Steven Ellis
https://lca2021.linux.org.au/schedule/presentation/80/
As more services are becoming containerised the security risks continue to increase. By adopting rootless containers we immediately remove a huge attack surface, in addition to providing the capability for any user to run containers on a host system without requiring admin rights.
This talk will outline the core concepts and benefits of rootless containers, and how Podman provides a simple to use framework that integrates nicely with Systemd. Along the way we'll also touch on some of the other security and performance management capabilities that SELinux and CGroups bring to containerised deployments.
To outline the benefits, and some of the bumpy bits along the way, Steve will use his initial deployments of Home Assistant and Mosquitto as containerised services for home automation, alongside workloads currently unsuitable for rootless containers.
linux.conf.au is a conference about the Linux operating system, and all aspects of the thriving ecosystem of Free and Open Source Software that has grown up around it. Run since 1999, in a different Australian or New Zealand city each year, by a team of local volunteers, LCA invites more than 500 people to learn from the people who shape the future of Open Source. For more information on the conference see https://linux.conf.au/
Produced by NDV: https://youtube.com/channel/UCQ7dFBzZGlBvtU2hCecsBBg?sub_confirmation=1
#linux.conf.au #linux #foss #opensource
Sat Jan 23 13:30:00 2021 at Blemings Labs