podcastcontainerslinuxcloud-nativecncfkubernetes

I'm on the KubeFM Podcast Talking About "Linux Containers From Scratch"

KubeFM recently invited me to talk about my project "barco: Linux Containers From Scratch in C". In this episode, I talk about why Linux containers don't exist, how to use cgroups and namespaces to isolate a process, how to secure the container with seccomp and capabilities, and how to make the right syscall from C to build your own container engine. Thank you, KubeFM, for having me!

Luca Cavallin

Published 24 January 2024

⏱ 1 min read

I'm on the KubeFM Podcast Talking About "Linux Containers From Scratch"

I was recently invited to record a session about my project "barco: Linux Container from Scratch in C" (GitHub, blog) with KubeFM, a Kubernetes-focused podcast by Learnk8s. The episode is now live and you can listen to it on all major podcast providers and on YouTube. Thank you, KubeFM, for having me!

In this episode, I talk about:

Why Linux containers "don't exist" but are the product of several Linux features you can put together and configure properly to get what we know as containers.
How Kernel features such as cgroups and namespaces isolate a process.
How you can use seccomp and capabilities to secure the container.
How to make the right syscall from C to build your own container engine.

Listen to the Podcast

Luca Cavallin

Platform Engineer at Xebia working on the infrastructure beneath AI. Google Developer Expert & CNCF Ambassador. Writes here for ~10,000 readers a month.

More about Luca