Back To Schedule
Wednesday, May 22 • 15:55 - 16:30
Surviving Serverless Battle By Secure Runtime, CRI and RuntimeClass - Xiaoyu Zhang & Lei Zhang, Alibaba

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Why Google released gVisor, AWS developed Firecracker, and Kata is on the fire?

In this talk, we will discuss the unrevealed connection between secure container runtime and Serverless based on our observation and research in public cloud and OpenFaaS community, and then explain why we think CRI & RuntimeClass will contribute to this new "battle field".

With this context, we will share a matrix of secure container runtimes from CRI perspective. For example, what's the attacking surface & isolation mechanism? Is there independent guest kernel? Does it support certain CRI feature? We will discuss which dimension will be hidden by CRI and which will not, and what this means for Serverless & its users.

We will also share how we map CRI Matrix into RuntimeClass, choose proper runtime, and then setup Serverless platform. The design & adoption of RuntimeClass will be evaluated here as well.

avatar for Xiaoyu Zhang

Xiaoyu Zhang

Principal Engineer, Tencent
Xiaoyu Zhang is a principal engineer in Tencent Cloud. He worked for Alibaba Cloud as a senior engineer. He's a member of the Kubernetes organization. He mainly works on Kubernetes project and focuses on docs, kubectl, controller-manager, storage and runtime areas. He had multiple... Read More →
avatar for Lei Zhang

Lei Zhang

Staff Engineer, Alibaba
Lei is leading the engineering effort in Alibaba including its Kubernetes based large-scale cluster management system and unified application platform. Lei has been working as a maintainer on Kubernetes upstream since its beginning and a popular speaker in KubeCon.

Wednesday May 22, 2019 15:55 - 16:30 CEST
Hall 8.0 F5