Kata Containers - secure container beyond secure

Proposal (採択)

中級者   Runtime    

Kata Containers is an open source project to build a secure container runtime. This topic will first introduce what's Kata Containers, and the difference between Docker/runC. Commonly Kata Containers is called a secure container, but in fact, Kata Containers is not only securer than runC, its strong isolation feature can bring us more values that are difficult in runC. The second part will give the details for the Kata Containers isolation: resources isolation, performance isolation, and failure isolation, and how we run Kata Containers in Ant Group and Alibaba at a large scale.

Liu Bin
Ant Group
Infrastructure engineer

Infrastructure engineer at Ant group, the largest online payment company in China, working on container runtime and Kubernetes.