Containers
Native OCI Container Support in systemd
<p>OCI is many things, and soon it's a format systemd is going to understand somewhat natively. In this talk I want to explain the how, the why, and where we are going with this.</p>
Additional information
| Live Stream | https://live.fosdem.org/watch/ua2118 |
|---|---|
| Type | devroom |
| Language | English |
More sessions
| 1/31/26 |
<p>People want to run Java workloads in Linux containers and they want that to work well. Historically, Java has tended to prefer to manage things itself, and without tuning, there have been challenges getting OpenJDK payloads to excel alongside other workloads in container workloads. But that has been changing.</p> <p>This talk will give a high-level overview of the journey that OpenJDK has taken to play nicely with others in a container context (Kubernetes or otherwise), the current ...
|
| 1/31/26 |
<p>In early 2025 we started the process to create the Kubernetes Checkpoint Restore Working Group. In December the working group had its first meeting and in this short presentation I want give an overview why we think it is important to continue the checkpoint restore related work from the last five years in this working group. In addition I want to present the topics the working group hopes to solve in the context of Kubernetes.</p>
|
| 1/31/26 |
<p>Reducing container image size improves security, speeds up cold starts, and cuts network transfer costs. Yet in development workflows, it’s easy to inherit bloated base images or copy templates full of unused tools. To build minimal, production-ready OCI images, we need visibility into what a container actually uses at runtime</p> <p>This talk presents a lightweight method for profiling file access inside containers using <a href="https://docs.ebpf.io/">eBPF</a>, <a ...
|
| 1/31/26 |
<p>We usually think about successful open source in terms of user adoption, level of community contributions, or even vanity metrics like GitHub stars. But what if the success of many of the most popular open source projects in the cloud native ecosystem lies in the ability of external consumers to extend the project in ways the creators didn’t even envision?</p> <p>In this talk we’ll look at the containerd project and its intentionally designed extensibility. These extensible capabilities ...
|
| 1/31/26 |
<p>Reproducing a container image would ideally be just a matter of setting <code>SOURCE_DATE_EPOCH</code> in your build commands or containerfiles. Like most reproducible builds though, that’s just one part of the story. And unfortunately, the other part is <em>not</em> the rest of the sources of non-determinism (and yes, there are quite a few). The most critical part of the story is <em>guaranteeing</em> that anyone can reproduce your container image <em>bit-for-bit</em>, regardless of the ...
|
| 1/31/26 |
<p>Containers are everywhere, whether you run them locally for testing or on a production server, there is always a need to find its logs, metrics to know how much resources are being consumed and whether it is stable or not.</p> <p>In this talk, we will demonstrate an example of how to monitor your Docker Containers using Prometheus and cAdvisor and view the metrics in Grafana to get better observability.</p> <p>It will be an introduction Open Source tools, integration and also an excellent ...
|
| 1/31/26 |
<p>Last year we open sourced a Containerization framework and container CLI tooling to enable developers to create and run Linux container images directly on their Mac in a way that focuses on security and privacy. In this talk, we'll dive into the Containerization framework, describing its foundational role in creating the container CLI which enables users to build, run and deploy Linux containers on Mac. We’ll walk through the architecture, highlight key APIs and discuss why we wrote it in ...
|
