linux kit meetup_v1.0.0
TRANSCRIPT
![Page 1: Linux kit meetup_v1.0.0](https://reader037.vdocuments.net/reader037/viewer/2022100803/5a6778df7f8b9a656a8b5579/html5/thumbnails/1.jpg)
Anshul Patel
![Page 2: Linux kit meetup_v1.0.0](https://reader037.vdocuments.net/reader037/viewer/2022100803/5a6778df7f8b9a656a8b5579/html5/thumbnails/2.jpg)
What is LinuxKit
● Toolkit for building secure, portable & lean operating system for containers.
● Built with containers, for running containers.
● All Operating system services are containers.
● Operating system services are pluggable.
● Operating system is built using Moby tool.
![Page 3: Linux kit meetup_v1.0.0](https://reader037.vdocuments.net/reader037/viewer/2022100803/5a6778df7f8b9a656a8b5579/html5/thumbnails/3.jpg)
Purpose of LinuxKit
● Creates Immutable Operating Systems.
● Provides Declarative way for creating Operating Systems.
● Build the whole system in CI pipeline which guarantees reproducible builds &
reliability.
● Suitable for Cloud, VMs and Bare-Metals.
![Page 4: Linux kit meetup_v1.0.0](https://reader037.vdocuments.net/reader037/viewer/2022100803/5a6778df7f8b9a656a8b5579/html5/thumbnails/4.jpg)
LinuxKit YAML config file
● Kernel - Specifies Kernel Image version and parameters
● Init - Components which will be part of initrd
● Onboot - One-off containers executed during boot. They get terminated after
execution
● Services - Long running process which will serve the incoming requests.
● Files - Copy local files to Operating System
● Trust - Components which are required to be cryptographically verified with
Docker Content Trust.
Outputs: ISOs, RAW, VMDK, VHD, etc
![Page 5: Linux kit meetup_v1.0.0](https://reader037.vdocuments.net/reader037/viewer/2022100803/5a6778df7f8b9a656a8b5579/html5/thumbnails/5.jpg)
Example
![Page 6: Linux kit meetup_v1.0.0](https://reader037.vdocuments.net/reader037/viewer/2022100803/5a6778df7f8b9a656a8b5579/html5/thumbnails/6.jpg)
Security
● Include only components which are required.
● Provides Ability to use latest Kernel.
● Containerized Operating System services, hence minimal privileges.
● Smaller attack surface.
● Immutable Infrastructure, only namespaced container data and stateful
partitions can be modified.
![Page 7: Linux kit meetup_v1.0.0](https://reader037.vdocuments.net/reader037/viewer/2022100803/5a6778df7f8b9a656a8b5579/html5/thumbnails/7.jpg)
Support
Best Supported
● Hyperkit, VMware(Pro), Qemu/KVM
● GCE, Packet.net
In Progress
● AWS, Azure, Windows, BlueMix
Planned
● ARM
![Page 8: Linux kit meetup_v1.0.0](https://reader037.vdocuments.net/reader037/viewer/2022100803/5a6778df7f8b9a656a8b5579/html5/thumbnails/8.jpg)
Demo
![Page 9: Linux kit meetup_v1.0.0](https://reader037.vdocuments.net/reader037/viewer/2022100803/5a6778df7f8b9a656a8b5579/html5/thumbnails/9.jpg)
Ongoing/Future Developments
● Rewrite in type safe languages such as Rust.
● Blueprints/Samples for different platforms.
● Improve APIs.
● Integration with Infrakit to run cluster of instances running Kubernetes/Swarm.
● Integration with other orchestration tools like VMware VCloud Director,
Terraform.
![Page 10: Linux kit meetup_v1.0.0](https://reader037.vdocuments.net/reader037/viewer/2022100803/5a6778df7f8b9a656a8b5579/html5/thumbnails/10.jpg)
Questions?
Thank You!