October 31 - November 1 | Lyon, France
View More Details  & Register Here
Back To Schedule
Thursday, October 31 • 16:30 - 18:00
Tutorial: Using Linux Primitives to Build Your Own Containers - Stéphane Graber & Christian Brauner, Canonical Ltd.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Most people are familiar with various container tools including Docker, LXC and LXD. But they rarely are familiar with the kernel features enabling those tools.

To better understand everything involved, we will be creating our own container, from scratch.

Starting to look at the various namespaces, what they do, how to use them together, then setting up a suitable filesystem, integrating with a LSM, do some privilege and capability dropping and putting restrictions in place with cgroups.

At every step, you will see what your container can do and what it probably shouldn't be allowed to do, through this experience you will get a better understanding of all the moving pieces that are put together to create a container.


Christian Brauner

Senior Software Engineer, Canonical Ltd.
Christian Brauner is a kernel developer and maintainer of the LXD and LXC projects currently working at Canonical. He works mostly upstream on the Linux Kernel maintaining various bits and pieces. He is strongly committed to working in the open, and an avid proponent of Free Software... Read More →
avatar for Stéphane Graber

Stéphane Graber

Software Engineer, Canonical Ltd.
Stéphane Graber is the upstream project leader for LXC and LXD at Canonical and a frequent speaker and track leader at events related to containers and Linux. Stéphane is a longtime contributor to the Ubuntu Linux distribution as an Ubuntu core developer and previous Ubuntu technical... Read More →

Thursday October 31, 2019 16:30 - 18:00 CET
Forum 1