What are containers exactly and can they be trusted?

Everyone's talking about containers these days.

But how many actually know what they are?

Do you know there are two big families of containers and that even within those, there are countless different runtimes to set them up and manage them?

Is a VM safer than a container? What about those containers that are using VM technology for containers?

Those are all questions anyone who's dealing with containers in production should know answers to. You should be able to decide whether to use containers at all and if so, what kind of container is the best fit for your particular task.

During this presentation, we'll be going over 15 years of container technologies on Linux (10 years in mainline Linux), how the security features they're built on top have evolved and what's the current state of things. We'll be comparing application containers to system containers, actual containers to lightweight virtualization and briefly cover some of the higher level management tools that come with them and what to keep in mind when trying to keep all of that safe.


Stéphane Graber Developer, Canonical

Stéphane Graber works as the technical lead for LXD at Canonical Ltd. He is the upstream project leader for LXC and LXD and a frequent speaker and track leader at various containers and other Linux related events.

Stéphane is also a long time contributor to the Ubuntu Linux distribution as an Ubuntu Core Developer and he currently sits on the Ubuntu Technical Board.

On his spare time, Stéphane helps organize a yearly security conference and contest in Montréal, Northsec, where his knowledge of Linux and network infrastructure is used to simulate the most complex of environments for the contestants.