Training: 8–9 November 2016
Tutorials & Conference: 9–11 November 2016
Amsterdam, NL

rkt’s architecture and security features

Frederic Branczyk (CoreOS | Red Hat)
16:45–17:25 Friday, 11 November, 2016
The human element
Location: G102 Level: Intermediate
Average rating: *****
(5.00, 1 rating)

What you'll learn

  • Explore rkt

Description

Frederic Branczyk offers an overview of rkt, a container runtime engine developed by CoreOS that was designed for security. rkt can run the same container with varying degrees of protection, from lightweight, OS-level namespace and capabilities isolation to heavier, VM-level hardware virtualization. rkt’s primary interface comprises a single executable, rather than a background daemon, and rkt uses this design to easily integrate with existing init systems while minimizing exposure to threats.

Photo of Frederic Branczyk

Frederic Branczyk

CoreOS | Red Hat

Frederic Branczyk is an engineer at CoreOS, where he contributes to Prometheus and Kubernetes to build state-of-the-art modern infrastructure and monitoring tools. Frederic discovered his interest in monitoring tools and distributed systems in his previous jobs, where he used machine learning to detect anomalies indicating intrusion attempts. He also worked on projects involving secrets management for distributed applications to build sane and stable infrastructure.