DevConf.CZ

Keynote: What if you could boot a container?
2024-06-14 , D105 (capacity 300)

People talk about “Linux containers” forgetting that the part actually called “Linux”, the kernel, isn’t in the container.

But what if you could include a kernel in your container image, and what if you could boot that image? What if you could commit the definition of your whole Linux system to version control. What if you could push around images for the entire system, just like you can with containers. And finally: what if this was a documented and tested first class workflow supported by your Linux OS/distribution?

Let’s take the practices, tooling and standards that have grown around OCI containers for applications and apply them to the operating system. Let’s deploy and update the host via those same patterns, rather than individual fine grained packages. As we emphasize derived, consumer-owned builds, let’s make it ergonomic to create and maintain a complete trust chain all the way from the boot loader through the OS right through to existing containerized apps. Let’s bring immutability, auto-updating, resetting along as well.

We’d like to show how this can work practically, with real world applications, and built out of the packages we have today. We’ll look at the projects that are working on various parts of this puzzle.

There’ll be demos, there’ll be prizes, there’ll be cheers, there’ll be tears. This work has gotten us excited about the operating system again, and we’d love to share it with you.

See also:

Daniel Walsh has worked in the computer security field for over 40 years. Dan is
a Senior Distinguished Engineer at Red Hat. He joined Red Hat in August 2001.
Dan is a lead architect of the Red Hat Enterprise Linux for Edge team concentration on In Vehicle Operation System. Prior he led the Container Runtime Engineering team. Dan has been working on container technologies for 17 years. Dan focusess on the CRI-O Container Runtime for Kubernets, Buildah for building container images, Podman for running and managing containers, containers/storage and containers/image. Authored the Podman in Action book. Formerly he led the SELinux project, concentrating on the application space and policy development. Dan helped developed sVirt, Secure Virtualization as well as the SELinux Sandbox. Previously, Dan worked Netect/Bindview's on Vulnerability Assessment Products and at Digital Equipment Corporation working on the Athena Project, AltaVista Firewall/Tunnel (VPN) Products. Dan has a BA in Mathematics from the College of the Holy Cross and a MS in Computer Science from Worcester Polytechnic Institute.
Twitter: rhatdan Blog: danwalsh.livejournal.com Email: dwalsh@redhat.com

This speaker also appears in:

Stef Walter, Senior Director of Linux Engineering

Stef joined Red Hat in 2012 as an engineer working to make Linux integrated, discoverable, and usable. He has more than 20 years and 100 projects of experience working with open source. Among other things he led the RHEL Web Console “Cockpit” project, and became passionate about automating engineering tasks, integration testing and continuous delivery.

He now leads an engineering organization responsible for a large part of the RHEL including our AI accelerator enablement, CoreOS and container workflows.

Stef has lived all over the world. He now lives with his wife and 3 kids in Germany with his wife and three kids. Stef gets into the mountains as often as possible, flying, climbing, skiing, and trekking.

Colin Walters has been having a lot of fun working on Free Software with the global community for over 25 years, contributing to Debian, GNOME, Fedora and RHEL, Cockpit, OpenShift 4 and more. He is the creator and maintainer of ostree and more recently bootc, and is excited about empowering Linux users to manage their systems as bootable container images.