OpenStack Summit Tokyo 2015

Video recording and production done by OpenStack Foundation.

Whether you are integrating Docker containers into an existing cloud, or building out a multi-tenant cloud implementation using Docker, it can be a significant challenge to ensure proper security is in place. In this session, we will unravel various threads of security topics that all come together to provide properly configured security and isolation for Docker containers. Many of our findings are based on our experience in building and securing the IBM Container service based on Docker technology on top of an OpenStack IaaS. Topics include: Usage and threat model Implications of sharing the kernel with the host How user namespaces provide isolation from the root user on host Docker engine configuration for security and limitations for preventing forkbomb, filebomb, DOS Security features and issues for Docker registry Docker API and lack of multi-tenancy capabilities

Rated: Everyone
Viewed 1 times
Tags: There are no tags for this video.