Exploring the Future Potential of AI-Enabled Smartphone Processors
Red Hat's Industry Leadership with Containers - Lars Herrmann
1. Produced by
Containers and Security
Modernizing traditional IT and accelerating
new application delivery with containerization
Lars Herrmann
GM, Integrated Solutions Business Unit
Red Hat
4. Top 5 Container Misperceptions
Containers are new.
Containers equal virtualization.
Containers are universally portable.
Containers are secure by default.
Containers are not enterprise-ready.
1
2
3
4
5
9. What’s inside the container matters
● High vulnerabilities:
ShellShock (bash),
Heartbleed (OpenSSL), etc.
● Medium vulnerabilities:
Poodle (OpenSSL), etc.
● Low vulnerabilities: gcc:
array memory allocations
could cause integer overflow
12. The OS actually matters
● SELinux
● iptables/firewalld
● Linux Auditing System
● pam_tty_audit
● OpenSCAP
Security in RHEL that makes containers more secure:
● IdM / IPA
● Docker standard formats
● Control Groups (cgroups)
● Kernel namespaces
CONTAINER
ISOLATION WITH
SELINUX
14. Red Hat’s Container Benefits
Modernize Application Delivery
Standards and Automation
Gain Agility
Flexibility and Ownership
Achieve Consistency
Dev, Test, and Production
Deploy Anywhere
Baremetal, Virt, Private, Public