SlideShare ist ein Scribd-Unternehmen logo

Containerize All the Multi-Platform Things! - DockerCon Seattle 2016

Phil Estes
Phil Estes

Community Theater presentation given on Monday, June 20th, 2016 at DockerCon Seattle 2016, describing the current status of multi-platform image support in the Docker engine and registry implementations.

Software
1 von 10
Downloaden Sie, um offline zu lesen
Containerize All The (Multi-Platform) Things! Phil Estes IBM Cloud, Open Technology Twitter: @estesp
About Me Phil Estes Senior Technical Staff Member IBM Cloud, Open Technologies Container Strategy/Open Source Leader Docker community core engine maintainer < Linux/open source expertise for 15 years @ IBM < Community activities & accomplishments > Brought user namespace support to the Docker engine > Helped design v2.2 image specification with multi-platform support > Implemented first tool to create multi-platform images in Docker v2.3 registry > Member of the “Docker Captains” program 2
Background: DockerCon Barcelona, Nov 2015 • Multi-platform support in registry via “workarounds”: • Repo-per-arch/platform: ppc64le/, s390x/, armv7/ • Image name prefixes: rpi- (rpi-node, rpi-consul, rpi-mysql) • Tag names with architecture detail: • multiarch/busybox:s390x • multiarch/busybox:amd64 • multiarch/busybox:armhf • Nearly finalized v2.2 image manifest specification: • PR #1068 defined the new specification format; proposed in Oct, agreed to and merged Dec. 18th, 2015 • PR #1281 implemented the new spec format in the registry (docker/distribution), and was merged on Jan. 7th, 2016 3
The manifest list Registry Object Type • How does the v2.2 image manifest spec support multi-platform? • Via a new registry manifest type: the manifest list • A manifest list contains pointers to existing manifest objects • A manifest list contains a platform specification associated with each pointer to an existing manifest • What is a platform specification? "platform": { // example with *all* fields "architecture": "amd64", "os": "linux", "os.version": "10.0.10586", "os.features": [ "win32k" ], "variant": "armv6l" "features": [ "sse4", "aes" ] } "platform": { "architecture": "ppc64le", "os": "linux", } Could be very simple: 4
Docker 1.10: Engine Support • Docker 1.10 included rudimentary engine support for manifest list objects: • Engine checks manifest list entries against GOOS and GOARCH values from the Docker engine host platform • If a platform entry from the manifest list matches, that reference manifest is then pulled from the registry and used as that name:tag locally • Why rudimentary? • Is not (yet) using the feature or variant fields to make determinations against the local host platform/architecture • Potentially more important for embedded platforms than server- oriented platforms 5
Creating a Manifest List • Registry v2.3 and above support manifest lists • DockerHub now supports pushing manifest list objects • Open source “docker/distribution” v2.3 and above (this includes the official DockerHub “registry” image, now at v2.4.1) • Official tooling still under discussion • Discussion: Where does it fit? (e.g. extend “docker push”) • Details, details (how to specify inputs, image signing/trust, etc.) • Proof of concept tool available today for testing • https://github.com/estesp/manifest-tool • Can inspect (list) or push manifest lists to private registry or DockerHub • Read more about it here: https://integratedcode.us/2016/04/22/a-step-towards- multi-platform-docker-images/ 6
The Manifest Tool • Input: YAML definition of input images + platform specifications image: estesp/debian:jessie manifests: - image: s390x/debian:jessie platform: architecture: s390x os: linux - image: debian:jessie platform: architecture: amd64 os: linux - image: ppc64le/debian:jessie platform: architecture: ppc64le os: linux - image: aarch64/debian:jessie platform: architecture: arm64 os: linux variant: armv8 7 • image: target manifest list name:tag • manifests: list of image names with associated platform specification • Architecture and OS fields validated against known good values/combinations • Image references are queried/validated; can reside in any repo, but on the same registry host • Manifest list written to registry
Let’s Demo 8
What’s Left? • Engine: Full Support for ‘platform’ Definition • Windows will exploit os.version and os.features entries for full platform matching • Linux-based engines need to determine how to “understand” features and variant with standardized definitions (e.g. /proc/cpuinfo) • Official tooling for manifest list push/inspection • Requires full support for Docker Content Trust/image signing • Content publishers/creators need to be informed of capabilities • DockerHub/UI Updates • Currently no visibility into “manifest list” entries • Platform information: a visual representation for consumers to find supported platforms for a given manifest list-based image • Workflow details (automated builds?) 9
Thank you! 10 @estesp github.com/estesp estesp@gmail.com https://integratedcode.us IRC: estesp

Empfohlen

Running stateful services in containers - ContainerDays Boston 2016
Running stateful services in containers - ContainerDays Boston 2016Running stateful services in containers - ContainerDays Boston 2016
Running stateful services in containers - ContainerDays Boston 2016
Jonas Rosland
 
Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)
Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)
Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)
Nils De Moor
 
Docker for PHP Developers - Jetbrains
Docker for PHP Developers - JetbrainsDocker for PHP Developers - Jetbrains
Docker for PHP Developers - Jetbrains
Chris Tankersley
 
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
DockerCon US 2016 - Extending Docker With APIs, Drivers, and PluginsDockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
Arnaud Porterie
 
Container Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's EnginesContainer Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's Engines
Phil Estes
 
Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor BrownDockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Docker, Inc.
 
Docker Multi-arch All The Things
Docker Multi-arch All The ThingsDocker Multi-arch All The Things
Docker Multi-arch All The Things
Docker, Inc.
 
Programming the world with Docker
Programming the world with DockerProgramming the world with Docker
Programming the world with Docker
Patrick Chanezon
 

Empfohlen

Running stateful services in containers - ContainerDays Boston 2016
Running stateful services in containers - ContainerDays Boston 2016Running stateful services in containers - ContainerDays Boston 2016
Running stateful services in containers - ContainerDays Boston 2016
Jonas Rosland
 
Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)
Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)
Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)
Nils De Moor
 
Docker for PHP Developers - Jetbrains
Docker for PHP Developers - JetbrainsDocker for PHP Developers - Jetbrains
Docker for PHP Developers - Jetbrains
Chris Tankersley
 
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
DockerCon US 2016 - Extending Docker With APIs, Drivers, and PluginsDockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
DockerCon US 2016 - Extending Docker With APIs, Drivers, and Plugins
Arnaud Porterie
 
Container Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's EnginesContainer Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's Engines
Phil Estes
 
Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor BrownDockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Docker, Inc.
 
Docker Multi-arch All The Things
Docker Multi-arch All The ThingsDocker Multi-arch All The Things
Docker Multi-arch All The Things
Docker, Inc.
 
Programming the world with Docker
Programming the world with DockerProgramming the world with Docker
Programming the world with Docker
Patrick Chanezon
 
Windows Server and Docker - The Internals Behind Bringing Docker and Containe...
Windows Server and Docker - The Internals Behind Bringing Docker and Containe...Windows Server and Docker - The Internals Behind Bringing Docker and Containe...
Windows Server and Docker - The Internals Behind Bringing Docker and Containe...
Docker, Inc.
 
Docker for Developers - Part 1 by David Gageot
Docker for Developers - Part 1 by David GageotDocker for Developers - Part 1 by David Gageot
Docker for Developers - Part 1 by David Gageot
Docker, Inc.
 
Online Meetup: Why should container system / platform builders care about con...
Online Meetup: Why should container system / platform builders care about con...Online Meetup: Why should container system / platform builders care about con...
Online Meetup: Why should container system / platform builders care about con...
Docker, Inc.
 
Docker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EEDocker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EE
Docker, Inc.
 
Docker for Mac and Windows: The Insider's Guide by Justin Cormack
Docker for Mac and Windows: The Insider's Guide by Justin CormackDocker for Mac and Windows: The Insider's Guide by Justin Cormack
Docker for Mac and Windows: The Insider's Guide by Justin Cormack
Docker, Inc.
 
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth RushgroveThe Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
Docker, Inc.
 
Docker SF Meetup January 2016
Docker SF Meetup January 2016Docker SF Meetup January 2016
Docker SF Meetup January 2016
Patrick Chanezon
 
Docker serverless v1.0
Docker serverless v1.0Docker serverless v1.0
Docker serverless v1.0
Thomas Chacko
 
OSCON: System software goes weird
OSCON: System software goes weirdOSCON: System software goes weird
OSCON: System software goes weird
Docker, Inc.
 
Windows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveWindows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep dive
Docker, Inc.
 
Building Reusable Development Environments with Docker
Building Reusable Development Environments with DockerBuilding Reusable Development Environments with Docker
Building Reusable Development Environments with Docker
Revelation Technologies
 
Docker?!?! But I'm a SysAdmin
Docker?!?! But I'm a SysAdminDocker?!?! But I'm a SysAdmin
Docker?!?! But I'm a SysAdmin
Docker, Inc.
 
ContainerDayVietnam2016: Docker for JS Developer
ContainerDayVietnam2016: Docker for JS DeveloperContainerDayVietnam2016: Docker for JS Developer
ContainerDayVietnam2016: Docker for JS Developer
Docker-Hanoi
 
DockerCon EU 2015: The Latest in Docker Engine
DockerCon EU 2015: The Latest in Docker EngineDockerCon EU 2015: The Latest in Docker Engine
DockerCon EU 2015: The Latest in Docker Engine
Docker, Inc.
 
DCSF19 CMD and Conquer: Containerizing the Monolith
DCSF19 CMD and Conquer: Containerizing the Monolith DCSF19 CMD and Conquer: Containerizing the Monolith
DCSF19 CMD and Conquer: Containerizing the Monolith
Docker, Inc.
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
Docker, Inc.
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
Mike Goelzer
 
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Phil Estes
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slides
Docker, Inc.
 
Runc: The Little Engine That Could (Run Docker Containers)
Runc: The Little Engine That Could (Run Docker Containers)Runc: The Little Engine That Could (Run Docker Containers)
Runc: The Little Engine That Could (Run Docker Containers)
Phil Estes
 
runC: The little engine that could (run Docker containers) by Docker Captain ...
runC: The little engine that could (run Docker containers) by Docker Captain ...runC: The little engine that could (run Docker containers) by Docker Captain ...
runC: The little engine that could (run Docker containers) by Docker Captain ...
Docker, Inc.
 
Devoxx 2016: A Developer's Guide to OCI and runC
Devoxx 2016: A Developer's Guide to OCI and runCDevoxx 2016: A Developer's Guide to OCI and runC
Devoxx 2016: A Developer's Guide to OCI and runC
Phil Estes
 

Weitere ähnliche Inhalte

Was ist angesagt?

Docker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EEDocker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EE
Docker, Inc.
 
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth RushgroveThe Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
Docker, Inc.
 
OSCON: System software goes weird
OSCON: System software goes weirdOSCON: System software goes weird
OSCON: System software goes weird
Docker, Inc.
 
Windows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveWindows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep dive
Docker, Inc.
 
DCSF19 CMD and Conquer: Containerizing the Monolith
DCSF19 CMD and Conquer: Containerizing the Monolith DCSF19 CMD and Conquer: Containerizing the Monolith
DCSF19 CMD and Conquer: Containerizing the Monolith
Docker, Inc.
 

Was ist angesagt? (19)

Windows Server and Docker - The Internals Behind Bringing Docker and Containe...
Windows Server and Docker - The Internals Behind Bringing Docker and Containe...Windows Server and Docker - The Internals Behind Bringing Docker and Containe...
Windows Server and Docker - The Internals Behind Bringing Docker and Containe...
 
Docker for Developers - Part 1 by David Gageot
Docker for Developers - Part 1 by David GageotDocker for Developers - Part 1 by David Gageot
Docker for Developers - Part 1 by David Gageot
 
Online Meetup: Why should container system / platform builders care about con...
Online Meetup: Why should container system / platform builders care about con...Online Meetup: Why should container system / platform builders care about con...
Online Meetup: Why should container system / platform builders care about con...
 
Docker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EEDocker Online Meetup: Announcing Docker CE + EE
Docker Online Meetup: Announcing Docker CE + EE
 
Docker for Mac and Windows: The Insider's Guide by Justin Cormack
Docker for Mac and Windows: The Insider's Guide by Justin CormackDocker for Mac and Windows: The Insider's Guide by Justin Cormack
Docker for Mac and Windows: The Insider's Guide by Justin Cormack
 
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth RushgroveThe Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
 
Docker SF Meetup January 2016
Docker SF Meetup January 2016Docker SF Meetup January 2016
Docker SF Meetup January 2016
 
Docker serverless v1.0
Docker serverless v1.0Docker serverless v1.0
Docker serverless v1.0
 
OSCON: System software goes weird
OSCON: System software goes weirdOSCON: System software goes weird
OSCON: System software goes weird
 
Windows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveWindows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep dive
 
Building Reusable Development Environments with Docker
Building Reusable Development Environments with DockerBuilding Reusable Development Environments with Docker
Building Reusable Development Environments with Docker
 
Docker?!?! But I'm a SysAdmin
Docker?!?! But I'm a SysAdminDocker?!?! But I'm a SysAdmin
Docker?!?! But I'm a SysAdmin
 
ContainerDayVietnam2016: Docker for JS Developer
ContainerDayVietnam2016: Docker for JS DeveloperContainerDayVietnam2016: Docker for JS Developer
ContainerDayVietnam2016: Docker for JS Developer
 
DockerCon EU 2015: The Latest in Docker Engine
DockerCon EU 2015: The Latest in Docker EngineDockerCon EU 2015: The Latest in Docker Engine
DockerCon EU 2015: The Latest in Docker Engine
 
DCSF19 CMD and Conquer: Containerizing the Monolith
DCSF19 CMD and Conquer: Containerizing the Monolith DCSF19 CMD and Conquer: Containerizing the Monolith
DCSF19 CMD and Conquer: Containerizing the Monolith
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
 
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slides
 

Ähnlich wie Containerize All the Multi-Platform Things! - DockerCon Seattle 2016

runC: The little engine that could (run Docker containers) by Docker Captain ...
runC: The little engine that could (run Docker containers) by Docker Captain ...runC: The little engine that could (run Docker containers) by Docker Captain ...
runC: The little engine that could (run Docker containers) by Docker Captain ...
Docker, Inc.
 
Innovating Out in the Open
Innovating Out in the Open Innovating Out in the Open
Innovating Out in the Open
Dev_Events
 
Hitchhiker's guide to Cloud-Native Build Pipelines and Infrastructure as Code
Hitchhiker's guide to Cloud-Native Build Pipelines and Infrastructure as CodeHitchhiker's guide to Cloud-Native Build Pipelines and Infrastructure as Code
Hitchhiker's guide to Cloud-Native Build Pipelines and Infrastructure as Code
Robert van Mölken
 
Kubernetes @ meetic
Kubernetes @ meeticKubernetes @ meetic
Kubernetes @ meetic
Sébastien Le Gall
 
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM France Lab
 
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
dotCloud
 

Ähnlich wie Containerize All the Multi-Platform Things! - DockerCon Seattle 2016 (20)

Runc: The Little Engine That Could (Run Docker Containers)
Runc: The Little Engine That Could (Run Docker Containers)Runc: The Little Engine That Could (Run Docker Containers)
Runc: The Little Engine That Could (Run Docker Containers)
 
runC: The little engine that could (run Docker containers) by Docker Captain ...
runC: The little engine that could (run Docker containers) by Docker Captain ...runC: The little engine that could (run Docker containers) by Docker Captain ...
runC: The little engine that could (run Docker containers) by Docker Captain ...
 
Devoxx 2016: A Developer's Guide to OCI and runC
Devoxx 2016: A Developer's Guide to OCI and runCDevoxx 2016: A Developer's Guide to OCI and runC
Devoxx 2016: A Developer's Guide to OCI and runC
 
Docker-v3.pdf
Docker-v3.pdfDocker-v3.pdf
Docker-v3.pdf
 
AWS Summit Auckland - Moving MS .NET Applications One Container at a Time
AWS Summit Auckland - Moving MS .NET Applications One Container at a TimeAWS Summit Auckland - Moving MS .NET Applications One Container at a Time
AWS Summit Auckland - Moving MS .NET Applications One Container at a Time
 
Innovating Out in the Open
Innovating Out in the Open Innovating Out in the Open
Innovating Out in the Open
 
Kubernetes for Java Developers
Kubernetes for Java DevelopersKubernetes for Java Developers
Kubernetes for Java Developers
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
 
Moving microsoft .net applications one container at a time
Moving microsoft .net applications one container at a time Moving microsoft .net applications one container at a time
Moving microsoft .net applications one container at a time
 
Hitchhiker's guide to Cloud-Native Build Pipelines and Infrastructure as Code
Hitchhiker's guide to Cloud-Native Build Pipelines and Infrastructure as CodeHitchhiker's guide to Cloud-Native Build Pipelines and Infrastructure as Code
Hitchhiker's guide to Cloud-Native Build Pipelines and Infrastructure as Code
 
OpenShift 4 installation
OpenShift 4 installationOpenShift 4 installation
OpenShift 4 installation
 
Kubernetes @ meetic
Kubernetes @ meeticKubernetes @ meetic
Kubernetes @ meetic
 
TIAD 2016 : Application delivery in a container world
TIAD 2016 : Application delivery in a container worldTIAD 2016 : Application delivery in a container world
TIAD 2016 : Application delivery in a container world
 
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
IBM Bluemix Paris Meetup #14 - Le Village by CA - 20160413 - Introduction à D...
 
Innovating Out In The Open - OSCON 2016
Innovating Out In The Open - OSCON 2016Innovating Out In The Open - OSCON 2016
Innovating Out In The Open - OSCON 2016
 
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018
Habitat talk at CodeMonsters Sofia, Bulgaria Nov 27 2018
 
OpenShift_Installation_Deep_Dive_Robert_Bohne.pdf
OpenShift_Installation_Deep_Dive_Robert_Bohne.pdfOpenShift_Installation_Deep_Dive_Robert_Bohne.pdf
OpenShift_Installation_Deep_Dive_Robert_Bohne.pdf
 
Docker Overview - Rise of the Containers
Docker Overview - Rise of the ContainersDocker Overview - Rise of the Containers
Docker Overview - Rise of the Containers
 
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
AWS Summit Singapore 2019 | Latest Trends for Cloud-Native Application Develo...
 
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
Write Once and REALLY Run Anywhere | OpenStack Summit HK 2013
 

Mehr von Phil Estes

Docker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete ComponentsDocker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete Components
Phil Estes
 

Mehr von Phil Estes (20)

Enabling Security via Container Runtimes
Enabling Security via Container RuntimesEnabling Security via Container Runtimes
Enabling Security via Container Runtimes
 
Extended and embedding: containerd update & project use cases
Extended and embedding: containerd update & project use casesExtended and embedding: containerd update & project use cases
Extended and embedding: containerd update & project use cases
 
Cloud Native TLV Meetup: Securing Containerized Applications Primer
Cloud Native TLV Meetup: Securing Containerized Applications PrimerCloud Native TLV Meetup: Securing Containerized Applications Primer
Cloud Native TLV Meetup: Securing Containerized Applications Primer
 
Securing Containerized Applications: A Primer
Securing Containerized Applications: A PrimerSecuring Containerized Applications: A Primer
Securing Containerized Applications: A Primer
 
Securing Containerized Applications: A Primer
Securing Containerized Applications: A PrimerSecuring Containerized Applications: A Primer
Securing Containerized Applications: A Primer
 
Let's Try Every CRI Runtime Available for Kubernetes
Let's Try Every CRI Runtime Available for KubernetesLet's Try Every CRI Runtime Available for Kubernetes
Let's Try Every CRI Runtime Available for Kubernetes
 
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
 
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
 
Giving Back to Upstream | DockerCon 2019
Giving Back to Upstream | DockerCon 2019Giving Back to Upstream | DockerCon 2019
Giving Back to Upstream | DockerCon 2019
 
What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.
 
Docker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionDocker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine Evolution
 
FOSDEM 2019: A containerd Project Update
FOSDEM 2019: A containerd Project UpdateFOSDEM 2019: A containerd Project Update
FOSDEM 2019: A containerd Project Update
 
CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?
 
Docker Athens: Docker Engine Evolution & Containerd Use Cases
Docker Athens: Docker Engine Evolution & Containerd Use CasesDocker Athens: Docker Engine Evolution & Containerd Use Cases
Docker Athens: Docker Engine Evolution & Containerd Use Cases
 
It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?
 
Docker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete ComponentsDocker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete Components
 
An Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open CommunitiesAn Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open Communities
 
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container RuntimesWhose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018
 
Embedding Containerd For Fun and Profit
Embedding Containerd For Fun and ProfitEmbedding Containerd For Fun and Profit
Embedding Containerd For Fun and Profit
 

Kürzlich hochgeladen

%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
Papp Krisztián
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
masabamasaba
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
Juha-Pekka Tolvanen
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
chiefasafspells
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
masabamasaba
 

Kürzlich hochgeladen (20)

WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptx
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
WSO2CON 2024 - WSO2's Digital Transformation Journey with Choreo: A Platforml...
 

Containerize All the Multi-Platform Things! - DockerCon Seattle 2016

  • 1. Containerize All The (Multi-Platform) Things! Phil Estes IBM Cloud, Open Technology Twitter: @estesp
  • 2. About Me Phil Estes Senior Technical Staff Member IBM Cloud, Open Technologies Container Strategy/Open Source Leader Docker community core engine maintainer < Linux/open source expertise for 15 years @ IBM < Community activities & accomplishments > Brought user namespace support to the Docker engine > Helped design v2.2 image specification with multi-platform support > Implemented first tool to create multi-platform images in Docker v2.3 registry > Member of the “Docker Captains” program 2
  • 3. Background: DockerCon Barcelona, Nov 2015 • Multi-platform support in registry via “workarounds”: • Repo-per-arch/platform: ppc64le/, s390x/, armv7/ • Image name prefixes: rpi- (rpi-node, rpi-consul, rpi-mysql) • Tag names with architecture detail: • multiarch/busybox:s390x • multiarch/busybox:amd64 • multiarch/busybox:armhf • Nearly finalized v2.2 image manifest specification: • PR #1068 defined the new specification format; proposed in Oct, agreed to and merged Dec. 18th, 2015 • PR #1281 implemented the new spec format in the registry (docker/distribution), and was merged on Jan. 7th, 2016 3
  • 4. The manifest list Registry Object Type • How does the v2.2 image manifest spec support multi-platform? • Via a new registry manifest type: the manifest list • A manifest list contains pointers to existing manifest objects • A manifest list contains a platform specification associated with each pointer to an existing manifest • What is a platform specification? "platform": { // example with *all* fields "architecture": "amd64", "os": "linux", "os.version": "10.0.10586", "os.features": [ "win32k" ], "variant": "armv6l" "features": [ "sse4", "aes" ] } "platform": { "architecture": "ppc64le", "os": "linux", } Could be very simple: 4
  • 5. Docker 1.10: Engine Support • Docker 1.10 included rudimentary engine support for manifest list objects: • Engine checks manifest list entries against GOOS and GOARCH values from the Docker engine host platform • If a platform entry from the manifest list matches, that reference manifest is then pulled from the registry and used as that name:tag locally • Why rudimentary? • Is not (yet) using the feature or variant fields to make determinations against the local host platform/architecture • Potentially more important for embedded platforms than server- oriented platforms 5
  • 6. Creating a Manifest List • Registry v2.3 and above support manifest lists • DockerHub now supports pushing manifest list objects • Open source “docker/distribution” v2.3 and above (this includes the official DockerHub “registry” image, now at v2.4.1) • Official tooling still under discussion • Discussion: Where does it fit? (e.g. extend “docker push”) • Details, details (how to specify inputs, image signing/trust, etc.) • Proof of concept tool available today for testing • https://github.com/estesp/manifest-tool • Can inspect (list) or push manifest lists to private registry or DockerHub • Read more about it here: https://integratedcode.us/2016/04/22/a-step-towards- multi-platform-docker-images/ 6
  • 7. The Manifest Tool • Input: YAML definition of input images + platform specifications image: estesp/debian:jessie manifests: - image: s390x/debian:jessie platform: architecture: s390x os: linux - image: debian:jessie platform: architecture: amd64 os: linux - image: ppc64le/debian:jessie platform: architecture: ppc64le os: linux - image: aarch64/debian:jessie platform: architecture: arm64 os: linux variant: armv8 7 • image: target manifest list name:tag • manifests: list of image names with associated platform specification • Architecture and OS fields validated against known good values/combinations • Image references are queried/validated; can reside in any repo, but on the same registry host • Manifest list written to registry
  • 9. What’s Left? • Engine: Full Support for ‘platform’ Definition • Windows will exploit os.version and os.features entries for full platform matching • Linux-based engines need to determine how to “understand” features and variant with standardized definitions (e.g. /proc/cpuinfo) • Official tooling for manifest list push/inspection • Requires full support for Docker Content Trust/image signing • Content publishers/creators need to be informed of capabilities • DockerHub/UI Updates • Currently no visibility into “manifest list” entries • Platform information: a visual representation for consumers to find supported platforms for a given manifest list-based image • Workflow details (automated builds?) 9