SlideShare a Scribd company logo

LinuxKit

Download as PPTX, PDF
Moby Project, profile picture
Moby Project

LinuxKit is a toolkit for building secure, portable, and lean container-based operating systems. Over the past six months, it has gained 75 contributors and seen improvements like support for additional platforms, TPM support, immutable images, and newer kernel versions. Looking ahead, the next six months will focus on stable releases when Containerd 1.0 is available, using LinuxKit as the basis for Docker desktop and cloud editions, and expanding Kubernetes integration and production usage. The LinuxKit Security SIG has also deep dived several security projects and aims to contribute further to upstream Linux security.

Technology
1 of 10
Download to read offline
1
2
3
4
5
6
7
8
9
10
LinuxKit: the first six months
What is LinuxKit? A toolkit for building secure, portable and lean operating systems for containers. ● uses Moby tooling to build system images ● everything is a container ● runs with Containerd 1.0 branch for over four months ● lightweight, fully customizable
Some metrics ● 75 contributors! ● first maintainer appointed from the community ● 50 commits a week since DockerCon
Platform support The community added support for so many platforms... ● LCOW ● Azure ● OpenStack ● VMware and vCenter ● Packet.net ● Vultr
Lots of smaller improvements ● TPM support ● containers to run on clean shutdown ● fully immutable images, eg CD-ROM images ● 4.10, 4.11, 4.12 kernels, 4.13 coming soon ● namespace sharing for system containers ● rewrote a lot of shell scripts in Go for better maintainability ● OCI runtime spec 1.0
What about the next six months? ● stable releases when we have Containerd 1.0 ● Docker desktop and cloud editions based on LinuxKit very soon ● more work on Kubernetes: infrakit integration for production ● production production production ● help wanted improving CI for multiple platforms ● tell us about your production use cases
LinuxKit Security SIG
Security SIG Deep Dives ● WireGuard - graduated from projects! ● Type Safe System Daemons ● LandLock LSM ● Memorizer ● HPE okernel
What’s next? LinuxKit Security ● Cultivate security community and testbed ● Directly contribute to upstream Linux development ○ XPFO ○ eBPF hardening ○ Namespacing IMA ● Talk with us if you are interested in upstream Linux security!
@justincormack @riyazdfThank you!

More Related Content

PDF
The State of containerd
Moby Project
 
PDF
Using linuxKit to build custom rancherOS systems
Moby Project
 
PDF
Docker Engine Evolution: From Monolith to Discrete Components
Phil Estes
 
PPTX
CRI-containerd
Moby Project
 
PDF
Embedding Containerd For Fun and Profit
Phil Estes
 
PDF
It's 2018. Are My Containers Secure Yet!?
Phil Estes
 
ODP
LinuxKit Swarm Nodes
Moby Project
 
PDF
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Phil Estes
 
The State of containerd
Moby Project
 
Using linuxKit to build custom rancherOS systems
Moby Project
 
Docker Engine Evolution: From Monolith to Discrete Components
Phil Estes
 
CRI-containerd
Moby Project
 
Embedding Containerd For Fun and Profit
Phil Estes
 
It's 2018. Are My Containers Secure Yet!?
Phil Estes
 
LinuxKit Swarm Nodes
Moby Project
 
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Phil Estes
 

What's hot (20)

PPTX
Moby Summit introduction
Moby Project
 
PPTX
Introduction kubernetes 2017_12_24
Sam Zheng
 
PDF
CRI Runtimes Deep-Dive: Who's Running My Pod!?
Phil Estes
 
PDF
Introduction to Kubernetes
Ross Kukulinski
 
PDF
Kubernetes 架構與虛擬化之差異
inwin stack
 
PDF
An Open Source Story: Open Containers & Open Communities
Phil Estes
 
PDF
What's Running My Containers? A review of runtimes and standards.
Phil Estes
 
PDF
Project Atomic-Nulecule
Lalatendu Mohanty
 
PDF
Virtualization inside kubernetes
inwin stack
 
PPTX
State of Builder and Buildkit by Tonis Tiigi (Docker)
Docker, Inc.
 
PDF
Containerd Project Update: FOSDEM 2018
Phil Estes
 
PDF
Network plugins for kubernetes
inwin stack
 
PDF
Continuous integration with Docker and Ansible
Dmytro Slupytskyi
 
PDF
Looking Under The Hood: containerD
Docker, Inc.
 
PDF
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeAcademy
 
PDF
Project Moby
Neependra Khare
 
PDF
Kubernetes Basics & Monitoring
Mist.io
 
PDF
Docker London Meetup: Docker Engine Evolution
Phil Estes
 
PDF
Getting started with kubernetes
Janakiram MSV
 
PDF
Containers & container orchestration
Liviu Costea
 
Moby Summit introduction
Moby Project
 
Introduction kubernetes 2017_12_24
Sam Zheng
 
CRI Runtimes Deep-Dive: Who's Running My Pod!?
Phil Estes
 
Introduction to Kubernetes
Ross Kukulinski
 
Kubernetes 架構與虛擬化之差異
inwin stack
 
An Open Source Story: Open Containers & Open Communities
Phil Estes
 
What's Running My Containers? A review of runtimes and standards.
Phil Estes
 
Project Atomic-Nulecule
Lalatendu Mohanty
 
Virtualization inside kubernetes
inwin stack
 
State of Builder and Buildkit by Tonis Tiigi (Docker)
Docker, Inc.
 
Containerd Project Update: FOSDEM 2018
Phil Estes
 
Network plugins for kubernetes
inwin stack
 
Continuous integration with Docker and Ansible
Dmytro Slupytskyi
 
Looking Under The Hood: containerD
Docker, Inc.
 
KubeCon EU 2016: "rktnetes": what's new with container runtimes and Kubernetes
KubeAcademy
 
Project Moby
Neependra Khare
 
Kubernetes Basics & Monitoring
Mist.io
 
Docker London Meetup: Docker Engine Evolution
Phil Estes
 
Getting started with kubernetes
Janakiram MSV
 
Containers & container orchestration
Liviu Costea
 
Ad

Similar to LinuxKit (20)

PPTX
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
Docker, Inc.
 
PPTX
Introducing LinuxKit
Docker, Inc.
 
PPTX
Moby Open Source Summit North America 2017
Patrick Chanezon
 
PPTX
Linux kit meetup_v1.0.0
Anshul Patel
 
PDF
LinuxKit Deep Dive
Docker, Inc.
 
PPTX
LinuxKit Update at the Moby Summit
Docker, Inc.
 
PDF
LinuxKit & Moby - The next level of the container ecosystem
Patrick Kleindienst
 
PPTX
Oscon 2017: Build your own container-based system with the Moby project
Patrick Chanezon
 
PDF
Online Meetup: Intro to LinuxKit
Docker, Inc.
 
PDF
Introduction to LinuxKit - Docker Bangalore Meetup
Ajeet Singh Raina
 
PDF
LinuxKit and Moby, news from DockerCon 2017 - Austin,TX
Dieter Reuter
 
PDF
LinuxKit and Moby, News from DockerCon 2017
Dieter Reuter
 
PDF
Moby and linux kit, what to expect - Lorenzo Fontana, DevOps Expert at Kiratech
Kiratech
 
PDF
Containerday17 Moby-linuxkit-DockerCon-2017-announcements
Kiratech
 
PDF
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
Yandex
 
PPTX
Moby KubeCon 2017
Patrick Chanezon
 
PDF
Docker for Mac and Windows: The Insider's Guide by Justin Cormack
Docker, Inc.
 
PDF
Docker Seattle Meetup, May 2017
Stephen Walli
 
PDF
Intro to containerization
Balint Pato
 
PDF
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Daniel Oh
 
LinuxKit: the first five months by Justin Cormack & Riyaz Faizullabhoy (Docker)
Docker, Inc.
 
Introducing LinuxKit
Docker, Inc.
 
Moby Open Source Summit North America 2017
Patrick Chanezon
 
Linux kit meetup_v1.0.0
Anshul Patel
 
LinuxKit Deep Dive
Docker, Inc.
 
LinuxKit Update at the Moby Summit
Docker, Inc.
 
LinuxKit & Moby - The next level of the container ecosystem
Patrick Kleindienst
 
Oscon 2017: Build your own container-based system with the Moby project
Patrick Chanezon
 
Online Meetup: Intro to LinuxKit
Docker, Inc.
 
Introduction to LinuxKit - Docker Bangalore Meetup
Ajeet Singh Raina
 
LinuxKit and Moby, news from DockerCon 2017 - Austin,TX
Dieter Reuter
 
LinuxKit and Moby, News from DockerCon 2017
Dieter Reuter
 
Moby and linux kit, what to expect - Lorenzo Fontana, DevOps Expert at Kiratech
Kiratech
 
Containerday17 Moby-linuxkit-DockerCon-2017-announcements
Kiratech
 
"Lightweight Virtualization with Linux Containers and Docker". Jerome Petazzo...
Yandex
 
Moby KubeCon 2017
Patrick Chanezon
 
Docker for Mac and Windows: The Insider's Guide by Justin Cormack
Docker, Inc.
 
Docker Seattle Meetup, May 2017
Stephen Walli
 
Intro to containerization
Balint Pato
 
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Daniel Oh
 
Ad

More from Moby Project (8)

PDF
Libnetwork updates
Moby Project
 
PDF
FaaS-and-Furious
Moby Project
 
PPTX
Notary - container signing
Moby Project
 
PDF
Declare your infrastructure: InfraKit, LinuxKit and Moby
Moby Project
 
PPTX
Moby and kubernetes entitlements
Moby Project
 
PDF
Builder and BuildKit
Moby Project
 
PDF
OpenWhisk and IBM cloud functions
Moby Project
 
PDF
LinuxKit and OpenOverlay
Moby Project
 
Libnetwork updates
Moby Project
 
FaaS-and-Furious
Moby Project
 
Notary - container signing
Moby Project
 
Declare your infrastructure: InfraKit, LinuxKit and Moby
Moby Project
 
Moby and kubernetes entitlements
Moby Project
 
Builder and BuildKit
Moby Project
 
OpenWhisk and IBM cloud functions
Moby Project
 
LinuxKit and OpenOverlay
Moby Project
 

Recently uploaded (20)

PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
Encapsulation theory and applications.pdf
gurumoop
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
A Presentation on Artificial Intelligence
memembruh336
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 

LinuxKit

  • 1. LinuxKit: the first six months
  • 2. What is LinuxKit? A toolkit for building secure, portable and lean operating systems for containers. ● uses Moby tooling to build system images ● everything is a container ● runs with Containerd 1.0 branch for over four months ● lightweight, fully customizable
  • 3. Some metrics ● 75 contributors! ● first maintainer appointed from the community ● 50 commits a week since DockerCon
  • 4. Platform support The community added support for so many platforms... ● LCOW ● Azure ● OpenStack ● VMware and vCenter ● Packet.net ● Vultr
  • 5. Lots of smaller improvements ● TPM support ● containers to run on clean shutdown ● fully immutable images, eg CD-ROM images ● 4.10, 4.11, 4.12 kernels, 4.13 coming soon ● namespace sharing for system containers ● rewrote a lot of shell scripts in Go for better maintainability ● OCI runtime spec 1.0
  • 6. What about the next six months? ● stable releases when we have Containerd 1.0 ● Docker desktop and cloud editions based on LinuxKit very soon ● more work on Kubernetes: infrakit integration for production ● production production production ● help wanted improving CI for multiple platforms ● tell us about your production use cases
  • 8. Security SIG Deep Dives ● WireGuard - graduated from projects! ● Type Safe System Daemons ● LandLock LSM ● Memorizer ● HPE okernel
  • 9. What’s next? LinuxKit Security ● Cultivate security community and testbed ● Directly contribute to upstream Linux development ○ XPFO ○ eBPF hardening ○ Namespacing IMA ● Talk with us if you are interested in upstream Linux security!