Explore the benefits and challenges of rootless containers in this 19-minute conference talk from linux.conf.au 2021. Dive into core concepts of rootless containers and learn how Podman provides a user-friendly framework that integrates with Systemd. Discover how adopting rootless containers can significantly reduce security risks and enable users to run containers without admin rights. Examine the security and performance management capabilities of SELinux and CGroups in containerized deployments. Follow along as the speaker shares experiences from deploying Home Assistant and Mosquitto as containerized services for home automation, highlighting both suitable and unsuitable workloads for rootless containers.
Overview
Syllabus
Intro
Container Standards: Runtime interfaces
Why rootless containers?
Why Should I Care?
Be the customer
Rootless Options
Rootless Requirements
Hass container
MQTT
Good/Bad/Frustrating
References
Taught by
linux.conf.au