Scott McCarty

http://rhelblog.redhat.com/2016/02/24/container-tidbits-can-good-supply-chain-hygiene-mitigate-base-image-sizes/

Admittedly, I am not quite sure myself. My gut feeling is always run Fedora 18 containers on Fedora 18 container hosts, but I know people are mixing and matching even...

I agree, it's not pretty. The fun part is we need to build tooling to analyze the user space (container image). Firing it up and putting it through some kind...

BTW, I really like the seccmp idea. I think Linux needs a methodology for this just to autogenerate policy for seccmp.

Let me throw one more curve ball into it. I was chatting with a guy that came up to the booth yesterday and he had worked on an interesting problem...

Here is another problem. When an application starts, it doesn't make every single system call that it is going to make. The calls happen when certain code paths are run....

Yes, good catch. Even as I was typing it, I was second guessing myself. Before coffee. You are dead right. Glibc will think it can make the syscall and fail....

OH, I like that. That could help solve my system call problem too: https://github.com/projectatomic/ContainerApplicationGenericLabels/issues/39

@rodehoed yeah, I don't think this will work with Docker or DockerCompose. There is no RPM/YUM inside ubi-micro, so you have to use the RPM/YUM located on the host. The...

Another use case that is really interesting is upgrading software. There are times, like with FreeIPA, you should really test with a copy of the production data to makes sure...