The presentation will take place in Room 104 on Thursday, March 5, 2026 - 15:30 to 15:55
At Anthropic, developers expect Nix builds to Just Work on their K8s dev environments. But Nix's builds demand sandboxing support.
This is the war story of "just" enabling sandboxing: upgrading K8s, deploying user namespaces, monkey-patching container runtimes, and rearchitecting our Docker stack.
Audience: anyone interested in a good war story, with advanced details for systems specialists interested in any of Nix, K8s, Linux internals, and running stateful dev workloads on container infra.
