SlideShare a Scribd company logo

Build and run applications in a dockerless kubernetes world

Jorge Morales
Jorge Morales

Talk at Dev Days Riga 2018: Kubernetes has rapidly grown to support many container runtime formats. In this talk, I'm presenting all the alternatives you have to run your applications in kubernetes, and will present CRI-O which is steadily becoming a replacement to run your Docker containers on production. And since you will no longer have Docker, how will you build now your Docker containers? Buildah is a project that facilitates building Docker containers in a Dockerless world.

Technology
1 of 49
Download to read offline
Build and run applications in a Dockerless Kubernetes world Jorge Morales OpenShift Developer Advocate Riga Dev Days 2018
Me (aka Jorge Morales) ● Spanish by nature and by language ● Work at Red Hat ● OpenShift Developer Advocate ● Mostly Java developer ● Obsessed with improving the developer experience @jorgemoralespou github.com/jorgemoralespou http://jorgemoral.es
Kernel namespaces: sandboxing processes from one another Control Groups (cgroups): control process resource allocations Security: capabilities drop (seccomp), Mandatory access control (SELinux, Apparmor) Linux Containers @jorgemoralespou
VMS vs Containers @jorgemoralespou
@jorgemoralespou
@jorgemoralespou
@jorgemoralespou
With scale came complexity
Orchestration @jorgemoralespou
OTHER ORCHESTRATORS (Cloud Foundry Diego, Nomad, Blox, etc.) 2 YEARS AGO Fragmented landscape TODAY Kubernetes consolidation OTHER ORCHESTRATORS CONTAINER ORCHESTRATION LANDSCAPE @jorgemoralespou
Why kubernetes? #1: Open source, backed by giants #2: Vibrant and fast growing community #3: Supported on all clouds #4: Great partnerships @jorgemoralespou
Started slow June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 @jorgemoralespou
then more runtimes showed up Rkt 1.0 Feb 2016 Kubernetes 1.3: Supports Docker and Rkt containers July 2016 June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 @jorgemoralespou
and code got messy @jorgemoralespou
“Change is the essential process of all of existence.” —SPOCK
Standardize containers ● Runtime spec (runc = Reference implementation) ● Image spec ● Distribution spec (proposal) @jorgemoralespou
Use API/Interfaces to Container Runtimes KUBELET FRAKTI OCI-RUNTIME RUNC DOCKERD RKT CONTAINER RUNTIME INTERFACE (CRI) DOCKERD RKT KUBELET @jorgemoralespou
Standardization became a fact Rkt 1.0 Feb 2016 Kubernetes 1.3: Supports Docker and Rkt containers July 2016 June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 Dec 2016 Kubernetes 1.5: Container Runtime Interface (CRI) alpha July 2017 Kubernetes 1.7: CRI support GA @jorgemoralespou
What is Container Runtime Interface (CRI)? ● A gRPC interface and a group of libraries ● Enables Kubernetes to use a wide variety of container runtimes ● Introduced in Kubernetes 1.5 ● GA in Kubernetes 1.7 @jorgemoralespou
CRI Implementations frakti cri-containerd dockershim virtlet @jorgemoralespou
CRI-O ● Open source & Open governance ● Lean, Stable, Secure and BORING! ○ Tied to the CRI ○ No features that can mine stability and performance ○ Shaped around Kubernetes ○ Only supported user is Kubernetes ○ Versioning and Support are tied to Kubernetes @jorgemoralespou
Man, this guy is so boring! When is the live demo? @jorgemoralespou
Demo script SHOW DOCKER AND STOP IT $ docker images $ systemctl stop docker $ docker images RUN A CONTAINER WITH OC/KUBECTL $ kubectl get pods $ kubectl run --image=nginx --port=80 nginx $ kubectl expose deployment nginx --port=80 $ kubectl get svc $ curl http://<CLUSTER-IP> $ oc expose svc/nginx-http $ oc get route $ kubectl get pods $ kubectl logs -f <POD_NAME> $ kubectl exec -it <POD_NAME> sh $ docker ps $ runc list (show that containers are run by runc)
What if I want to try it? $ minikube start --network-plugin=cni --container-runtime=cri-o --bootstrapper=kubeadm @jorgemoralespou
@jorgemoralespou
libpod/podman Library (libpod) and CLI (podman) for managing OCI-based Pods, Containers, and Container Images ● Replacement for docker cli ○ known CLI ● Integrated with CRI-O (soon) ● No daemon running @jorgemoralespou
Demo script $ podman ps $ podman images $ podman run -it --rm -p 8080:80 nginx $ <ANOTHER TERMINAL> curl http://localhost:8080 $ <ANOTHER TERMINAL> podman ps $ <ANOTHER TERMINAL> podman logs <CONTAINER_ID> $ <ANOTHER TERMINAL> podman exec -t <CONTAINER_ID> sh $ <ANOTHER TERMINAL> ls /etc/nginx $ podman images $ podman run -t fedora echo "Hello Riga" $ podman ps -a $ cd Dockerfiles $ podman build -t rigacontainer . $ podman images $ podman run -it rigacontainer cat /hello $ podman ps -a $ podman rm --all
@jorgemoralespou
skopeo ● Copy images from/to (multiple transports/storages): ○ containers-storage:docker-reference ○ dir:path ○ docker://docker-reference ○ docker-archive:path[:docker-reference] ○ docker-daemon:docker-reference ○ oci:path:tag ○ ostree:image[@/absolute/repo/path] ● Inspect images ● Delete an image from a repository ● Standalone binary / No daemon running ● Perfect for pipelines (e.g. Jenkins) @jorgemoralespou
Demo script $ systemctl start docker $ docker images $ podman images COPY IMAGE $ skopeo copy containers-storage:riga/example:latest docker-daemon:riga/example:latest $ docker images $ docker run -it --rm riga/example cat /hello $ docker ps -a $ docker rm $(docker ps -qa) $ skopeo inspect docker-daemon:riga/example:latest $ skopeo inspect docker:docker.io/library/fedora:latest
@jorgemoralespou
buildah ● Build images ● No daemon running ● shell-like syntax ● Build from Dockerfile(s) @jorgemoralespou
Demo script $ cd ~/Dockerfiles $ skopeo copy containers-storage:registry.fedoraproject.org/fedora:latest docker-daemon:fedora:latest $ docker build -t riga/example-docker . $ docker history riga/example $ docker history riga/example-docker $ buildah bud -t riga/buildah-dockerfile $ container=(buildah from fedora) $ echo $container $ buildah containers $ buildah config --author "Jorge" --label "METADATA=Built with buildah" $container $ buildah inspect $container $ buildah run $container bash # echo “Hello Riga, built by Buildah” > /hello # ls / # cat /hello # exit $ buildah commit $container riga/example-buildah $ podman run -it riga/example-buildah cat /hello
@jorgemoralespou
@jorgemoralespou
Daemon-less Dockerfile builds ● Consume a Dockerfile, but build image without a docker daemon ● Pros ○ Docker build-like experience (just write a Dockerfile) ○ Potentially more control over image layers (combine or shard) ○ Aim is for greater security ● Cons ○ Dockerfile fidelity might make difficult some use cases ○ Different approaches to image layer construction @jorgemoralespou
Daemon-less Dockerfile builds ● Buildah ○ a tool that facilitates building OCI container images ● Img ○ Standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder. ○ The commands/UX are the same as docker (drop-in replacement) ● Kaniko ○ kaniko is a tool to build OCI container images from a Dockerfile, inside a container or Kubernetes cluster ○ executes each command within a Dockerfile completely in userspace ● more... @jorgemoralespou
Dockerfile-less builds ● User input is source / intent: “I want to run a Node.js web server” ● Pros: ○ Less configuration ○ Tools can intelligently build layers, better/safe layer caching ○ Docker image best practices can be codified into tools ● Cons: ○ Less flexible - Opinionated builds ○ Very fragmented across vendors, no real standard @jorgemoralespou
Dockerfile-less builds ● Source to Image ○ User provides source, source gets built+layered into an application image ○ Dependent on ecosystem of framework/language builder images ● Buildpacks ○ Invented by Heroku, adopted by Cloud Foundry / Deis ○ User provides source, “build” produces “slug”, “export” produces container image ● FTL (Faster than light) ○ Purpose-built source to image builders per-language, goal is layer-per-dependency ○ Insight: turn build incrementality into deploy incrementality ● Bazel ○ Google’s OSS build system, supports declarative image builds ○ Used for user-mode Docker image builds for 3+ years @jorgemoralespou
“Our ancestors called it magic, but you call it [computer] science. I come from a land where they are one and the same.” —THOR
@jorgemoralespou
And don’t forget to tweet if you liked it (or if you didn’t) @jorgemoralespou @jorgemoralespou

Recommended

Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Daniel Oh
 
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Jorge Morales
 
Настройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'aНастройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'acorehard_by
 
Automate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOpsAutomate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOpsDaniel Oh
 
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...Amazon Web Services
 
Docker and DevOps --- new IT culture
Docker and DevOps --- new IT cultureDocker and DevOps --- new IT culture
Docker and DevOps --- new IT cultureTerry Chen
 
[OSSummitEU2017]Ten Llayers of Linux Container Security
[OSSummitEU2017]Ten Llayers of Linux Container Security[OSSummitEU2017]Ten Llayers of Linux Container Security
[OSSummitEU2017]Ten Llayers of Linux Container SecurityDaniel Oh
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Radulescu Adina-Valentina
 

Recommended

Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Daniel Oh
 
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Jorge Morales
 
Настройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'aНастройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'acorehard_by
 
Automate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOpsAutomate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOpsDaniel Oh
 
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...Amazon Web Services
 
Docker and DevOps --- new IT culture
Docker and DevOps --- new IT cultureDocker and DevOps --- new IT culture
Docker and DevOps --- new IT cultureTerry Chen
 
[OSSummitEU2017]Ten Llayers of Linux Container Security
[OSSummitEU2017]Ten Llayers of Linux Container Security[OSSummitEU2017]Ten Llayers of Linux Container Security
[OSSummitEU2017]Ten Llayers of Linux Container SecurityDaniel Oh
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Radulescu Adina-Valentina
 
Rootless Containers
Rootless ContainersRootless Containers
Rootless ContainersAkihiro Suda
 
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDaysThe world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDaysCodeOps Technologies LLP
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewiredotCloud
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the Worlddamovsky
 
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployOPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployNatale Vinto
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to dockerMarcelo Cenerino
 
Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Jérôme Petazzoni
 
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins Mando Stam
 
Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker, Inc.
 
Learn docker in 90 minutes
Learn docker in 90 minutesLearn docker in 90 minutes
Learn docker in 90 minutesLarry Cai
 
OpenShift As A DevOps Platform
OpenShift As A DevOps PlatformOpenShift As A DevOps Platform
OpenShift As A DevOps PlatformLalatendu Mohanty
 
[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep DiveAkihiro Suda
 
Docker Continuous Delivery Workshop
Docker Continuous Delivery WorkshopDocker Continuous Delivery Workshop
Docker Continuous Delivery WorkshopJirayut Nimsaeng
 
Surveillance on slam technology
Surveillance on slam technologySurveillance on slam technology
Surveillance on slam technologyGMO-Z.com Vietnam Lab Center
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 
Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Jérôme Petazzoni
 
ISC HPCW talks
ISC HPCW talksISC HPCW talks
ISC HPCW talksAkihiro Suda
 
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into ContainerdAkihiro Suda
 
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless Mode[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless ModeAkihiro Suda
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar
 
Build and run applications in a dockerless kubernetes world - DevConf India 18
Build and run applications in a dockerless kubernetes world - DevConf India 18Build and run applications in a dockerless kubernetes world - DevConf India 18
Build and run applications in a dockerless kubernetes world - DevConf India 18Jorge Morales
 
DOCKER-PIAIC-SLIDES
DOCKER-PIAIC-SLIDESDOCKER-PIAIC-SLIDES
DOCKER-PIAIC-SLIDESMuhammadAhmed651877
 

More Related Content

What's hot

Rootless Containers
Rootless ContainersRootless Containers
Rootless ContainersAkihiro Suda
 
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDaysThe world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDaysCodeOps Technologies LLP
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewiredotCloud
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the Worlddamovsky
 
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployOPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployNatale Vinto
 
Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Jérôme Petazzoni
 
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins Mando Stam
 
Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker, Inc.
 
Learn docker in 90 minutes
Learn docker in 90 minutesLearn docker in 90 minutes
Learn docker in 90 minutesLarry Cai
 
OpenShift As A DevOps Platform
OpenShift As A DevOps PlatformOpenShift As A DevOps Platform
OpenShift As A DevOps PlatformLalatendu Mohanty
 
[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep DiveAkihiro Suda
 
Docker Continuous Delivery Workshop
Docker Continuous Delivery WorkshopDocker Continuous Delivery Workshop
Docker Continuous Delivery WorkshopJirayut Nimsaeng
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 
Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Jérôme Petazzoni
 
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into ContainerdAkihiro Suda
 
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless Mode[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless ModeAkihiro Suda
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar
 

What's hot (20)

Rootless Containers
Rootless ContainersRootless Containers
Rootless Containers
 
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDaysThe world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the World
 
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployOPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
 
Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?
 
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
 
Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...
 
Learn docker in 90 minutes
Learn docker in 90 minutesLearn docker in 90 minutes
Learn docker in 90 minutes
 
OpenShift As A DevOps Platform
OpenShift As A DevOps PlatformOpenShift As A DevOps Platform
OpenShift As A DevOps Platform
 
[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive
 
Docker Continuous Delivery Workshop
Docker Continuous Delivery WorkshopDocker Continuous Delivery Workshop
Docker Continuous Delivery Workshop
 
Surveillance on slam technology
Surveillance on slam technologySurveillance on slam technology
Surveillance on slam technology
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode
 
Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...
 
ISC HPCW talks
ISC HPCW talksISC HPCW talks
ISC HPCW talks
 
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
 
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless Mode[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
 

Similar to Build and run applications in a dockerless kubernetes world

Build and run applications in a dockerless kubernetes world - DevConf India 18
Build and run applications in a dockerless kubernetes world - DevConf India 18Build and run applications in a dockerless kubernetes world - DevConf India 18
Build and run applications in a dockerless kubernetes world - DevConf India 18Jorge Morales
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 applicationRoman Rodomansky
 
Powercoders · Docker · Fall 2021.pptx
Powercoders · Docker · Fall 2021.pptxPowercoders · Docker · Fall 2021.pptx
Powercoders · Docker · Fall 2021.pptxIgnacioTamayo2
 
Docker for mere mortals
Docker for mere mortalsDocker for mere mortals
Docker for mere mortalsHenryk Konsek
 
Docker primer and tips
Docker primer and tipsDocker primer and tips
Docker primer and tipsSamuel Chow
 
Dockercon EU 2014
Dockercon EU 2014Dockercon EU 2014
Dockercon EU 2014Rafe Colton
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...Docker, Inc.
 
Docker in everyday development
Docker in everyday developmentDocker in everyday development
Docker in everyday developmentJustyna Ilczuk
 
Introduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxDataIntroduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxDataInfluxData
 
DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline Docker, Inc.
 
Using Docker to build and test in your laptop and Jenkins
Using Docker to build and test in your laptop and JenkinsUsing Docker to build and test in your laptop and Jenkins
Using Docker to build and test in your laptop and JenkinsMicael Gallego
 
Introduction to Docker and Containers
Introduction to Docker and ContainersIntroduction to Docker and Containers
Introduction to Docker and ContainersDocker, Inc.
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesJérôme Petazzoni
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsElasTest Project
 
A Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersA Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersDocker, Inc.
 
Virtual Machines and Docker
Virtual Machines and DockerVirtual Machines and Docker
Virtual Machines and DockerDanish Khakwani
 
Running the Oracle SOA Suite Environment in a Docker Container
Running the Oracle SOA Suite Environment in a Docker ContainerRunning the Oracle SOA Suite Environment in a Docker Container
Running the Oracle SOA Suite Environment in a Docker ContainerGuido Schmutz
 

Similar to Build and run applications in a dockerless kubernetes world (20)

Build and run applications in a dockerless kubernetes world - DevConf India 18
Build and run applications in a dockerless kubernetes world - DevConf India 18Build and run applications in a dockerless kubernetes world - DevConf India 18
Build and run applications in a dockerless kubernetes world - DevConf India 18
 
DOCKER-PIAIC-SLIDES
DOCKER-PIAIC-SLIDESDOCKER-PIAIC-SLIDES
DOCKER-PIAIC-SLIDES
 
Docker, what's next ?
Docker, what's next ?Docker, what's next ?
Docker, what's next ?
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 application
 
Powercoders · Docker · Fall 2021.pptx
Powercoders · Docker · Fall 2021.pptxPowercoders · Docker · Fall 2021.pptx
Powercoders · Docker · Fall 2021.pptx
 
Docker for mere mortals
Docker for mere mortalsDocker for mere mortals
Docker for mere mortals
 
Docker primer and tips
Docker primer and tipsDocker primer and tips
Docker primer and tips
 
Dockercon EU 2014
Dockercon EU 2014Dockercon EU 2014
Dockercon EU 2014
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
 
Docker in everyday development
Docker in everyday developmentDocker in everyday development
Docker in everyday development
 
Introduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxDataIntroduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxData
 
DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline
 
Using Docker to build and test in your laptop and Jenkins
Using Docker to build and test in your laptop and JenkinsUsing Docker to build and test in your laptop and Jenkins
Using Docker to build and test in your laptop and Jenkins
 
Introduction to Docker and Containers
Introduction to Docker and ContainersIntroduction to Docker and Containers
Introduction to Docker and Containers
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los Angeles
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
 
A Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersA Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and Containers
 
Docker presentation
Docker presentationDocker presentation
Docker presentation
 
Virtual Machines and Docker
Virtual Machines and DockerVirtual Machines and Docker
Virtual Machines and Docker
 
Running the Oracle SOA Suite Environment in a Docker Container
Running the Oracle SOA Suite Environment in a Docker ContainerRunning the Oracle SOA Suite Environment in a Docker Container
Running the Oracle SOA Suite Environment in a Docker Container
 

More from Jorge Morales

OpenShift for developers in action! - jbcnconf19
OpenShift for developers in action! - jbcnconf19OpenShift for developers in action! - jbcnconf19
OpenShift for developers in action! - jbcnconf19Jorge Morales
 
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19Jorge Morales
 
Automating with operators - FossAsia Summit 2019
Automating with operators - FossAsia Summit 2019Automating with operators - FossAsia Summit 2019
Automating with operators - FossAsia Summit 2019Jorge Morales
 
Odo improving the developer experience on OpenShift - hack &amp; sangria
Odo improving the developer experience on OpenShift - hack &amp; sangriaOdo improving the developer experience on OpenShift - hack &amp; sangria
Odo improving the developer experience on OpenShift - hack &amp; sangriaJorge Morales
 
Mastering java in containers - MadridJUG
Mastering java in containers - MadridJUGMastering java in containers - MadridJUG
Mastering java in containers - MadridJUGJorge Morales
 
Automating stateful applications with kubernetes operators - Openstack Summit...
Automating stateful applications with kubernetes operators - Openstack Summit...Automating stateful applications with kubernetes operators - Openstack Summit...
Automating stateful applications with kubernetes operators - Openstack Summit...Jorge Morales
 
Improving the developer experience on OpenShift - devconf-india-18
Improving the developer experience on OpenShift - devconf-india-18Improving the developer experience on OpenShift - devconf-india-18
Improving the developer experience on OpenShift - devconf-india-18Jorge Morales
 
I tried to dockerize my app but I had to PaaS
I tried to dockerize my app but I had to PaaSI tried to dockerize my app but I had to PaaS
I tried to dockerize my app but I had to PaaSJorge Morales
 

More from Jorge Morales (8)

OpenShift for developers in action! - jbcnconf19
OpenShift for developers in action! - jbcnconf19OpenShift for developers in action! - jbcnconf19
OpenShift for developers in action! - jbcnconf19
 
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
 
Automating with operators - FossAsia Summit 2019
Automating with operators - FossAsia Summit 2019Automating with operators - FossAsia Summit 2019
Automating with operators - FossAsia Summit 2019
 
Odo improving the developer experience on OpenShift - hack &amp; sangria
Odo improving the developer experience on OpenShift - hack &amp; sangriaOdo improving the developer experience on OpenShift - hack &amp; sangria
Odo improving the developer experience on OpenShift - hack &amp; sangria
 
Mastering java in containers - MadridJUG
Mastering java in containers - MadridJUGMastering java in containers - MadridJUG
Mastering java in containers - MadridJUG
 
Automating stateful applications with kubernetes operators - Openstack Summit...
Automating stateful applications with kubernetes operators - Openstack Summit...Automating stateful applications with kubernetes operators - Openstack Summit...
Automating stateful applications with kubernetes operators - Openstack Summit...
 
Improving the developer experience on OpenShift - devconf-india-18
Improving the developer experience on OpenShift - devconf-india-18Improving the developer experience on OpenShift - devconf-india-18
Improving the developer experience on OpenShift - devconf-india-18
 
I tried to dockerize my app but I had to PaaS
I tried to dockerize my app but I had to PaaSI tried to dockerize my app but I had to PaaS
I tried to dockerize my app but I had to PaaS
 

Recently uploaded

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 

Recently uploaded (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 

Build and run applications in a dockerless kubernetes world

  • 1. Build and run applications in a Dockerless Kubernetes world Jorge Morales OpenShift Developer Advocate Riga Dev Days 2018
  • 2. Me (aka Jorge Morales) ● Spanish by nature and by language ● Work at Red Hat ● OpenShift Developer Advocate ● Mostly Java developer ● Obsessed with improving the developer experience @jorgemoralespou github.com/jorgemoralespou http://jorgemoral.es
  • 3.
  • 4.
  • 5. Kernel namespaces: sandboxing processes from one another Control Groups (cgroups): control process resource allocations Security: capabilities drop (seccomp), Mandatory access control (SELinux, Apparmor) Linux Containers @jorgemoralespou
  • 8.
  • 11. With scale came complexity
  • 13. OTHER ORCHESTRATORS (Cloud Foundry Diego, Nomad, Blox, etc.) 2 YEARS AGO Fragmented landscape TODAY Kubernetes consolidation OTHER ORCHESTRATORS CONTAINER ORCHESTRATION LANDSCAPE @jorgemoralespou
  • 14. Why kubernetes? #1: Open source, backed by giants #2: Vibrant and fast growing community #3: Supported on all clouds #4: Great partnerships @jorgemoralespou
  • 15. Started slow June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 @jorgemoralespou
  • 16. then more runtimes showed up Rkt 1.0 Feb 2016 Kubernetes 1.3: Supports Docker and Rkt containers July 2016 June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 @jorgemoralespou
  • 17. and code got messy @jorgemoralespou
  • 18. “Change is the essential process of all of existence.” —SPOCK
  • 19. Standardize containers ● Runtime spec (runc = Reference implementation) ● Image spec ● Distribution spec (proposal) @jorgemoralespou
  • 20. Use API/Interfaces to Container Runtimes KUBELET FRAKTI OCI-RUNTIME RUNC DOCKERD RKT CONTAINER RUNTIME INTERFACE (CRI) DOCKERD RKT KUBELET @jorgemoralespou
  • 21. Standardization became a fact Rkt 1.0 Feb 2016 Kubernetes 1.3: Supports Docker and Rkt containers July 2016 June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 Dec 2016 Kubernetes 1.5: Container Runtime Interface (CRI) alpha July 2017 Kubernetes 1.7: CRI support GA @jorgemoralespou
  • 22. What is Container Runtime Interface (CRI)? ● A gRPC interface and a group of libraries ● Enables Kubernetes to use a wide variety of container runtimes ● Introduced in Kubernetes 1.5 ● GA in Kubernetes 1.7 @jorgemoralespou
  • 24. CRI-O ● Open source & Open governance ● Lean, Stable, Secure and BORING! ○ Tied to the CRI ○ No features that can mine stability and performance ○ Shaped around Kubernetes ○ Only supported user is Kubernetes ○ Versioning and Support are tied to Kubernetes @jorgemoralespou
  • 25. Man, this guy is so boring! When is the live demo? @jorgemoralespou
  • 26. Demo script SHOW DOCKER AND STOP IT $ docker images $ systemctl stop docker $ docker images RUN A CONTAINER WITH OC/KUBECTL $ kubectl get pods $ kubectl run --image=nginx --port=80 nginx $ kubectl expose deployment nginx --port=80 $ kubectl get svc $ curl http://<CLUSTER-IP> $ oc expose svc/nginx-http $ oc get route $ kubectl get pods $ kubectl logs -f <POD_NAME> $ kubectl exec -it <POD_NAME> sh $ docker ps $ runc list (show that containers are run by runc)
  • 27.
  • 28. What if I want to try it? $ minikube start --network-plugin=cni --container-runtime=cri-o --bootstrapper=kubeadm @jorgemoralespou
  • 30. libpod/podman Library (libpod) and CLI (podman) for managing OCI-based Pods, Containers, and Container Images ● Replacement for docker cli ○ known CLI ● Integrated with CRI-O (soon) ● No daemon running @jorgemoralespou
  • 31.
  • 32. Demo script $ podman ps $ podman images $ podman run -it --rm -p 8080:80 nginx $ <ANOTHER TERMINAL> curl http://localhost:8080 $ <ANOTHER TERMINAL> podman ps $ <ANOTHER TERMINAL> podman logs <CONTAINER_ID> $ <ANOTHER TERMINAL> podman exec -t <CONTAINER_ID> sh $ <ANOTHER TERMINAL> ls /etc/nginx $ podman images $ podman run -t fedora echo "Hello Riga" $ podman ps -a $ cd Dockerfiles $ podman build -t rigacontainer . $ podman images $ podman run -it rigacontainer cat /hello $ podman ps -a $ podman rm --all
  • 34. skopeo ● Copy images from/to (multiple transports/storages): ○ containers-storage:docker-reference ○ dir:path ○ docker://docker-reference ○ docker-archive:path[:docker-reference] ○ docker-daemon:docker-reference ○ oci:path:tag ○ ostree:image[@/absolute/repo/path] ● Inspect images ● Delete an image from a repository ● Standalone binary / No daemon running ● Perfect for pipelines (e.g. Jenkins) @jorgemoralespou
  • 35.
  • 36. Demo script $ systemctl start docker $ docker images $ podman images COPY IMAGE $ skopeo copy containers-storage:riga/example:latest docker-daemon:riga/example:latest $ docker images $ docker run -it --rm riga/example cat /hello $ docker ps -a $ docker rm $(docker ps -qa) $ skopeo inspect docker-daemon:riga/example:latest $ skopeo inspect docker:docker.io/library/fedora:latest
  • 38. buildah ● Build images ● No daemon running ● shell-like syntax ● Build from Dockerfile(s) @jorgemoralespou
  • 39.
  • 40. Demo script $ cd ~/Dockerfiles $ skopeo copy containers-storage:registry.fedoraproject.org/fedora:latest docker-daemon:fedora:latest $ docker build -t riga/example-docker . $ docker history riga/example $ docker history riga/example-docker $ buildah bud -t riga/buildah-dockerfile $ container=(buildah from fedora) $ echo $container $ buildah containers $ buildah config --author "Jorge" --label "METADATA=Built with buildah" $container $ buildah inspect $container $ buildah run $container bash # echo “Hello Riga, built by Buildah” > /hello # ls / # cat /hello # exit $ buildah commit $container riga/example-buildah $ podman run -it riga/example-buildah cat /hello
  • 43. Daemon-less Dockerfile builds ● Consume a Dockerfile, but build image without a docker daemon ● Pros ○ Docker build-like experience (just write a Dockerfile) ○ Potentially more control over image layers (combine or shard) ○ Aim is for greater security ● Cons ○ Dockerfile fidelity might make difficult some use cases ○ Different approaches to image layer construction @jorgemoralespou
  • 44. Daemon-less Dockerfile builds ● Buildah ○ a tool that facilitates building OCI container images ● Img ○ Standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder. ○ The commands/UX are the same as docker (drop-in replacement) ● Kaniko ○ kaniko is a tool to build OCI container images from a Dockerfile, inside a container or Kubernetes cluster ○ executes each command within a Dockerfile completely in userspace ● more... @jorgemoralespou
  • 45. Dockerfile-less builds ● User input is source / intent: “I want to run a Node.js web server” ● Pros: ○ Less configuration ○ Tools can intelligently build layers, better/safe layer caching ○ Docker image best practices can be codified into tools ● Cons: ○ Less flexible - Opinionated builds ○ Very fragmented across vendors, no real standard @jorgemoralespou
  • 46. Dockerfile-less builds ● Source to Image ○ User provides source, source gets built+layered into an application image ○ Dependent on ecosystem of framework/language builder images ● Buildpacks ○ Invented by Heroku, adopted by Cloud Foundry / Deis ○ User provides source, “build” produces “slug”, “export” produces container image ● FTL (Faster than light) ○ Purpose-built source to image builders per-language, goal is layer-per-dependency ○ Insight: turn build incrementality into deploy incrementality ● Bazel ○ Google’s OSS build system, supports declarative image builds ○ Used for user-mode Docker image builds for 3+ years @jorgemoralespou
  • 47. “Our ancestors called it magic, but you call it [computer] science. I come from a land where they are one and the same.” —THOR
  • 49. And don’t forget to tweet if you liked it (or if you didn’t) @jorgemoralespou @jorgemoralespou