Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
コンテーナーの話
Search
Ian Lewis
June 04, 2014
Technology
0
100
コンテーナーの話
Ian Lewis
June 04, 2014
Tweet
Share
More Decks by Ian Lewis
See All by Ian Lewis
Kubernetes Security Best Practices
ianlewis
38
26k
The Enemy Within: Running untrusted code in Kubernetes
ianlewis
0
1.3k
The Enemy Within: Running untrusted code with gVisor
ianlewis
4
1.2k
KubeCon EU Runtime Track Recap
ianlewis
3
1.6k
コンテナによるNoOpsオートメーション
ianlewis
2
160
Google Kubernetes Engine 概要 & アップデート @ GCPUG Kansai Summit Day 2018
ianlewis
2
940
Extending Kubernetes with Custom Resources and Operator Frameworks
ianlewis
10
3.8k
Kubernetesのセキュリティのベストプラクティス
ianlewis
12
17k
Scheduling and Resource Management in Kubernetes
ianlewis
2
1.4k
Other Decks in Technology
See All in Technology
ハッカソン by 生成AIハッカソンvol.05
1ftseabass
PRO
0
170
Zephyr RTOSを使った開発コンペに参加した件
iotengineer22
1
180
How Community Opened Global Doors
hiroramos4
PRO
1
140
事業成長の裏側:エンジニア組織と開発生産性の進化 / 20250703 Rinto Ikenoue
shift_evolve
PRO
2
14k
CI/CD/IaC 久々に0から環境を作ったらこうなりました
kaz29
1
220
AI導入の理想と現実~コストと浸透〜
oprstchn
0
170
あなたの声を届けよう! 女性エンジニア登壇の意義とアウトプット実践ガイド #wttjp / Call for Your Voice
kondoyuko
4
530
怖くない!はじめてのClaude Code
shinya337
0
330
Github Copilot エージェントモードで試してみた
ochtum
0
140
PHPでWebブラウザのレンダリングエンジンを実装する
dip_tech
PRO
0
220
整頓のジレンマとの戦い〜Tidy First?で振り返る事業とキャリアの歩み〜/Fighting the tidiness dilemma〜Business and Career Milestones Reflected on in Tidy First?〜
bitkey
1
10k
Yamla: Rustでつくるリアルタイム性を追求した機械学習基盤 / Yamla: A Rust-Based Machine Learning Platform Pursuing Real-Time Capabilities
lycorptech_jp
PRO
4
200
Featured
See All Featured
Rebuilding a faster, lazier Slack
samanthasiow
82
9.1k
We Have a Design System, Now What?
morganepeng
53
7.7k
Optimizing for Happiness
mojombo
379
70k
YesSQL, Process and Tooling at Scale
rocio
173
14k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
35
2.4k
Adopting Sorbet at Scale
ufuk
77
9.4k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
48
5.4k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
1.8k
Reflections from 52 weeks, 52 projects
jeffersonlam
351
20k
Side Projects
sachag
455
42k
Agile that works and the tools we love
rasmusluckow
329
21k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
34
3.1k
Transcript
コンテーナーの話
1. 誰 2. 何 3. 何故
1. 何 2. 誰 3. 何故
何
LXC
LinuX Container
•Kernel namespaces (ipc, uts, mount, pid, network and user) Apparmor
and SELinux profiles Seccomp policies Chroots (using pivot_root) Kernel capabilities Control groups (cgroups)
import lxc container = lxc.Container("p1") container.create("ubuntu") container.start() container.get_ips() container.stop()
PYTHON
PYTHON3
chroot
None
namespaces
mount UTS Network SysV IPC
cgroups
Resource limits Prioritization Accounting Control
誰
2006
None
2014
EVERYTHING at Google runs in a container
None
None
None
None
( ̄∇ ̄;)
April 2008
None
None
None
CoreOS
何故
セキュリティ
リソース
パフォーマンス
スケーラビリティ
THE END
ianlewis
1ftseabass
iotengineer22
hiroramos4
shift_evolve
kaz29
oprstchn
kondoyuko
shinya337
ochtum
dip_tech
bitkey
lycorptech_jp
samanthasiow
morganepeng
mojombo
rocio
eileencodes
ufuk
reverentgeek
bluesmoon
jeffersonlam
sachag
rasmusluckow
rmw
