跳到主要内容

178 篇博文 含有标签「containers」

查看所有标签

· 阅读需 1 分钟

podman logo

Leasing routable IP addresses with Podman containers

By Brent Baude GitHub

Brent Baude has another blog post on the Red Hat Enable Sysadmin site this time about Leasing routable IP addresses with Podman containers. In the post Brent talks about using the macvlan and the dhcp plugins that ship with the container-networking project in order to lease ip addresses for your containers.

· 阅读需 1 分钟

podman logo

Building freely distributed containers with open tools

By Tom Sweeney GitHub

Scott McCarty (@fatherlinux) has an amazing video on YouTube about Building freely distributed containers with open tools. As only Scott could say "Although explaining how to ride a Tron-style light cycle is beyond the scope of this tutorial, we will discuss something almost as exhilarating—building containers with #Podman and #RedHat Universal Base Image (UBI). We will cover how to build and run #containers based on #UBI using just your regular user account—no daemon, no root (rootless), no fuss. Finally, we will order the deresolution of all of our containers with a really cool command. You probably won’t be promoted to CEO of ENCOM after this talk, but you will have new tools in your toolbelt for how to find, run, build, and share container images."

· 阅读需 1 分钟

podman logo

Basic security principles for containers and container runtimes

By Brent Baude GitHub

Brent Baude has another blog post on the Red Hat Enable Sysadmin site this time about Basic security principles for containers and container runtimes. In the post Brent talks about the three core security themes concerning containers and why user privileges matter in the space.

· 阅读需 1 分钟

podman logo

The current adoption status of cgroup v2 in containers

By Tom Sweeney GitHub

In case you missed Akihiro Suda's post on Medium.com, The current adoption status of cgroup v2 in containers, here's a quick link to it. In the article Akihiro talks all things cgroup v2 and what changes it promises to bring to the world of containers, and Podman is at the forefront of that change.

· 阅读需 8 分钟

podman logo

First Look: Rootless Containers and cgroup v2 on Fedora 31

By Tom Sweeney GitHub

I often times stay up too late at night watching late night television and run into these crazy commercials that tell you how easy their product is to use. If you’ve stayed up too, you know them as well. Just put your chicken and veggies in our oven, press 3 buttons and 45 minutes later a perfectly cooked meal! Easy! Got a leak? Slap on this tape and no more leak! Easy! Got a messy floor, just use this sweeper and you’ve the cleanest floor in the neighborhood! Easy!

Podman runs secure rootless containers and it really is easy! Trust me, I’m not like those other folks! As we’ve had a number of people asking us about what’s needed to set Podman rootless containers up, I decided to run through the process myself and to blog about the steps I took.

· 阅读需 1 分钟

podman logo

PMM Server + podman: Running a Container Without root Privileges

By Tom Sweeney GitHub

Ceri Williams talks about how the Percona Monitoring and Management (PMM) can be run in a container using Podman without root privileges here. In the post Ceri talks about how Percona was able to replace Docker with Podman and Buildah and are able to run containers more securely by doing so.

· 阅读需 11 分钟

podman logo

Generate SECCOMP Profiles for Containers Using Podman and eBPF

By Valentin Rothberg GitHub

Containers run everywhere. They run in the cloud, they run on IoT devices, they run in small and in big companies and wherever they run, we want them to run as securely as possible. In this article, I describe the Google Summer of Code project that Divyansh Kamboj, Dan Walsh and I have been working on and how we improved the state of the art in securing containers, and how you can try it out.