This presentation is a 16 slide introduction to what must be thought about when building a production cloud. Proper image management is critical engineering task.
Continue Reading “OSCON 2018: Portland: Linux Container Internals”
It only takes a couple of quick google searches to realize that people have no idea what a container engine is. That’s understandable because It was a completely new concept back in 2013. Plenty of good people have tried and failed – see WTF is a Container (not deep enough) or What is Docker and why
Continue Reading “So, What Does a Container Engine Really Do Anyway?”
Container Engines are like wheel bearings, you should be able to replace them when they stop working. Also, you shouldn’t have to care about what brand they are. That’s what the Kubernetes Container Runtime Interface (CRI) aims to solve. CRI defines the API used to talk to container engines and all the major container engines
Background What is sVirt and, why does it matter for your containers? The short answer is, because sVirt is another layer of security and defense in depth is a good approach to security. The longer answer is, sVirt dynamically generates an SELinux label for every single one of your containers, which makes them less likely
Continue Reading “What is sVirt and How Does it Isolate Linux Containers?”
Are you looking at CRI-O vs. contianerd and wondering to yourself, which one should I use? If you are…. DON’T – that’s not actually something you should be thinking about. Here’s why…. When it comes to containers there are a ton of APIs in the ecosystem. Different users, community projects and commercial products have made
Continue Reading “Competition Heats Up Between CRI-O and containerd – Actually, That’s Not a Thing…”