Conf42: Cloud Native 2021

Kubernetes, Docker, LXC, Virtual Machines, Micro-services… And what if all the trendy tail of containers isn’t just f** up? Let’s see how we run isolation and containers in our PaaS using POSIX and Linux native features: Cgroups!

We power a PaaS platform, but we don’t choose to rely on fancy containers technologies to run isolation. Instead, we intensively rely on permissions and cgroups. Here’s an explanation of our architecture, how we use it in production, and why we made those choices that we support for a while now. A proper introduction to isolation in production, for a lightweight environment, far away from Docker, Kubernetes, and others trendy stuff.