Frederic Branczyk offers an overview of rkt, a container runtime engine developed by CoreOS that was designed for security. rkt can run the same container with varying degrees of protection, from lightweight, OS-level namespace and capabilities isolation to heavier, VM-level hardware virtualization. rkt’s primary interface comprises a single executable, rather than a background daemon, and rkt uses this design to easily integrate with existing init systems while minimizing exposure to threats.
Frederic Branczyk is an engineer at CoreOS, where he contributes to Prometheus and Kubernetes to build state-of-the-art modern infrastructure and monitoring tools. Frederic discovered his interest in monitoring tools and distributed systems in his previous jobs, where he used machine learning to detect anomalies indicating intrusion attempts. He also worked on projects involving secrets management for distributed applications to build sane and stable infrastructure.
©2016, O’Reilly UK Ltd • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org