Want to view more sessions and keep the conversations going? Join us for KubeCon + CloudNativeCon North America in Seattle, December 11 - 13, 2018 (http://bit.ly/KCCNCNA18) or in Shanghai, November 14-15 (http://bit.ly/kccncchina18).
Exploring Container Mechanisms Through the Story of a Syscall - Alban Crequy, Kinvolk (Intermediate Skill Level)
Alban will explore different container mechanisms on Linux by following a simple example: what is happening when an application in a Kubernetes pod performs a syscall such as “open()”? In particular, he will go through the following subsystems: SELinux LSM, seccomp-bpf, capabilities, overlayfs and copy-on-write, and path lookups in the container mount namespace. He will see how it interacts with different pod configurations.
Originally from France, Alban currently lives in Berlin where he is a CTO & co-founder at Kinvolk, a software engineering team focused on building foundational Linux technologies for the cloud. He is a contributor to rkt, a container runtime for Linux, Weave Scope, a container visualization & monitoring tool, and is actively working on BPF-related projects. Before falling into containers, Alban worked on various projects core to modern Linux; kernel IPC and storage, dbus performance and security, etc. His current technical interests revolve around networking, security, systemd and containers at the lower-levels of the system. Alban previously gave talks at several conferences including FOSDEM, Linux Plumbers, IO Visor Summit, Kubecon and LinuxCons/OSSummit.
Join us for KubeCon + CloudNativeCon in Barcelona May 20 - 23, Shanghai June 24 - 26, and San Diego November 18 - 21! Learn more at https://kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy and all of the other CNCF-hosted projects.