Building a modern container and virtual machine manager
LXD is a modern container manager focused on system containers which debuted back in 2014.
Over the years, LXD has grown support for a wide range of advanced features, making it possible to run just about any workload inside its safe unprivileged containers. This ranges from fine grained resource limits through CGroupV1/CGroupV2, network filtering and isolation capabilities, support for passing through a wide variety of devices, integration with hardware features like SR-IOV and using the latest kernel features like Seccomp system call interception.
Clustering was another big step forward for LXD, allowing transparent multi-system deployments, including a built-in distributed database allowing for high availability.
Over the past year, the focus has now been to support full virtual machines (KVM) alongside system containers. Using the exact same APIs and configuration options and making use of all the latest advancements in virtualized hardware (virtio) as well as operating an agent in the virtual machines to have them be as easy to operate as our system containers.
This talk will go over the defining characteristics of LXD and go through what we think makes our approach unique and exciting in 2020.
A good part of this will be done through extensive demos.
Project leader for LXD, LXC and LXCFS
Stéphane Graber is the engineering manager for the LXD team at Canonical Ltd. He is the upstream project leader for LXC and LXD and a frequent speaker and track leader at events related to containers and Linux.
Stéphane is also a longtime contributor to the Ubuntu Linux distribution as an Ubuntu core developer and he sits on the Ubuntu technical board.
In his spare time, Stéphane helps organize a yearly security conference and contest in Montréal, Northsec, where his knowledge of Linux and network infrastructure is used to simulate the most complex of environments for contestants.
Stéphane has been a frequent speaker at the Open Source Summit, both in North America and Europe for the past few years, the organizer of the yearly Containers micro-conference at the Linux Plumbers Conference and the containers devroom at FOSDEM. Outside of Linux Foundation events, Stéphane has also recently presented at NorthSec, NVIDIA GTC and ContainerCamp.