Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
コンテーナーの話
Search
Ian Lewis
June 04, 2014
Technology
0
100
コンテーナーの話
Ian Lewis
June 04, 2014
Tweet
Share
More Decks by Ian Lewis
See All by Ian Lewis
Kubernetes Security Best Practices
ianlewis
38
26k
The Enemy Within: Running untrusted code in Kubernetes
ianlewis
0
1.3k
The Enemy Within: Running untrusted code with gVisor
ianlewis
4
1.3k
KubeCon EU Runtime Track Recap
ianlewis
3
1.7k
コンテナによるNoOpsオートメーション
ianlewis
2
170
Google Kubernetes Engine 概要 & アップデート @ GCPUG Kansai Summit Day 2018
ianlewis
2
950
Extending Kubernetes with Custom Resources and Operator Frameworks
ianlewis
10
3.8k
Kubernetesのセキュリティのベストプラクティス
ianlewis
12
17k
Scheduling and Resource Management in Kubernetes
ianlewis
2
1.4k
Other Decks in Technology
See All in Technology
The Twin Mandate of Observability
charity
1
380
DMMの検索システムをSolrからElasticCloudに移行した話
hmaa_ryo
0
370
Design and implementation of "Markdown to Google Slides" / phpconfuk 2025
k1low
1
120
ラスベガスの歩き方 2025年版(re:Invent 事前勉強会)
junjikoide
0
950
InsightX 会社説明資料/ Company deck
insightx
0
200
Data Engineering Guide 2025 #data_summit_findy by @Kazaneya_PR / 20251106
kazaneya
PRO
8
1.4k
次世代のメールプロトコルの斜め読み
hirachan
3
390
触れるけど壊れないWordPressの作り方
masakawai
0
680
OPENLOGI Company Profile for engineer
hr01
1
46k
激動の2025年、Modern Data Stackの最新技術動向
sagara
0
850
なぜ新機能リリース翌日に モニタリング可能なのか? 〜リードタイム短縮とリソース問題を「自走」で改善した話〜 / data_summit_findy_Session_2
sansan_randd
1
120
初海外がre:Inventだった人間の感じたこと
tommy0124
1
200
Featured
See All Featured
4 Signs Your Business is Dying
shpigford
186
22k
GraphQLとの向き合い方2022年版
quramy
49
14k
Building an army of robots
kneath
306
46k
How to Think Like a Performance Engineer
csswizardry
27
2.2k
Why Our Code Smells
bkeepers
PRO
340
57k
Visualization
eitanlees
150
16k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
127
54k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
31
2.6k
The Invisible Side of Design
smashingmag
302
51k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
37
2.6k
Side Projects
sachag
455
43k
Stop Working from a Prison Cell
hatefulcrawdad
272
21k
Transcript
コンテーナーの話
1. 誰 2. 何 3. 何故
1. 何 2. 誰 3. 何故
何
LXC
LinuX Container
•Kernel namespaces (ipc, uts, mount, pid, network and user) Apparmor
and SELinux profiles Seccomp policies Chroots (using pivot_root) Kernel capabilities Control groups (cgroups)
import lxc container = lxc.Container("p1") container.create("ubuntu") container.start() container.get_ips() container.stop()
PYTHON
PYTHON3
chroot
None
namespaces
mount UTS Network SysV IPC
cgroups
Resource limits Prioritization Accounting Control
誰
2006
None
2014
EVERYTHING at Google runs in a container
None
None
None
None
( ̄∇ ̄;)
April 2008
None
None
None
CoreOS
何故
セキュリティ
リソース
パフォーマンス
スケーラビリティ
THE END
ianlewis
charity
hmaa_ryo
k1low
junjikoide
insightx
kazaneya
hirachan
masakawai
hr01
sagara
sansan_randd
tommy0124
shpigford
quramy
kneath
csswizardry
bkeepers
eitanlees
aki_iinuma
marktimemedia
smashingmag
eileencodes
sachag
hatefulcrawdad
