Dan Walsh
Daniel Walsh has worked in the computer security field for over 40 years. Dan is
a Senior Distinguished Engineer at Red Hat. He joined Red Hat in August 2001.
Dan is a lead architect of the Red Hat Enterprise Linux for Edge team concentration on In Vehicle Operation System. Prior he led the Container Runtime Engineering team. Dan has been working on container technologies for 17 years. Dan focusess on the CRI-O Container Runtime for Kubernets, Buildah for building container images, Podman for running and managing containers, containers/storage and containers/image. Authored the Podman in Action
book. Formerly he led the SELinux project, concentrating on the application space and policy development. Dan helped developed sVirt, Secure Virtualization as well as the SELinux Sandbox. Previously, Dan worked Netect/Bindview's on Vulnerability Assessment Products and at Digital Equipment Corporation working on the Athena Project, AltaVista Firewall/Tunnel (VPN) Products. Dan has a BA in Mathematics from the College of the Holy Cross and a MS in Computer Science from Worcester Polytechnic Institute.
Twitter: rhatdan Blog: danwalsh.livejournal.com Email: dwalsh@redhat.com
Sessions
People talk about “Linux containers” forgetting that the part actually called “Linux”, the kernel, isn’t in the container.
But what if you could include a kernel in your container image, and what if you could boot that image? What if you could commit the definition of your whole Linux system to version control. What if you could push around images for the entire system, just like you can with containers. And finally: what if this was a documented and tested first class workflow supported by your Linux OS/distribution?
Let’s take the practices, tooling and standards that have grown around OCI containers for applications and apply them to the operating system. Let’s deploy and update the host via those same patterns, rather than individual fine grained packages. As we emphasize derived, consumer-owned builds, let’s make it ergonomic to create and maintain a complete trust chain all the way from the boot loader through the OS right through to existing containerized apps. Let’s bring immutability, auto-updating, resetting along as well.
We’d like to show how this can work practically, with real world applications, and built out of the packages we have today. We’ll look at the projects that are working on various parts of this puzzle.
There’ll be demos, there’ll be prizes, there’ll be cheers, there’ll be tears. This work has gotten us excited about the operating system again, and we’d love to share it with you.
This is a BOF where we discuss all that is new in the container world. Containerized OS, Bootc, Podman, Podman Desktop, Buildah, CRI-O ...