DevNation Speakers – an interview with Dan Walsh, Mr. SELinux
I recently caught up with Dan (a funny guy a great presenter – ask him about his comic strip) about the upcoming DevNation developer event (San Francisco, April 13-17) and his hot topic session on containers. Here’s what he had to say:
What sessions are you giving at DevNation?
I will be giving a talk on Secure Linux Containers or as I like to call it ‘Dockah, Dockah, Dockah’*
The talk will be covering the basis of containers and explain what is exciting about Docker. Docker is not just about containers, but is potentially a new format that you can distribute your content with. Developers in the past have had to either ship their content in RPM or use a home grown install system. Docker is different in that you ship the entire user space with your application. In its simplest form the only part of the host operating system that your docker application will use is the kernel API. Of course admins would probably want to take advantage of other parts of the system, such as systemd for managing your processes in your container, and for setting up cgroups. You might want to plugin to the syslog/journald environment so messages from the container end up in the hosts logging systems. You might also want to use the identity information from the host also perhaps using sssd within your container. And of course you will want to use SELinux to further secure your container from break out.
What are three takeaways from your session?
- Docker makes using containers easier
- Docker is a packaging mechanism
- Using Docker on RHEL is critical for manageability, security, and for certification of software.
What do you find most exciting about DevNation?
The ability to interact with developers on a one-on-one basis. Find out what their requirements are. What their pain points are. What they would like to see in the future.
What sessions are you looking forward to attend?
- Besides my own… 🙂
- How Netflix Uses Devops for Reliability and Developer Velocity by Jeremy Edberg. I am interested in how they build their apps to survive crashing environments.
- Integrating the Internet of Things – Sameer Parulkar & Jack Britton. Sounds pretty good.
- DevAssistant: What’s in it for you? I would like to see what it would take to plug SELinux policy development into DevAssistant.
*Note: pronounced “Docker” if you live outside of Massachusetts – 😉