Super privileged containers - 2015 Red Hat Summit

Acerca de este vídeo

Daniel Walsh — Mr SELinux, Red Hat

Containers not only provide security separation, resource isolation, and process isolation, but are also a mechanism for shipping software. In Red Hat Enterprise Linux Atomic Host, it’s ideal for customers and third parties to only ship software in container format. In certain cases, it’s best to ship software as a container image, but allow the container to manipulate and manage the host operating system or to manage other container processes.


In this session, you’ll learn how to turn off different security and process isolation components of containers to enable the container to see and manipulate processes and configuration on the host system.


You’ll see a demo of how to use containers to:

  • Load kernel modules.
  • Run virtual machines.
  • Debug and trace processes on the system
Canal del video