 is available, using LinuxKit as the basis for Docker desktop and cloud editions, and expanding Kubernetes integration and production usage. The LinuxKit Security SIG has also deep dived several security projects and aims to contribute further to upstream Linux security.

Technology
1 of 10
Download to read offline
1
2
3
4
5
6
7
8
9
10
LinuxKit: the first six months
What is LinuxKit? A toolkit for building secure, portable and lean operating systems for containers. ● uses Moby tooling to build system images ● everything is a container ● runs with Containerd 1.0 branch for over four months ● lightweight, fully customizable
Some metrics ● 75 contributors! ● first maintainer appointed from the community ● 50 commits a week since DockerCon
Platform support The community added support for so many platforms... ● LCOW ● Azure ● OpenStack ● VMware and vCenter ● Packet.net ● Vultr
Lots of smaller improvements ● TPM support ● containers to run on clean shutdown ● fully immutable images, eg CD-ROM images ● 4.10, 4.11, 4.12 kernels, 4.13 coming soon ● namespace sharing for system containers ● rewrote a lot of shell scripts in Go for better maintainability ● OCI runtime spec 1.0
What about the next six months? ● stable releases when we have Containerd 1.0 ● Docker desktop and cloud editions based on LinuxKit very soon ● more work on Kubernetes: infrakit integration for production ● production production production ● help wanted improving CI for multiple platforms ● tell us about your production use cases
LinuxKit Security SIG
Security SIG Deep Dives ● WireGuard - graduated from projects! ● Type Safe System Daemons ● LandLock LSM ● Memorizer ● HPE okernel
What’s next? LinuxKit Security ● Cultivate security community and testbed ● Directly contribute to upstream Linux development ○ XPFO ○ eBPF hardening ○ Namespacing IMA ● Talk with us if you are interested in upstream Linux security!
@justincormack @riyazdfThank you!

More Related Content

PDF
The State of containerd
Moby Project
 
PDF
Using linuxKit to build custom rancherOS systems
Moby Project
 
PDF
Docker Engine Evolution: From Monolith to Discrete Components
Phil Estes
 
PPTX
CRI-containerd
Moby Project
 
PDF
Embedding Containerd For Fun and Profit
Phil Estes
 
PDF
It's 2018. Are My Containers Secure Yet!?
Phil Estes
 
ODP
LinuxKit Swarm Nodes
Moby Project
 
PDF
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Phil Estes
 
The State of containerd
Moby Project
 
Using linuxKit to build custom rancherOS systems
Moby Project
 
Docker Engine Evolution: From Monolith to Discrete Components
Phil Estes
 
CRI-containerd
Moby Project
 
Embedding Containerd For Fun and Profit
Phil Estes
 
It's 2018. Are My Containers Secure Yet!?
Phil Estes
 
LinuxKit Swarm Nodes
Moby Project
 
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Phil Estes
 

What's hot (20)

PPTX
Moby Summit introduction
Moby Project
 
PPTX
Introduction kubernetes 2017_12_24
Sam Zheng
 
PDF
CRI Runtimes Deep-Dive: Who's Running My Pod!?
Phil Estes
 
PDF
Introduction to Kubernetes
Ross Kukulinski
 
PDF
Kubernetes 架構與虛擬化之差異
inwin stack
 
PDF
An Open Source Story: Open Containers & Open Communities
Phil Estes
 
PDF
What's Running My Containers? A review of runtimes and standards.
Phil Estes
 
PDF
Project Atomic-Nulecule
Lalatendu Mohanty
 
PDF
Virtualization inside kubernetes
inwin stack
 
PPTX
State of Builder and Buildkit by Tonis Tiigi (Docker)
Docker, Inc.
 
PDF
Containerd Project Update: FOSDEM 2018
Phil Estes
 
PDF
Network plugins for kubernetes
inwin stack
 
PDF
Continuous integration with Docker and Ansible
Dmytro Slupytskyi
 
PDF
Looking Under The Hood: containerD
Docker, Inc.
 
PDF
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeAcademy
 
PDF
Project Moby
Neependra Khare
 
PDF
Kubernetes Basics & Monitoring
Mist.io
 
PDF
Docker London Meetup: Docker Engine Evolution
Phil Estes
 
PDF
Getting started with kubernetes
Janakiram MSV
 
PDF
Containers & container orchestration
Liviu Costea
 
Moby Summit introduction
Moby Project
 
Introduction kubernetes 2017_12_24
Sam Zheng
 
CRI Runtimes Deep-Dive: Who's Running My Pod!?
Phil Estes
 
Introduction to Kubernetes
Ross Kukulinski
 
Kubernetes 架構與虛擬化之差異
inwin stack
 
An Open Source Story: Open Containers & Open Communities
Phil Estes
 
What's Running My Containers? A review of runtimes and standards.
Phil Estes
 
Project Atomic-Nulecule
Lalatendu Mohanty
 
Virtualization inside kubernetes
inwin stack
 
State of Builder and Buildkit by Tonis Tiigi (Docker)
Docker, Inc.
 
Containerd Project Update: FOSDEM 2018
Phil Estes
 
Network plugins for kubernetes
inwin stack
 
Continuous integration with Docker and Ansible
Dmytro Slupytskyi
 
Looking Under The Hood: containerD
Docker, Inc.
 
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeAcademy
 
Project Moby
Neependra Khare
 
Kubernetes Basics & Monitoring
Mist.io
 
Docker London Meetup: Docker Engine Evolution
Phil Estes
 
Getting started with kubernetes
Janakiram MSV
 
Containers & container orchestration
Liviu Costea
 
Ad

Similar to LinuxKit (20)

PPTX
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
Docker, Inc.
 
PPTX
Moby Open Source Summit North America 2017
Patrick Chanezon
 
PDF
Container Runtimes: Comparing and Contrasting Today's Engines
Phil Estes
 
PDF
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
PDF
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Ambassador Labs
 
PDF
Speed & Agility of Innovation with Docker & Kubernetes
ICS
 
PDF
LinuxKit Deep Dive
Docker, Inc.
 
PDF
Introduction to Containers
Dharmit Shah
 
PDF
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Phil Estes
 
PPTX
Innovating Out in the Open
Dev_Events
 
PDF
DCSF19 How Docker Simplifies Kubernetes for the Masses
Docker, Inc.
 
PDF
Docker Container Introduction
Innfinision Cloud and BigData Solutions
 
PDF
Innovating Out In The Open - OSCON 2016
Phil Estes
 
PPTX
Moby KubeCon 2017
Patrick Chanezon
 
PDF
Docker Introduction - DevOps Montreal Meetup
Colin Surprenant
 
PDF
Craig Box (Google) - The road to Kubernetes 1.0
Outlyer
 
PDF
Intro to GitOps & Flux.pdf
Weaveworks
 
PDF
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
Ambassador Labs
 
PDF
Docker Concepts for Oracle/MySQL DBAs and DevOps
Zohar Elkayam
 
PPTX
Run automated tests in Docker
Oleksandr Metelytsia
 
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
Docker, Inc.
 
Moby Open Source Summit North America 2017
Patrick Chanezon
 
Container Runtimes: Comparing and Contrasting Today's Engines
Phil Estes
 
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Ambassador Labs
 
Speed & Agility of Innovation with Docker & Kubernetes
ICS
 
LinuxKit Deep Dive
Docker, Inc.
 
Introduction to Containers
Dharmit Shah
 
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Phil Estes
 
Innovating Out in the Open
Dev_Events
 
DCSF19 How Docker Simplifies Kubernetes for the Masses
Docker, Inc.
 
Docker Container Introduction
Innfinision Cloud and BigData Solutions
 
Innovating Out In The Open - OSCON 2016
Phil Estes
 
Moby KubeCon 2017
Patrick Chanezon
 
Docker Introduction - DevOps Montreal Meetup
Colin Surprenant
 
Craig Box (Google) - The road to Kubernetes 1.0
Outlyer
 
Intro to GitOps & Flux.pdf
Weaveworks
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
Ambassador Labs
 
Docker Concepts for Oracle/MySQL DBAs and DevOps
Zohar Elkayam
 
Run automated tests in Docker
Oleksandr Metelytsia
 
Ad

More from Moby Project (8)

PDF
Libnetwork updates
Moby Project
 
PDF
FaaS-and-Furious
Moby Project
 
PPTX
Notary - container signing
Moby Project
 
PDF
Declare your infrastructure: InfraKit, LinuxKit and Moby
Moby Project
 
PPTX
Moby and kubernetes entitlements
Moby Project
 
PDF
Builder and BuildKit
Moby Project
 
PDF
OpenWhisk and IBM cloud functions
Moby Project
 
PDF
LinuxKit and OpenOverlay
Moby Project
 
Libnetwork updates
Moby Project
 
FaaS-and-Furious
Moby Project
 
Notary - container signing
Moby Project
 
Declare your infrastructure: InfraKit, LinuxKit and Moby
Moby Project
 
Moby and kubernetes entitlements
Moby Project
 
Builder and BuildKit
Moby Project
 
OpenWhisk and IBM cloud functions
Moby Project
 
LinuxKit and OpenOverlay
Moby Project
 

Recently uploaded (20)

PDF
REPORT: Heating appliances market in Poland 2024
SPIUG
 
PDF
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
PDF
Advances in Ultra High Voltage (UHV) Transmission and Distribution Systems.pdf
Nabajyoti Banik
 
PDF
Make GenAI investments go further with the Dell AI Factory
Principled Technologies
 
PDF
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
PDF
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
PDF
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
PDF
Data_Analytics_vs_Data_Science_vs_BI_by_CA_Suvidha_Chaplot.pdf
CA Suvidha Chaplot
 
PPTX
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
PDF
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
PDF
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
PPTX
The-Ethical-Hackers-Imperative-Safeguarding-the-Digital-Frontier.pptx
sujalchauhan1305
 
PDF
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
PDF
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
PDF
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
PDF
Brief History of Internet - Early Days of Internet
sutharharshit158
 
PDF
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
PDF
Economic Impact of Data Centres to the Malaysian Economy
flintglobalapac
 
PPTX
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
PDF
Software Development Methodologies in 2025
KodekX
 
REPORT: Heating appliances market in Poland 2024
SPIUG
 
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
Advances in Ultra High Voltage (UHV) Transmission and Distribution Systems.pdf
Nabajyoti Banik
 
Make GenAI investments go further with the Dell AI Factory
Principled Technologies
 
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
Data_Analytics_vs_Data_Science_vs_BI_by_CA_Suvidha_Chaplot.pdf
CA Suvidha Chaplot
 
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
The-Ethical-Hackers-Imperative-Safeguarding-the-Digital-Frontier.pptx
sujalchauhan1305
 
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
Brief History of Internet - Early Days of Internet
sutharharshit158
 
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
Economic Impact of Data Centres to the Malaysian Economy
flintglobalapac
 
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
Software Development Methodologies in 2025
KodekX
 

LinuxKit

  • 1. LinuxKit: the first six months
  • 2. What is LinuxKit? A toolkit for building secure, portable and lean operating systems for containers. ● uses Moby tooling to build system images ● everything is a container ● runs with Containerd 1.0 branch for over four months ● lightweight, fully customizable
  • 3. Some metrics ● 75 contributors! ● first maintainer appointed from the community ● 50 commits a week since DockerCon
  • 4. Platform support The community added support for so many platforms... ● LCOW ● Azure ● OpenStack ● VMware and vCenter ● Packet.net ● Vultr
  • 5. Lots of smaller improvements ● TPM support ● containers to run on clean shutdown ● fully immutable images, eg CD-ROM images ● 4.10, 4.11, 4.12 kernels, 4.13 coming soon ● namespace sharing for system containers ● rewrote a lot of shell scripts in Go for better maintainability ● OCI runtime spec 1.0
  • 6. What about the next six months? ● stable releases when we have Containerd 1.0 ● Docker desktop and cloud editions based on LinuxKit very soon ● more work on Kubernetes: infrakit integration for production ● production production production ● help wanted improving CI for multiple platforms ● tell us about your production use cases
  • 8. Security SIG Deep Dives ● WireGuard - graduated from projects! ● Type Safe System Daemons ● LandLock LSM ● Memorizer ● HPE okernel
  • 9. What’s next? LinuxKit Security ● Cultivate security community and testbed ● Directly contribute to upstream Linux development ○ XPFO ○ eBPF hardening ○ Namespacing IMA ● Talk with us if you are interested in upstream Linux security!