These slides were presented in a joint Meetup with Docker Bangalore and Cloud Native Bangalore
As the name indicates these are the slides for people who're getting started with Containers
3. Agenda
● What is a Container?
● Why Container?
● Benefits
● Security Concerns
● Security Best Practices
● Container Terminology
● Container Image Format
● Container Runtimes
● Why Should I Care?
● Resources
3
4. 1.
What is a
Container?
A container is a standard unit of
software that packages up code and all
its dependencies so the application runs
quickly and reliably regardless of the
computing environment.
5. 5
Containers and virtual machines have similar resource isolation and
allocation benefits, but function differently because containers
virtualize the operating system instead of hardware. Containers are
more portable and efficient.
11. Security Best Practices
❑ Know and control the source and content of the image
❑ Least Privilege
❑ Effective Vulnerability Assessment
❑ Be careful with the Base Image
❑ Access Control
11
14. What do You Mean?
- Justin Bieber
Container
Running instance of a
Container Image
Container Image
An lightweight,
standalone, executable
package of software
that includes
everything needed to
run an application
Container Runtime
A software that
executes containers
and manages
container images on a
node
14
15. ● Image Management
● Container Interactions
● Container Lifecycle
CONTAINER RUNTIME
It’s a hub of container images from
where the container images are
downloaded locally and consumed
by the container Runtime
15
CONTAINER REGISTRY
19. “With no standard, there
is no way to automate.
Each container is defined
and consumed
differently”
19
20. The mission Open Containers Initiative
(OCI) is to promote a set of common,
minimal, open standards and
specifications around container
technology
20
21. Containerd is an industry-standard
container runtime with an emphasis on
simplicity, robustness and portability
Containerd is one of the most
extensible, well-architected and
optimal runtime focused on simplicity
that is meant to be embedded into a
large ecosystem
CNCF GRADUATED PROJECT
21