Zvi Avraham at this years Erlang user conference talks about OSv security and how unikernels have a very small attack surface (jump to 14min). At 20minutes in, Avraham says "containers are not a secure solution". Container solutions like Docker are not secure when compared to unikernel systems like OSv.
At 30minutes in, Avraham talks about the interesting details of the work in progress on porting Erlang/OPT to OSv. Erlang is highly dependent on OS fork and multiple processes, making it especially difficult to port to OSv.
No comments:
Post a Comment