The AFS secure distributed file system provides a global namespace with access transparent paths to unstructured data and applications using the same file/directory paths without local administration or tooling. For containers to take advantage of this, the AFS namespace must be available as a Kernel Level file system in standard Linux distributions. This allows containers to have access, under the same global namespace, as any desktop/server/device within an organization. With key/credential injection by container orchestration tools and container process isolation, container images can be heterogeneously and securely deployed in your data center or any private/public cloud and have transparent access to persistent organizational storage. The AFS namespace can also be used as a secure repository for container binaries.
This BOF follows the all-day AF_RXAPI and kAFS Hackathon. In addition to discussing issues relating to using the Global AFS namespace for containers, we will discuss the current state and future of kAFS and the RX Linux Kernel implementations and how having kernel support for AFS and the AuriStor extensions to AFS positively affects security, support, distribution and performance.
