The enterprise technique for application deployment has undergone a major transformation
during the past two decades. Using conventional techniques, software developers write …

Containerization significantly boosts cloud computing efficiency by reducing resource
consumption, enhancing scalability, and simplifying orchestration. Yet, these same features …

The extended Berkeley Packet Filter (eBPF) provides powerful and flexible kernel interfaces
to extend the kernel functions for user space programs via running bytecode directly in the …

In recent years, containerization has become a major trend in the cloud due to its high
resource utilization efficiency and convenient DevOps support. However, the complexity of …

People proposed to use virtualization techniques to reinforce the isolation between
containers. In the design, each container runs inside a lightweight virtual machine (called …

As the dominant container orchestration system, Kubernetes is widely used by many
companies and cloud vendors. It runs third-party add-ons and applications (termed third …

For safety reasons, unprivileged users today have only limited ways to customize the kernel
through the extended Berkeley Packet Filter (eBPF). This is unfortunate, especially since the …

The security of container-based microservices relies heavily on the isolation of operating
system resources that is provided by namespaces. However, vulnerabilities exist in the …

Container isolation is implemented through OS-level virtualization, such as Linux
namespaces. Unfortunately, these mechanisms are extremely challenging to implement …

Containerization is a rapidly advancing technology in cloud computing, facilitating the
seamless development, deployment, and management of applications across diverse …