SlideShare ist ein Scribd-Unternehmen logo

Hacking Containers - Container Storage

•
•
Eng Teong Cheah
Eng Teong Cheah

The mechanism that Docker and several other container runtimes use is known as a UnionFS. To best understand a union file system, consider a set of clear pieces of transparent paper.

Technologie
1 von 8
Downloaden Sie, um offline zu lesen
Hacking Containers Container Storage
Eng Teong Cheah Microsoft MVP
Storage The mechanism that Docker and several other container runtimes use is know as a union file system (UnionFS). To best understand a union file system, consider a set of clear pieces of transparent paper. One paper at the bottom has a single line; let’s call this the lower layer. The next piece of paper placed on top of it, also translucent, has a line connecting to the first, and the picture that’s formed shows two lines making a 90 degree angle. The next piece of paper is overlayed on top, and that paper has a third line connecting to the first two lines; this picture forms a square U. We’ll call this the layer upper.
Storage The final sheet of paper on top we’ll call the workdir; it completes the picture, and we see a square. The layering represents how the overlay file system, which is in use in Docker, uses layers that include diffs between each layer on our disk.
Storage
Storage We can inspect these changes using the docker inspect and docker volume commands. We can also traverse the file system to the areas that correspond to the file system layers. Each file system layer is SHA-256 hashed and checked for integrity, as these file systems are supposed to be read-only. The mechanism used to create each layer is actually in the Dockerfile.
Demo Container Storage
References Gray Hat Hacking, Sixth Edition

Empfohlen

CMPE2300 – Lab01 - Defrag-o-maticIn this lab you will crea.docx
CMPE2300 – Lab01 - Defrag-o-maticIn this lab you will crea.docxCMPE2300 – Lab01 - Defrag-o-maticIn this lab you will crea.docx
CMPE2300 – Lab01 - Defrag-o-maticIn this lab you will crea.docxmary772
 
Efficient load rebalancing for distributed file system in Clouds
Efficient load rebalancing for distributed file system in CloudsEfficient load rebalancing for distributed file system in Clouds
Efficient load rebalancing for distributed file system in CloudsIJERA Editor
 
Chapter 11 - File System Implementation
Chapter 11 - File System ImplementationChapter 11 - File System Implementation
Chapter 11 - File System ImplementationWayne Jones Jnr
 
Unix environment [autosaved]
Unix environment [autosaved]Unix environment [autosaved]
Unix environment [autosaved]Er Mittinpreet Singh
 
58518522 study-aix
58518522 study-aix58518522 study-aix
58518522 study-aixhomeworkping3
 
File system interfacefinal
File system interfacefinalFile system interfacefinal
File system interfacefinalmarangburu42
 
VTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERS
VTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERSVTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERS
VTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERSvtunotesbysree
 
File Input/output, Database Access, Data Analysis with Pandas
File Input/output, Database Access, Data Analysis with PandasFile Input/output, Database Access, Data Analysis with Pandas
File Input/output, Database Access, Data Analysis with PandasPrabu U
 

Empfohlen

CMPE2300 – Lab01 - Defrag-o-maticIn this lab you will crea.docx
CMPE2300 – Lab01 - Defrag-o-maticIn this lab you will crea.docxCMPE2300 – Lab01 - Defrag-o-maticIn this lab you will crea.docx
CMPE2300 – Lab01 - Defrag-o-maticIn this lab you will crea.docxmary772
 
Efficient load rebalancing for distributed file system in Clouds
Efficient load rebalancing for distributed file system in CloudsEfficient load rebalancing for distributed file system in Clouds
Efficient load rebalancing for distributed file system in CloudsIJERA Editor
 
Chapter 11 - File System Implementation
Chapter 11 - File System ImplementationChapter 11 - File System Implementation
Chapter 11 - File System ImplementationWayne Jones Jnr
 
Unix environment [autosaved]
Unix environment [autosaved]Unix environment [autosaved]
Unix environment [autosaved]Er Mittinpreet Singh
 
58518522 study-aix
58518522 study-aix58518522 study-aix
58518522 study-aixhomeworkping3
 
File system interfacefinal
File system interfacefinalFile system interfacefinal
File system interfacefinalmarangburu42
 
VTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERS
VTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERSVTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERS
VTU 3RD SEM UNIX AND SHELL PROGRAMMING SOLVED PAPERSvtunotesbysree
 
File Input/output, Database Access, Data Analysis with Pandas
File Input/output, Database Access, Data Analysis with PandasFile Input/output, Database Access, Data Analysis with Pandas
File Input/output, Database Access, Data Analysis with PandasPrabu U
 
OSCh12
OSCh12OSCh12
OSCh12Joe Christensen
 
Ch12 OS
Ch12 OSCh12 OS
Ch12 OSC.U
 
OS_Ch12
OS_Ch12OS_Ch12
OS_Ch12Supriya Shrivastava
 
File systeminterface-pre-final-formatting
File systeminterface-pre-final-formattingFile systeminterface-pre-final-formatting
File systeminterface-pre-final-formattingmarangburu42
 
File system interface Pre Final
File system interface Pre FinalFile system interface Pre Final
File system interface Pre Finalmarangburu42
 
Dos commands new
Dos commands new Dos commands new
Dos commands new suraj pandey
 
FS Mod2@AzDOCUMENTS.in.pdf
FS Mod2@AzDOCUMENTS.in.pdfFS Mod2@AzDOCUMENTS.in.pdf
FS Mod2@AzDOCUMENTS.in.pdfLakshmishaRALakshmis
 
Distributed Shared Memory-jhgfdsserty.pdf
Distributed Shared Memory-jhgfdsserty.pdfDistributed Shared Memory-jhgfdsserty.pdf
Distributed Shared Memory-jhgfdsserty.pdfRichardMathengeSPASP
 
Ch05
Ch05Ch05
Ch05Mike Qaissaunee
 
Locus Distributed Operating System
Locus Distributed Operating SystemLocus Distributed Operating System
Locus Distributed Operating SystemTamer Rezk
 
Networking Standards And Protocols
Networking Standards And ProtocolsNetworking Standards And Protocols
Networking Standards And ProtocolsSteven Cahill
 
Osi Layer model provided by TopTechy.com
Osi Layer model provided by TopTechy.comOsi Layer model provided by TopTechy.com
Osi Layer model provided by TopTechy.comVicky Kamboj
 
Linux Basics.pptx
Linux Basics.pptxLinux Basics.pptx
Linux Basics.pptxRanjitKumarPanda5
 
20. Parallel Databases in DBMS
20. Parallel Databases in DBMS20. Parallel Databases in DBMS
20. Parallel Databases in DBMSkoolkampus
 
file management
file management file management
file managementSweta Kumari Barnwal
 
2. Assume that you are hired as the Network Administrator for a smal.docx
2. Assume that you are hired as the Network Administrator for a smal.docx2. Assume that you are hired as the Network Administrator for a smal.docx
2. Assume that you are hired as the Network Administrator for a smal.docxstandfordabbot
 
Filesystemimplementationpre final-160919095849
Filesystemimplementationpre final-160919095849Filesystemimplementationpre final-160919095849
Filesystemimplementationpre final-160919095849marangburu42
 
File systemimplementationfinal
File systemimplementationfinalFile systemimplementationfinal
File systemimplementationfinalmarangburu42
 
distributed shared memory
distributed shared memory distributed shared memory
distributed shared memoryAshish Kumar
 
Union FileSystem - A Building Blocks Of a Container
Union FileSystem - A Building Blocks Of a ContainerUnion FileSystem - A Building Blocks Of a Container
Union FileSystem - A Building Blocks Of a ContainerKnoldus Inc.
 
Monitoring Models
Monitoring ModelsMonitoring Models
Monitoring ModelsEng Teong Cheah
 
Responsible Machine Learning
Responsible Machine LearningResponsible Machine Learning
Responsible Machine LearningEng Teong Cheah
 

Weitere ähnliche Inhalte

Ă„hnlich wie Hacking Containers - Container Storage

Ch12 OS
Ch12 OSCh12 OS
Ch12 OSC.U
 
File systeminterface-pre-final-formatting
File systeminterface-pre-final-formattingFile systeminterface-pre-final-formatting
File systeminterface-pre-final-formattingmarangburu42
 
File system interface Pre Final
File system interface Pre FinalFile system interface Pre Final
File system interface Pre Finalmarangburu42
 
Dos commands new
Dos commands new Dos commands new
Dos commands new suraj pandey
 
Distributed Shared Memory-jhgfdsserty.pdf
Distributed Shared Memory-jhgfdsserty.pdfDistributed Shared Memory-jhgfdsserty.pdf
Distributed Shared Memory-jhgfdsserty.pdfRichardMathengeSPASP
 
Locus Distributed Operating System
Locus Distributed Operating SystemLocus Distributed Operating System
Locus Distributed Operating SystemTamer Rezk
 
Networking Standards And Protocols
Networking Standards And ProtocolsNetworking Standards And Protocols
Networking Standards And ProtocolsSteven Cahill
 
Osi Layer model provided by TopTechy.com
Osi Layer model provided by TopTechy.comOsi Layer model provided by TopTechy.com
Osi Layer model provided by TopTechy.comVicky Kamboj
 
20. Parallel Databases in DBMS
20. Parallel Databases in DBMS20. Parallel Databases in DBMS
20. Parallel Databases in DBMSkoolkampus
 
2. Assume that you are hired as the Network Administrator for a smal.docx
2. Assume that you are hired as the Network Administrator for a smal.docx2. Assume that you are hired as the Network Administrator for a smal.docx
2. Assume that you are hired as the Network Administrator for a smal.docxstandfordabbot
 
Filesystemimplementationpre final-160919095849
Filesystemimplementationpre final-160919095849Filesystemimplementationpre final-160919095849
Filesystemimplementationpre final-160919095849marangburu42
 
File systemimplementationfinal
File systemimplementationfinalFile systemimplementationfinal
File systemimplementationfinalmarangburu42
 
distributed shared memory
distributed shared memory distributed shared memory
distributed shared memoryAshish Kumar
 
Union FileSystem - A Building Blocks Of a Container
Union FileSystem - A Building Blocks Of a ContainerUnion FileSystem - A Building Blocks Of a Container
Union FileSystem - A Building Blocks Of a ContainerKnoldus Inc.
 

Ă„hnlich wie Hacking Containers - Container Storage (20)

OSCh12
OSCh12OSCh12
OSCh12
 
Ch12 OS
Ch12 OSCh12 OS
Ch12 OS
 
OS_Ch12
OS_Ch12OS_Ch12
OS_Ch12
 
File systeminterface-pre-final-formatting
File systeminterface-pre-final-formattingFile systeminterface-pre-final-formatting
File systeminterface-pre-final-formatting
 
File system interface Pre Final
File system interface Pre FinalFile system interface Pre Final
File system interface Pre Final
 
Dos commands new
Dos commands new Dos commands new
Dos commands new
 
FS Mod2@AzDOCUMENTS.in.pdf
FS Mod2@AzDOCUMENTS.in.pdfFS Mod2@AzDOCUMENTS.in.pdf
FS Mod2@AzDOCUMENTS.in.pdf
 
Distributed Shared Memory-jhgfdsserty.pdf
Distributed Shared Memory-jhgfdsserty.pdfDistributed Shared Memory-jhgfdsserty.pdf
Distributed Shared Memory-jhgfdsserty.pdf
 
Ch05
Ch05Ch05
Ch05
 
Locus Distributed Operating System
Locus Distributed Operating SystemLocus Distributed Operating System
Locus Distributed Operating System
 
Networking Standards And Protocols
Networking Standards And ProtocolsNetworking Standards And Protocols
Networking Standards And Protocols
 
Osi Layer model provided by TopTechy.com
Osi Layer model provided by TopTechy.comOsi Layer model provided by TopTechy.com
Osi Layer model provided by TopTechy.com
 
Linux Basics.pptx
Linux Basics.pptxLinux Basics.pptx
Linux Basics.pptx
 
20. Parallel Databases in DBMS
20. Parallel Databases in DBMS20. Parallel Databases in DBMS
20. Parallel Databases in DBMS
 
file management
file management file management
file management
 
2. Assume that you are hired as the Network Administrator for a smal.docx
2. Assume that you are hired as the Network Administrator for a smal.docx2. Assume that you are hired as the Network Administrator for a smal.docx
2. Assume that you are hired as the Network Administrator for a smal.docx
 
Filesystemimplementationpre final-160919095849
Filesystemimplementationpre final-160919095849Filesystemimplementationpre final-160919095849
Filesystemimplementationpre final-160919095849
 
File systemimplementationfinal
File systemimplementationfinalFile systemimplementationfinal
File systemimplementationfinal
 
distributed shared memory
distributed shared memory distributed shared memory
distributed shared memory
 
Union FileSystem - A Building Blocks Of a Container
Union FileSystem - A Building Blocks Of a ContainerUnion FileSystem - A Building Blocks Of a Container
Union FileSystem - A Building Blocks Of a Container
 

Mehr von Eng Teong Cheah

Responsible Machine Learning
Responsible Machine LearningResponsible Machine Learning
Responsible Machine LearningEng Teong Cheah
 
Training Optimal Models
Training Optimal ModelsTraining Optimal Models
Training Optimal ModelsEng Teong Cheah
 
Machine Learning Workflows
Machine Learning WorkflowsMachine Learning Workflows
Machine Learning WorkflowsEng Teong Cheah
 
Working with Compute
Working with ComputeWorking with Compute
Working with ComputeEng Teong Cheah
 
Experiments & TrainingModels
Experiments & TrainingModelsExperiments & TrainingModels
Experiments & TrainingModelsEng Teong Cheah
 
Automated Machine Learning
Automated Machine LearningAutomated Machine Learning
Automated Machine LearningEng Teong Cheah
 
Getting Started with Azure Machine Learning
Getting Started with Azure Machine LearningGetting Started with Azure Machine Learning
Getting Started with Azure Machine LearningEng Teong Cheah
 
Hacking Containers - Looking at Cgroups
Hacking Containers - Looking at CgroupsHacking Containers - Looking at Cgroups
Hacking Containers - Looking at CgroupsEng Teong Cheah
 
Hacking Containers - Linux Containers
Hacking Containers - Linux ContainersHacking Containers - Linux Containers
Hacking Containers - Linux ContainersEng Teong Cheah
 
Data Security - Storage Security
Data Security - Storage SecurityData Security - Storage Security
Data Security - Storage SecurityEng Teong Cheah
 
Application Security- App security
Application Security- App securityApplication Security- App security
Application Security- App securityEng Teong Cheah
 
Application Security - Key Vault
Application Security - Key VaultApplication Security - Key Vault
Application Security - Key VaultEng Teong Cheah
 
Compute Security - Container Security
Compute Security - Container SecurityCompute Security - Container Security
Compute Security - Container SecurityEng Teong Cheah
 
Compute Security - Host Security
Compute Security - Host SecurityCompute Security - Host Security
Compute Security - Host SecurityEng Teong Cheah
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network SecurityEng Teong Cheah
 
Virtual Networking Security - Perimeter Security
Virtual Networking Security - Perimeter SecurityVirtual Networking Security - Perimeter Security
Virtual Networking Security - Perimeter SecurityEng Teong Cheah
 
Access Security - Hybrid Identity
Access Security - Hybrid IdentityAccess Security - Hybrid Identity
Access Security - Hybrid IdentityEng Teong Cheah
 

Mehr von Eng Teong Cheah (20)

Monitoring Models
Monitoring ModelsMonitoring Models
Monitoring Models
 
Responsible Machine Learning
Responsible Machine LearningResponsible Machine Learning
Responsible Machine Learning
 
Training Optimal Models
Training Optimal ModelsTraining Optimal Models
Training Optimal Models
 
Deploying Models
Deploying ModelsDeploying Models
Deploying Models
 
Machine Learning Workflows
Machine Learning WorkflowsMachine Learning Workflows
Machine Learning Workflows
 
Working with Compute
Working with ComputeWorking with Compute
Working with Compute
 
Working with Data
Working with DataWorking with Data
Working with Data
 
Experiments & TrainingModels
Experiments & TrainingModelsExperiments & TrainingModels
Experiments & TrainingModels
 
Automated Machine Learning
Automated Machine LearningAutomated Machine Learning
Automated Machine Learning
 
Getting Started with Azure Machine Learning
Getting Started with Azure Machine LearningGetting Started with Azure Machine Learning
Getting Started with Azure Machine Learning
 
Hacking Containers - Looking at Cgroups
Hacking Containers - Looking at CgroupsHacking Containers - Looking at Cgroups
Hacking Containers - Looking at Cgroups
 
Hacking Containers - Linux Containers
Hacking Containers - Linux ContainersHacking Containers - Linux Containers
Hacking Containers - Linux Containers
 
Data Security - Storage Security
Data Security - Storage SecurityData Security - Storage Security
Data Security - Storage Security
 
Application Security- App security
Application Security- App securityApplication Security- App security
Application Security- App security
 
Application Security - Key Vault
Application Security - Key VaultApplication Security - Key Vault
Application Security - Key Vault
 
Compute Security - Container Security
Compute Security - Container SecurityCompute Security - Container Security
Compute Security - Container Security
 
Compute Security - Host Security
Compute Security - Host SecurityCompute Security - Host Security
Compute Security - Host Security
 
Virtual Networking Security - Network Security
Virtual Networking Security - Network SecurityVirtual Networking Security - Network Security
Virtual Networking Security - Network Security
 
Virtual Networking Security - Perimeter Security
Virtual Networking Security - Perimeter SecurityVirtual Networking Security - Perimeter Security
Virtual Networking Security - Perimeter Security
 
Access Security - Hybrid Identity
Access Security - Hybrid IdentityAccess Security - Hybrid Identity
Access Security - Hybrid Identity
 

KĂĽrzlich hochgeladen

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
WhatsApp 9892124323 âś“Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 âś“Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 âś“Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 âś“Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

KĂĽrzlich hochgeladen (20)

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
WhatsApp 9892124323 âś“Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 âś“Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 âś“Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 âś“Call Girls In Kalyan ( Mumbai ) secure service
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

Hacking Containers - Container Storage

  • 3. Storage The mechanism that Docker and several other container runtimes use is know as a union file system (UnionFS). To best understand a union file system, consider a set of clear pieces of transparent paper. One paper at the bottom has a single line; let’s call this the lower layer. The next piece of paper placed on top of it, also translucent, has a line connecting to the first, and the picture that’s formed shows two lines making a 90 degree angle. The next piece of paper is overlayed on top, and that paper has a third line connecting to the first two lines; this picture forms a square U. We’ll call this the layer upper.
  • 4. Storage The final sheet of paper on top we’ll call the workdir; it completes the picture, and we see a square. The layering represents how the overlay file system, which is in use in Docker, uses layers that include diffs between each layer on our disk.
  • 6. Storage We can inspect these changes using the docker inspect and docker volume commands. We can also traverse the file system to the areas that correspond to the file system layers. Each file system layer is SHA-256 hashed and checked for integrity, as these file systems are supposed to be read-only. The mechanism used to create each layer is actually in the Dockerfile.