Wednesday, May 22 • 15:55 - 16:30
Surviving Serverless Battle By Secure Runtime, CRI and RuntimeClass - Xiaoyu Zhang & Lei Zhang, Alibaba

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Why Google released gVisor, AWS developed Firecracker, and Kata is on the fire?

In this talk, we will discuss the unrevealed connection between secure container runtime and Serverless based on our observation and research in public cloud and OpenFaaS community, and then explain why we think CRI & RuntimeClass will contribute to this new "battle field".

With this context, we will share a matrix of secure container runtimes from CRI perspective. For example, what's the attacking surface & isolation mechanism? Is there independent guest kernel? Does it support certain CRI feature? We will discuss which dimension will be hidden by CRI and which will not, and what this means for Serverless & its users.

We will also share how we map CRI Matrix into RuntimeClass, choose proper runtime, and then setup Serverless platform. The design & adoption of RuntimeClass will be evaluated here as well.

avatar for Xiaoyu Zhang

Xiaoyu Zhang

Software engineer, Alibaba
Xiaoyu Zhang is a software engineer in Alibaba group. He's a member of the Kubernetes organization. He mainly works on Kubernetes project and focuses on Docs, kubectl, controller-manager, storage and runtime areas. He had a speech in Cloud Native End User Conference 2018. This is... Read More →
avatar for Lei Zhang

Lei Zhang

Staff Engineer, Alibaba
Lei (Harry) Zhang, Staff Engineer of Alibaba. Lei is a co-maintainer of Kubernetes community, mainly focus on CRI, scheduling, resource mgmt and secure container runtime. Lei was once a member of KataContainers/Hyper team, and a Visiting Researcher at Microsoft Research (MSR). Lei... Read More →

Wednesday May 22, 2019 15:55 - 16:30
Hall 8.0 F5