Containers and Security on Planet X

Monday, October 29, 2018 - 4:30 pm5:00 pm

Michael Jennings, Los Alamos National Laboratory

Abstract: 

Containers and the modern container ecosystem have thoroughly revolutionized the development, deployment, and delivery of web applications and microservices, but in many ways, the world of high-performance computing (HPC)—traditionally the innovators and trailblazers of the scalable system space—has found itself playing catch-up instead of leading the pack as it once did. No longer the target audience for the community of solution developers, the architects and innovators in HPC initially sought ways to tweak, tailor, configure, or even fork the industry-standard container platform (Docker) to address the unique needs of HPC and the scientific community. Faced with the reality that they were on their own to implement something themselves, multiple solutions emerged which dealt with many of the same challenges in fundamentally different ways and with different implications for performance, usability, reliability, scalability...and of course, security!

For system administrators in the unique world of HPC—whether in academia, government, or the technical computing industry—the current view of the container landscape can be incredibly confusing. We'll sift through the hype, dispel some misconceptions, explore the unique use case of containers in HPC, and examine the modern runtime options for high-performance containerized applications in terms of their primary differentiators—their approaches to image management, runtime execution, and security. We'll also look at future developments going on both inside and outside the HPC container arena and discuss how the landscape will be changing over the next few years. Finally we will provide some simple, straight-forward guidance to help sysadmins new to this space understand your options and make the best possible choice for addressing your own HPC container needs to ensure your users' success and your own peace-of-mind!

Michael Jennings, Los Alamos National Laboratory

Michael Jennings has been a UNIX/Linux Systems Administrator and a C/Perl developer for over 20 years and has been author of or contributor to numerous open source software projects including Eterm, Mezzanine, RPM, Warewulf, and TORQUE. Additionally, he co-founded the Caos Foundation, creators of CentOS, and has been lead developer on 3 separate Linux distributions. He currently works as a Scientist at Los Alamos National Laboratory and is the primary author/maintainer for the LBNL Node Health Check (NHC) project. He is also the Vice President of HPCXXL, the extreme-scale HPC users group.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@conference {221738,
author = {Michael Jennings},
title = {Containers and Security on Planet X},
year = {2018},
address = {Nashville, TN},
publisher = {USENIX Association},
month = oct
}

Presentation Video 

Presentation Audio