Linuxkit: A Toolkit for building secure, lean and portable Linux subsystems
For a long time, users have been waiting for developers to bring a Docker-native interface to the various platforms as well as cloud such as AWS, Azure, and Google Cloud. To bridge this gap, Linuxkit is released.
Linuxkit is developed by Docker to assemble custom Linux subsystem to bring more native experience to its desktop and cloud platforms. Of late, users were trying to bring Linux container to platforms but the platform did not allow with the Linux included.
To overcome these flaws, Docker came up with solution to create a bundle secure and portable enough that can provide Linux container on any type of platform. The Linuxkit supports the tool to allow building of custom Linux subsystems that include runtime platform components. The system services in the containers can be replaced and also removed. And the components substituted with the ones that match the required criteria.
As for security, the NIST in their Application Container Security Guide explains: “ Use container-specific OSes instead of general-purpose ones to reduce attack surfaces. When using a container-specific OS, attack surfaces are typically much smaller than they would be with a general-purpose OS, so there are fewer opportunities to attack and compromise a container-specific OS.”
The Linuxkit is lean because when combined with security the user can remove parts that are not needed when the OS is designed around single use of running containers. Which means all the containers can be removed by the user. It is only around 35MB with minimal boot time.
It is also portable as it was mainly built for running on many platforms and also now designed with Docker it runs on many more platforms.
The Next step is to run the Linuxkit on Hyper-v isolation. This toolkit may become big with the right kind of contribution from the open source community.
Comments ( 0 )
No comments available