|Project:||LXC, AppArmor, Pacemaker, Linux kernel (overlayfs)|
We all love containers. Lightweight, container-based virtualization is an excellent alternative to the likes of KVM, and we have a large array of options to choose from: lxc, Docker, rkt, more to come.
However, seasoned enterprise sysadmins frequently balk at the idea of a self-contained operating system in a single image which, rather than ever being updated, only gets rebuilt when needed. The idea of two thousand Apache containers needing to be rebuilt because a critical library like OpenSSL has released its latest patch for an ugly security vulnerability is not tremendously appealing to most.
In this presentation, we cover an alternative approach: we use overlayfs, a fairly recent addition to the Linux kernel, in conjunction with a few configuration options to build a fully functional container environment for potentially hundreds of containers running on the same operating system distribution. We combine this with AppArmor (for mandatory access control) and Pacemaker (for high availability) to build a configuration where patches can be applied to hundreds of containers at once, with minimal downtime.
All tools presented are readily available in any contemporary Linux distribution; no magic is involved.
Florian has been an active member of the OpenStack community since early 2011. He has driven and contributed to lively discussions within the community about OpenStack high availability, distributed storage integration, automation and deployment, and other topics. Florian has spoken about OpenStack at previous OpenStack Summits and also at OSCON, LinuxCon, linux.conf.au and many other conferences. When he is not speaking at conferences, Florian discharges his duties as CEO of professional services firm hastexo (which has a strong OpenStack focus), and also acts as a Principal Consultant serving hastexo's high-profile clients.
Geelong is Victoria's second largest city, located on Corio Bay, and within a short drive from popular beach-front communities on the Bellarine Peninsula as well as being the gateway to the famous Great Ocean Road
linux.conf.au is widely regarded by delegates as one of the best community run Linux conferences worldwide and is the largest Linux and Open Source Software conference in the Asia-Pacific.
Our Sponsors help make linux.conf.au become the awesome conference everyone comes back to year after year. Come see who's on board this year, or find out how to get in contact with us