Tailor-Made Security: Building a Kubernetes Specific Hypervisor Samuel Ortiz, Intel & Andreea Florescu, Amazon ● https://github.com/rust-vmm ● Kata Containers - Sandbox for Kubernetes containers based on VMs ● rust-vmm - a new light weight VMM made in rust. Functionality broken out into crates ● firecracker - fork of CrosVM focused on serverless containers on bare metal. Limited functionality
Lessons Learned Migrating Kubernetes from Docker to containerd Runtime Ana Calin, Paybase ● containerd are container runtime features broken out of Docker ● Docker supports build & Docker API on top of containerd ● containerd is smaller and faster ● containerd is more secure. No ability to build and override image tags in local repo
ianlewis
soudai
miyashino
1ftseabass
yokawasa
hk_shino
yusuke
karawoo
makotu
adavis
yoshiitaka
senkin13
line_developers
hursman
akosma
zakiwarfel
addyosmani
maggiecrowley
ddemaree
shpigford
dotmariusz
morganepeng
mongodb
skipperchong
mraible