SlideShare ist ein Scribd-Unternehmen logo

Extended and embedding: containerd update & project use cases

Phil Estes
Phil Estes

A talk given at FOSDEM 2020 in the containers devroom on the current status of the CNCF containerd project as well as a dive into the ways users are extending and embedding containerd in other platforms and projects.

Software
1 von 27
Downloaden Sie, um offline zu lesen
Extending and embedding: containerd project use cases A 2020 FOSDEM containerd project update Phil Estes Distinguished Engineer & CTO, IBM Cloud Platform CNCF containerd project maintainer
State of containerd
What is containerd ● A “Container runtime” ○ Below platforms (Docker, Kubernetes) ○ Above lower level runtimes (runc, Kata, Firecracker, gVisor) ● Resource Manager ○ Container processes ○ Image artifacts ○ Filesystem snapshots ○ Metadata and dependencies ● Tightly scoped ○ 100% maintainer approval required to increase scope ○ Built-in CRI plugin only scope increase
State of containerd ● 5th project to graduate within the CNCF - February 2019 ● Broad support and contribution from across the ecosystem ○ Over 200 individual contributors; represent > 100 companies ○ 13 maintainers represent 9 different companies ● All major cloud providers using containerd ● Supports Linux and Windows platforms, multiple architectures ● Added sub-projects to governance (Rust-based ttrpc; image encryption)
containerd 1.3 ● Windows support for shim V2 API ● Device mapper snapshotter (Amazon Firecracker team contribution) ● New plugin interface for processing layers (encryption, compression) ● (CRI) Support for per-pod container shim
In progress ● Remote snapshotter for sharing snapshots in a cluster ● cgroups v2 ● Windows CRI ● Mount and resource management ● Image encryption
Who is using containerd? ● Public Clouds ● Kubernetes Infra ● End Users ● DevOps Tools ● Custom Sandboxes
How is containerd used? ● Library ○ Go client API ■ oras, BuildKit, Weaveworks Ignite, IBM Cloud Functions, OpenFaaS “faasd”, Alibaba PouchContainer ○ Extensibility ■ Amazon ECR resolver, Azure Teleport, remote snapshotters [cvmfs, stargz] ○ Imports/Subprojects (cri-o use of containerd/cgroups) ● Kubernetes Runtime ○ CRI-containerd ■ IBM Kubernetes Service, GKE, Ticketmaster, Alibaba, microk8s, KinD, k3s, AWS Fargate ● Daemon ○ Docker, BuildKit
Embedding/Extending Use Cases
Architecture
API
API - CRI - CRI gRPC API exposed from containerd - Kubelet can be configured to use containerd as runtime
API - containerd - gRPC API, used by Go client - Low level access to components - Mirrors internal component interfaces - Snapshots, Content, Containers, Task, Events, etc
Core
Backend
Plugins
Plugins - Backend
Plugins - Backend - No re-compilation required - Proxy plugins for content store and snapshotters - Runtime shims are separate binaries implementing shim interface
Plugins - Client 1. Override services with service options 2. Customize push and pull with remote options type RemoteOpt func WithImageHandler(h images.Handler) RemoteOpt func WithImageHandlerWrapper(w func(images.Handler) images.Handler) RemoteOpt func WithResolver(resolver remotes.Resolver) RemoteOpt type ServicesOpt func WithContainerService(containerService containersapi.ContainersClient) ServicesOpt func WithContentStore(contentStore content.Store) ServicesOpt func WithDiffService(diffService diff.DiffClient) ServicesOpt func WithEventService(eventService EventService) ServicesOpt func WithImageService(imageService imagesapi.ImagesClient) ServicesOpt func WithLeasesService(leasesService leases.Manager) ServicesOpt func WithNamespaceService(namespaceService namespacesapi.NamespacesClient) ServicesOpt func WithSnapshotters(snapshotters map[string]snapshots.Snapshotter) ServicesOpt func WithTaskService(taskService tasks.TasksClient) ServicesOpt 2 1
Plugins - custom containerd binary ● Add a file with import to cmd/containerd/ in your fork. ● Create your own main.go of containerd package main import ( "fmt" "os" "github.com/containerd/containerd/cmd/containerd/command" // import built-in plugins from cmd/containerd/builtins.go _ "github.com/mygithub/customplugin" ) func main() { app := command.App() if err := app.Run(os.Args); err != nil { fmt.Fprintf(os.Stderr, "containerd: %sn", err) os.Exit(1) } }
Example Snapshotter Proxy Plugin // Snapshot service manages snapshots service Snapshots { rpc Prepare(PrepareSnapshotRequest) returns (PrepareSnapshotResponse); rpc View(ViewSnapshotRequest) returns (ViewSnapshotResponse); rpc Mounts(MountsRequest) returns (MountsResponse); rpc Commit(CommitSnapshotRequest) returns (google.protobuf.Empty); rpc Remove(RemoveSnapshotRequest) returns (google.protobuf.Empty); rpc Stat(StatSnapshotRequest) returns (StatSnapshotResponse); rpc Update(UpdateSnapshotRequest) returns (UpdateSnapshotResponse); rpc List(ListSnapshotsRequest) returns (stream ListSnapshotsResponse); rpc Usage(UsageRequest) returns (UsageResponse); } - implement Snapshotter gRPC API - backend requests are proxied to plugin
External snapshotter ● Configure with proxy_plugins ● Build as an external plugin [proxy_plugins] [proxy_plugins.customsnapshot] type = "snapshot" address = "/var/run/mysnapshotter.sock" package main import( "net" "log" "github.com/containerd/containerd/api/services/snapshots/v1" "github.com/containerd/containerd/contrib/snapshotservice" ) func main() { rpc := grpc.NewServer() sn := CustomSnapshotter() service := snapshotservice.FromSnapshotter(sn) snapshots.RegisterSnapshotsServer(rpc, service) // Listen and serve l, err := net.Listen("unix", "/var/run/mysnapshotter.sock") if err != nil { log.Fatalf("error: %vn", err) } if err := rpc.Serve(l); err != nil { log.Fatalf("error: %vn", err) } }
Runtime Plugins
Runtime shim v2 API ● Minimal and scoped to the execution lifecycle of a container ● Binary naming convention ○ Type io.containerd.runsc.v1 -> Binary containerd-shim-runsc-v1
Runtime Plugins - Task Service service Task { rpc State(StateRequest) returns (StateResponse); rpc Create(CreateTaskRequest) returns (CreateTaskResponse); rpc Start(StartRequest) returns (StartResponse); rpc Delete(DeleteRequest) returns (DeleteResponse); rpc Pids(PidsRequest) returns (PidsResponse); rpc Pause(PauseRequest) returns (google.protobuf.Empty); rpc Resume(ResumeRequest) returns (google.protobuf.Empty); rpc Checkpoint(CheckpointTaskRequest) returns (google.protobuf.Empty); rpc Kill(KillRequest) returns (google.protobuf.Empty); rpc Exec(ExecProcessRequest) returns (google.protobuf.Empty); rpc ResizePty(ResizePtyRequest) returns (google.protobuf.Empty); rpc CloseIO(CloseIORequest) returns (google.protobuf.Empty); rpc Update(UpdateTaskRequest) returns (google.protobuf.Empty); rpc Wait(WaitRequest) returns (WaitResponse); rpc Stats(StatsRequest) returns (StatsResponse); rpc Connect(ConnectRequest) returns (ConnectResponse); rpc Shutdown(ShutdownRequest) returns (google.protobuf.Empty); }
How is containerd used? ● Library ○ Go client API ■ oras, BuildKit, Weaveworks Ignite, IBM Cloud Functions, OpenFaaS “faasd”, Alibaba PouchContainer ○ Extensibility ■ Amazon ECR resolver, Azure Teleport, remote snapshotters [cvmfs, stargz] ○ Imports/Subprojects (cri-o use of containerd/cgroups) ● Kubernetes Runtime ○ CRI-containerd ■ IBM Kubernetes Service, GKE, Ticketmaster, Alibaba, microk8s, KinD, k3s, AWS Fargate ● Daemon ○ Docker, BuildKit
Thank You!

Empfohlen

FOSDEM 2019: A containerd Project Update
FOSDEM 2019: A containerd Project UpdateFOSDEM 2019: A containerd Project Update
FOSDEM 2019: A containerd Project UpdatePhil Estes
 
Docker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionDocker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionPhil Estes
 
Enabling Security via Container Runtimes
Enabling Security via Container RuntimesEnabling Security via Container Runtimes
Enabling Security via Container RuntimesPhil Estes
 
Securing Containerized Applications: A Primer
Securing Containerized Applications: A PrimerSecuring Containerized Applications: A Primer
Securing Containerized Applications: A PrimerPhil Estes
 
Cloud Native TLV Meetup: Securing Containerized Applications Primer
Cloud Native TLV Meetup: Securing Containerized Applications PrimerCloud Native TLV Meetup: Securing Containerized Applications Primer
Cloud Native TLV Meetup: Securing Containerized Applications PrimerPhil Estes
 
Securing Containerized Applications: A Primer
Securing Containerized Applications: A PrimerSecuring Containerized Applications: A Primer
Securing Containerized Applications: A PrimerPhil Estes
 
Let's Try Every CRI Runtime Available for Kubernetes
Let's Try Every CRI Runtime Available for KubernetesLet's Try Every CRI Runtime Available for Kubernetes
Let's Try Every CRI Runtime Available for KubernetesPhil Estes
 
Kubernetes CRI containerd integration by Lantao Liu (Google)
Kubernetes CRI containerd integration by Lantao Liu (Google)Kubernetes CRI containerd integration by Lantao Liu (Google)
Kubernetes CRI containerd integration by Lantao Liu (Google)Docker, Inc.
 

Empfohlen

FOSDEM 2019: A containerd Project Update
FOSDEM 2019: A containerd Project UpdateFOSDEM 2019: A containerd Project Update
FOSDEM 2019: A containerd Project UpdatePhil Estes
 
Docker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionDocker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionPhil Estes
 
Enabling Security via Container Runtimes
Enabling Security via Container RuntimesEnabling Security via Container Runtimes
Enabling Security via Container RuntimesPhil Estes
 
Securing Containerized Applications: A Primer
Securing Containerized Applications: A PrimerSecuring Containerized Applications: A Primer
Securing Containerized Applications: A PrimerPhil Estes
 
Cloud Native TLV Meetup: Securing Containerized Applications Primer
Cloud Native TLV Meetup: Securing Containerized Applications PrimerCloud Native TLV Meetup: Securing Containerized Applications Primer
Cloud Native TLV Meetup: Securing Containerized Applications PrimerPhil Estes
 
Securing Containerized Applications: A Primer
Securing Containerized Applications: A PrimerSecuring Containerized Applications: A Primer
Securing Containerized Applications: A PrimerPhil Estes
 
Let's Try Every CRI Runtime Available for Kubernetes
Let's Try Every CRI Runtime Available for KubernetesLet's Try Every CRI Runtime Available for Kubernetes
Let's Try Every CRI Runtime Available for KubernetesPhil Estes
 
Kubernetes CRI containerd integration by Lantao Liu (Google)
Kubernetes CRI containerd integration by Lantao Liu (Google)Kubernetes CRI containerd integration by Lantao Liu (Google)
Kubernetes CRI containerd integration by Lantao Liu (Google)Docker, Inc.
 
containerd and CRI
containerd and CRIcontainerd and CRI
containerd and CRIDocker, Inc.
 
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?Phil Estes
 
Bucketbench: Benchmarking Container Runtime Performance
Bucketbench: Benchmarking Container Runtime PerformanceBucketbench: Benchmarking Container Runtime Performance
Bucketbench: Benchmarking Container Runtime PerformancePhil Estes
 
Containerd + buildkit breakout
Containerd + buildkit breakoutContainerd + buildkit breakout
Containerd + buildkit breakoutDocker, Inc.
 
Looking Under The Hood: containerD
Looking Under The Hood: containerDLooking Under The Hood: containerD
Looking Under The Hood: containerDDocker, Inc.
 
CRI, OCI, and CRI-O
CRI, OCI, and CRI-OCRI, OCI, and CRI-O
CRI, OCI, and CRI-OChe-Chia Chang
 
Kubernetes: An Introduction to the Open Source Container Orchestration Platform
Kubernetes: An Introduction to the Open Source Container Orchestration PlatformKubernetes: An Introduction to the Open Source Container Orchestration Platform
Kubernetes: An Introduction to the Open Source Container Orchestration PlatformMichael O'Sullivan
 
Introduction to Kubernetes - Docker Global Mentor Week 2016
Introduction to Kubernetes - Docker Global Mentor Week 2016Introduction to Kubernetes - Docker Global Mentor Week 2016
Introduction to Kubernetes - Docker Global Mentor Week 2016Opsta
 
State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)Docker, Inc.
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
CRI-containerd
CRI-containerdCRI-containerd
CRI-containerdMoby Project
 
Top 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKETop 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKESreenivas Makam
 
Getting started with kubernetes
Getting started with kubernetesGetting started with kubernetes
Getting started with kubernetesJanakiram MSV
 
Introduction kubernetes 2017_12_24
Introduction kubernetes 2017_12_24Introduction kubernetes 2017_12_24
Introduction kubernetes 2017_12_24Sam Zheng
 
16. Cncf meetup-docker
16. Cncf meetup-docker16. Cncf meetup-docker
16. Cncf meetup-dockerJuraj Hantak
 
Managing kubernetes deployment with operators
Managing kubernetes deployment with operatorsManaging kubernetes deployment with operators
Managing kubernetes deployment with operatorsCloud Technology Experts
 
Kubernetes and OpenStack at Scale
Kubernetes and OpenStack at ScaleKubernetes and OpenStack at Scale
Kubernetes and OpenStack at ScaleStephen Gordon
 
Mirantis Contributions to Kubernetes Ecosystem
Mirantis Contributions to Kubernetes EcosystemMirantis Contributions to Kubernetes Ecosystem
Mirantis Contributions to Kubernetes EcosystemMoscowKubernetes
 
CNCF Projects Overview
CNCF Projects OverviewCNCF Projects Overview
CNCF Projects OverviewNeependra Khare
 
The relationship between Docker, Kubernetes and CRI
The relationship between Docker, Kubernetes and CRIThe relationship between Docker, Kubernetes and CRI
The relationship between Docker, Kubernetes and CRIHungWei Chiu
 
[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep DiveAkihiro Suda
 
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019UA DevOps Conference
 

Weitere ähnliche Inhalte

Was ist angesagt?

containerd and CRI
containerd and CRIcontainerd and CRI
containerd and CRIDocker, Inc.
 
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?Phil Estes
 
Bucketbench: Benchmarking Container Runtime Performance
Bucketbench: Benchmarking Container Runtime PerformanceBucketbench: Benchmarking Container Runtime Performance
Bucketbench: Benchmarking Container Runtime PerformancePhil Estes
 
Containerd + buildkit breakout
Containerd + buildkit breakoutContainerd + buildkit breakout
Containerd + buildkit breakoutDocker, Inc.
 
Looking Under The Hood: containerD
Looking Under The Hood: containerDLooking Under The Hood: containerD
Looking Under The Hood: containerDDocker, Inc.
 
Kubernetes: An Introduction to the Open Source Container Orchestration Platform
Kubernetes: An Introduction to the Open Source Container Orchestration PlatformKubernetes: An Introduction to the Open Source Container Orchestration Platform
Kubernetes: An Introduction to the Open Source Container Orchestration PlatformMichael O'Sullivan
 
Introduction to Kubernetes - Docker Global Mentor Week 2016
Introduction to Kubernetes - Docker Global Mentor Week 2016Introduction to Kubernetes - Docker Global Mentor Week 2016
Introduction to Kubernetes - Docker Global Mentor Week 2016Opsta
 
State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)Docker, Inc.
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
Top 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKETop 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKESreenivas Makam
 
Getting started with kubernetes
Getting started with kubernetesGetting started with kubernetes
Getting started with kubernetesJanakiram MSV
 
Introduction kubernetes 2017_12_24
Introduction kubernetes 2017_12_24Introduction kubernetes 2017_12_24
Introduction kubernetes 2017_12_24Sam Zheng
 
16. Cncf meetup-docker
16. Cncf meetup-docker16. Cncf meetup-docker
16. Cncf meetup-dockerJuraj Hantak
 
Managing kubernetes deployment with operators
Managing kubernetes deployment with operatorsManaging kubernetes deployment with operators
Managing kubernetes deployment with operatorsCloud Technology Experts
 
Kubernetes and OpenStack at Scale
Kubernetes and OpenStack at ScaleKubernetes and OpenStack at Scale
Kubernetes and OpenStack at ScaleStephen Gordon
 
Mirantis Contributions to Kubernetes Ecosystem
Mirantis Contributions to Kubernetes EcosystemMirantis Contributions to Kubernetes Ecosystem
Mirantis Contributions to Kubernetes EcosystemMoscowKubernetes
 
The relationship between Docker, Kubernetes and CRI
The relationship between Docker, Kubernetes and CRIThe relationship between Docker, Kubernetes and CRI
The relationship between Docker, Kubernetes and CRIHungWei Chiu
 

Was ist angesagt? (20)

containerd and CRI
containerd and CRIcontainerd and CRI
containerd and CRI
 
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
 
Bucketbench: Benchmarking Container Runtime Performance
Bucketbench: Benchmarking Container Runtime PerformanceBucketbench: Benchmarking Container Runtime Performance
Bucketbench: Benchmarking Container Runtime Performance
 
Containerd + buildkit breakout
Containerd + buildkit breakoutContainerd + buildkit breakout
Containerd + buildkit breakout
 
Looking Under The Hood: containerD
Looking Under The Hood: containerDLooking Under The Hood: containerD
Looking Under The Hood: containerD
 
CRI, OCI, and CRI-O
CRI, OCI, and CRI-OCRI, OCI, and CRI-O
CRI, OCI, and CRI-O
 
Kubernetes: An Introduction to the Open Source Container Orchestration Platform
Kubernetes: An Introduction to the Open Source Container Orchestration PlatformKubernetes: An Introduction to the Open Source Container Orchestration Platform
Kubernetes: An Introduction to the Open Source Container Orchestration Platform
 
Introduction to Kubernetes - Docker Global Mentor Week 2016
Introduction to Kubernetes - Docker Global Mentor Week 2016Introduction to Kubernetes - Docker Global Mentor Week 2016
Introduction to Kubernetes - Docker Global Mentor Week 2016
 
State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)State of Builder and Buildkit by Tonis Tiigi (Docker)
State of Builder and Buildkit by Tonis Tiigi (Docker)
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes Workshop
 
CRI-containerd
CRI-containerdCRI-containerd
CRI-containerd
 
Top 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKETop 3 reasons why you should run your Enterprise workloads on GKE
Top 3 reasons why you should run your Enterprise workloads on GKE
 
Getting started with kubernetes
Getting started with kubernetesGetting started with kubernetes
Getting started with kubernetes
 
Introduction kubernetes 2017_12_24
Introduction kubernetes 2017_12_24Introduction kubernetes 2017_12_24
Introduction kubernetes 2017_12_24
 
16. Cncf meetup-docker
16. Cncf meetup-docker16. Cncf meetup-docker
16. Cncf meetup-docker
 
Managing kubernetes deployment with operators
Managing kubernetes deployment with operatorsManaging kubernetes deployment with operators
Managing kubernetes deployment with operators
 
Kubernetes and OpenStack at Scale
Kubernetes and OpenStack at ScaleKubernetes and OpenStack at Scale
Kubernetes and OpenStack at Scale
 
Mirantis Contributions to Kubernetes Ecosystem
Mirantis Contributions to Kubernetes EcosystemMirantis Contributions to Kubernetes Ecosystem
Mirantis Contributions to Kubernetes Ecosystem
 
CNCF Projects Overview
CNCF Projects OverviewCNCF Projects Overview
CNCF Projects Overview
 
The relationship between Docker, Kubernetes and CRI
The relationship between Docker, Kubernetes and CRIThe relationship between Docker, Kubernetes and CRI
The relationship between Docker, Kubernetes and CRI
 

Ähnlich wie Extended and embedding: containerd update & project use cases

[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep DiveAkihiro Suda
 
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019UA DevOps Conference
 
Introduction to Kubernetes with demo
Introduction to Kubernetes with demoIntroduction to Kubernetes with demo
Introduction to Kubernetes with demoOpsta
 
Docker Enterprise Workshop - Technical
Docker Enterprise Workshop - TechnicalDocker Enterprise Workshop - Technical
Docker Enterprise Workshop - TechnicalPatrick Chanezon
 
Docker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker eeDocker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker eeDocker, Inc.
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...Oleg Shalygin
 
Making your app soar without a container manifest
Making your app soar without a container manifestMaking your app soar without a container manifest
Making your app soar without a container manifestLibbySchulze
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesRishabh Indoria
 
Heroku to Kubernetes & Gihub to Gitlab success story
Heroku to Kubernetes & Gihub to Gitlab success storyHeroku to Kubernetes & Gihub to Gitlab success story
Heroku to Kubernetes & Gihub to Gitlab success storyJérémy Wimsingues
 
Kubernetes for java developers - Tutorial at Oracle Code One 2018
Kubernetes for java developers - Tutorial at Oracle Code One 2018Kubernetes for java developers - Tutorial at Oracle Code One 2018
Kubernetes for java developers - Tutorial at Oracle Code One 2018Anthony Dahanne
 
Introduction to Kubernetes and GKE
Introduction to Kubernetes and GKEIntroduction to Kubernetes and GKE
Introduction to Kubernetes and GKEOpsta
 
Dayta AI Seminar - Kubernetes, Docker and AI on Cloud
Dayta AI Seminar - Kubernetes, Docker and AI on CloudDayta AI Seminar - Kubernetes, Docker and AI on Cloud
Dayta AI Seminar - Kubernetes, Docker and AI on CloudJung-Hong Kim
 
Kubernetes #1 intro
Kubernetes #1 introKubernetes #1 intro
Kubernetes #1 introTerry Cho
 
containerd the universal container runtime
containerd the universal container runtimecontainerd the universal container runtime
containerd the universal container runtimeDocker, Inc.
 
Scaling docker with kubernetes
Scaling docker with kubernetesScaling docker with kubernetes
Scaling docker with kubernetesLiran Cohen
 
Deep Dive into SpaceONE
Deep Dive into SpaceONEDeep Dive into SpaceONE
Deep Dive into SpaceONEChoonho Son
 
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on KubernetesAthens Big Data
 
Lessons learned using GitOps
Lessons learned using GitOpsLessons learned using GitOps
Lessons learned using GitOpsEdgaras Apšega
 
Kubernetes Multitenancy Karl Isenberg - KubeCon NA 2019
Kubernetes Multitenancy Karl Isenberg - KubeCon NA 2019Kubernetes Multitenancy Karl Isenberg - KubeCon NA 2019
Kubernetes Multitenancy Karl Isenberg - KubeCon NA 2019Karl Isenberg
 

Ähnlich wie Extended and embedding: containerd update & project use cases (20)

[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive
 
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
ОЛЕГ МАЦЬКІВ «Crash course on Operator Framework» Lviv DevOps Conference 2019
 
Introduction to Kubernetes with demo
Introduction to Kubernetes with demoIntroduction to Kubernetes with demo
Introduction to Kubernetes with demo
 
Docker Enterprise Workshop - Technical
Docker Enterprise Workshop - TechnicalDocker Enterprise Workshop - Technical
Docker Enterprise Workshop - Technical
 
Docker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker eeDocker on docker leveraging kubernetes in docker ee
Docker on docker leveraging kubernetes in docker ee
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
 
Making your app soar without a container manifest
Making your app soar without a container manifestMaking your app soar without a container manifest
Making your app soar without a container manifest
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Heroku to Kubernetes & Gihub to Gitlab success story
Heroku to Kubernetes & Gihub to Gitlab success storyHeroku to Kubernetes & Gihub to Gitlab success story
Heroku to Kubernetes & Gihub to Gitlab success story
 
Kubernetes for java developers - Tutorial at Oracle Code One 2018
Kubernetes for java developers - Tutorial at Oracle Code One 2018Kubernetes for java developers - Tutorial at Oracle Code One 2018
Kubernetes for java developers - Tutorial at Oracle Code One 2018
 
Introduction to Kubernetes and GKE
Introduction to Kubernetes and GKEIntroduction to Kubernetes and GKE
Introduction to Kubernetes and GKE
 
Dayta AI Seminar - Kubernetes, Docker and AI on Cloud
Dayta AI Seminar - Kubernetes, Docker and AI on CloudDayta AI Seminar - Kubernetes, Docker and AI on Cloud
Dayta AI Seminar - Kubernetes, Docker and AI on Cloud
 
Kubernetes #1 intro
Kubernetes #1 introKubernetes #1 intro
Kubernetes #1 intro
 
containerd the universal container runtime
containerd the universal container runtimecontainerd the universal container runtime
containerd the universal container runtime
 
Scaling docker with kubernetes
Scaling docker with kubernetesScaling docker with kubernetes
Scaling docker with kubernetes
 
Deep Dive into SpaceONE
Deep Dive into SpaceONEDeep Dive into SpaceONE
Deep Dive into SpaceONE
 
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes
18th Athens Big Data Meetup - 2nd Talk - Run Spark and Flink Jobs on Kubernetes
 
Lessons learned using GitOps
Lessons learned using GitOpsLessons learned using GitOps
Lessons learned using GitOps
 
Kubernetes Multitenancy Karl Isenberg - KubeCon NA 2019
Kubernetes Multitenancy Karl Isenberg - KubeCon NA 2019Kubernetes Multitenancy Karl Isenberg - KubeCon NA 2019
Kubernetes Multitenancy Karl Isenberg - KubeCon NA 2019
 
Kubernetes
KubernetesKubernetes
Kubernetes
 

Mehr von Phil Estes

JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...Phil Estes
 
Giving Back to Upstream | DockerCon 2019
Giving Back to Upstream | DockerCon 2019Giving Back to Upstream | DockerCon 2019
Giving Back to Upstream | DockerCon 2019Phil Estes
 
What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.Phil Estes
 
CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?Phil Estes
 
Docker Athens: Docker Engine Evolution & Containerd Use Cases
Docker Athens: Docker Engine Evolution & Containerd Use CasesDocker Athens: Docker Engine Evolution & Containerd Use Cases
Docker Athens: Docker Engine Evolution & Containerd Use CasesPhil Estes
 
It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?Phil Estes
 
Docker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete ComponentsDocker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete ComponentsPhil Estes
 
An Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open CommunitiesAn Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open CommunitiesPhil Estes
 
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container RuntimesWhose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container RuntimesPhil Estes
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Phil Estes
 
Embedding Containerd For Fun and Profit
Embedding Containerd For Fun and ProfitEmbedding Containerd For Fun and Profit
Embedding Containerd For Fun and ProfitPhil Estes
 
Containerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container RuntimeContainerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container RuntimePhil Estes
 
Container Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's EnginesContainer Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's EnginesPhil Estes
 
AtlanTEC 2017: Containers! Why Docker, Why NOW?
AtlanTEC 2017: Containers! Why Docker, Why NOW?AtlanTEC 2017: Containers! Why Docker, Why NOW?
AtlanTEC 2017: Containers! Why Docker, Why NOW?Phil Estes
 
Quantifying Container Runtime Performance: OSCON 2017 Open Container Day
Quantifying Container Runtime Performance: OSCON 2017 Open Container DayQuantifying Container Runtime Performance: OSCON 2017 Open Container Day
Quantifying Container Runtime Performance: OSCON 2017 Open Container DayPhil Estes
 
Empower Your Docker Containers with Watson - DockerCon 2017 Austin
Empower Your Docker Containers with Watson - DockerCon 2017 AustinEmpower Your Docker Containers with Watson - DockerCon 2017 Austin
Empower Your Docker Containers with Watson - DockerCon 2017 AustinPhil Estes
 
Containerize, PaaS, or Go Serverless!?
Containerize, PaaS, or Go Serverless!?Containerize, PaaS, or Go Serverless!?
Containerize, PaaS, or Go Serverless!?Phil Estes
 
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...Phil Estes
 
Container Security: How We Got Here and Where We're Going
Container Security: How We Got Here and Where We're GoingContainer Security: How We Got Here and Where We're Going
Container Security: How We Got Here and Where We're GoingPhil Estes
 
Devoxx 2016: A Developer's Guide to OCI and runC
Devoxx 2016: A Developer's Guide to OCI and runCDevoxx 2016: A Developer's Guide to OCI and runC
Devoxx 2016: A Developer's Guide to OCI and runCPhil Estes
 

Mehr von Phil Estes (20)

JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
 
Giving Back to Upstream | DockerCon 2019
Giving Back to Upstream | DockerCon 2019Giving Back to Upstream | DockerCon 2019
Giving Back to Upstream | DockerCon 2019
 
What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.
 
CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?
 
Docker Athens: Docker Engine Evolution & Containerd Use Cases
Docker Athens: Docker Engine Evolution & Containerd Use CasesDocker Athens: Docker Engine Evolution & Containerd Use Cases
Docker Athens: Docker Engine Evolution & Containerd Use Cases
 
It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?
 
Docker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete ComponentsDocker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete Components
 
An Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open CommunitiesAn Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open Communities
 
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container RuntimesWhose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018
 
Embedding Containerd For Fun and Profit
Embedding Containerd For Fun and ProfitEmbedding Containerd For Fun and Profit
Embedding Containerd For Fun and Profit
 
Containerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container RuntimeContainerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container Runtime
 
Container Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's EnginesContainer Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's Engines
 
AtlanTEC 2017: Containers! Why Docker, Why NOW?
AtlanTEC 2017: Containers! Why Docker, Why NOW?AtlanTEC 2017: Containers! Why Docker, Why NOW?
AtlanTEC 2017: Containers! Why Docker, Why NOW?
 
Quantifying Container Runtime Performance: OSCON 2017 Open Container Day
Quantifying Container Runtime Performance: OSCON 2017 Open Container DayQuantifying Container Runtime Performance: OSCON 2017 Open Container Day
Quantifying Container Runtime Performance: OSCON 2017 Open Container Day
 
Empower Your Docker Containers with Watson - DockerCon 2017 Austin
Empower Your Docker Containers with Watson - DockerCon 2017 AustinEmpower Your Docker Containers with Watson - DockerCon 2017 Austin
Empower Your Docker Containers with Watson - DockerCon 2017 Austin
 
Containerize, PaaS, or Go Serverless!?
Containerize, PaaS, or Go Serverless!?Containerize, PaaS, or Go Serverless!?
Containerize, PaaS, or Go Serverless!?
 
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
Diving Through The Layers: Investigating runc, containerd, and the Docker eng...
 
Container Security: How We Got Here and Where We're Going
Container Security: How We Got Here and Where We're GoingContainer Security: How We Got Here and Where We're Going
Container Security: How We Got Here and Where We're Going
 
Devoxx 2016: A Developer's Guide to OCI and runC
Devoxx 2016: A Developer's Guide to OCI and runCDevoxx 2016: A Developer's Guide to OCI and runC
Devoxx 2016: A Developer's Guide to OCI and runC
 

Kürzlich hochgeladen

Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Cizo Technology Services
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogueitservices996
 
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...OnePlan Solutions
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptxVinzoCenzo
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf31events.com
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...Bert Jan Schrijver
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZABSYZ Inc
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics
 
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonApplitools
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolsosttopstonverter
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITmanoharjgpsolutions
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsJean Silva
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprisepreethippts
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...OnePlan Solutions
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Developmentvyaparkranti
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy López
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingShane Coughlan
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsChristian Birchler
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecturerahul_net
 

Kürzlich hochgeladen (20)

Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
Global Identity Enrolment and Verification Pro Solution - Cizo Technology Ser...
 
Ronisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited CatalogueRonisha Informatics Private Limited Catalogue
Ronisha Informatics Private Limited Catalogue
 
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
Tech Tuesday - Mastering Time Management Unlock the Power of OnePlan's Timesh...
 
Osi security architecture in network.pptx
Osi security architecture in network.pptxOsi security architecture in network.pptx
Osi security architecture in network.pptx
 
Sending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdfSending Calendar Invites on SES and Calendarsnack.pdf
Sending Calendar Invites on SES and Calendarsnack.pdf
 
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
JavaLand 2024 - Going serverless with Quarkus GraalVM native images and AWS L...
 
Salesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZSalesforce Implementation Services PPT By ABSYZ
Salesforce Implementation Services PPT By ABSYZ
 
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News UpdateVictoriaMetrics Q1 Meet Up '24 - Community & News Update
VictoriaMetrics Q1 Meet Up '24 - Community & News Update
 
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + KobitonLeveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
Leveraging AI for Mobile App Testing on Real Devices | Applitools + Kobiton
 
eSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration toolseSoftTools IMAP Backup Software and migration tools
eSoftTools IMAP Backup Software and migration tools
 
Best Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh ITBest Angular 17 Classroom & Online training - Naresh IT
Best Angular 17 Classroom & Online training - Naresh IT
 
Strategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero resultsStrategies for using alternative queries to mitigate zero results
Strategies for using alternative queries to mitigate zero results
 
Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
 
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
Tech Tuesday Slides - Introduction to Project Management with OnePlan's Work ...
 
VK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web DevelopmentVK Business Profile - provides IT solutions and Web Development
VK Business Profile - provides IT solutions and Web Development
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
 
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full RecordingOpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
 
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving CarsSensoDat: Simulation-based Sensor Dataset of Self-driving Cars
SensoDat: Simulation-based Sensor Dataset of Self-driving Cars
 
Understanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM ArchitectureUnderstanding Flamingo - DeepMind's VLM Architecture
Understanding Flamingo - DeepMind's VLM Architecture
 

Extended and embedding: containerd update & project use cases

  • 1. Extending and embedding: containerd project use cases A 2020 FOSDEM containerd project update Phil Estes Distinguished Engineer & CTO, IBM Cloud Platform CNCF containerd project maintainer
  • 3. What is containerd ● A “Container runtime” ○ Below platforms (Docker, Kubernetes) ○ Above lower level runtimes (runc, Kata, Firecracker, gVisor) ● Resource Manager ○ Container processes ○ Image artifacts ○ Filesystem snapshots ○ Metadata and dependencies ● Tightly scoped ○ 100% maintainer approval required to increase scope ○ Built-in CRI plugin only scope increase
  • 4. State of containerd ● 5th project to graduate within the CNCF - February 2019 ● Broad support and contribution from across the ecosystem ○ Over 200 individual contributors; represent > 100 companies ○ 13 maintainers represent 9 different companies ● All major cloud providers using containerd ● Supports Linux and Windows platforms, multiple architectures ● Added sub-projects to governance (Rust-based ttrpc; image encryption)
  • 5. containerd 1.3 ● Windows support for shim V2 API ● Device mapper snapshotter (Amazon Firecracker team contribution) ● New plugin interface for processing layers (encryption, compression) ● (CRI) Support for per-pod container shim
  • 6. In progress ● Remote snapshotter for sharing snapshots in a cluster ● cgroups v2 ● Windows CRI ● Mount and resource management ● Image encryption
  • 7. Who is using containerd? ● Public Clouds ● Kubernetes Infra ● End Users ● DevOps Tools ● Custom Sandboxes
  • 8. How is containerd used? ● Library ○ Go client API ■ oras, BuildKit, Weaveworks Ignite, IBM Cloud Functions, OpenFaaS “faasd”, Alibaba PouchContainer ○ Extensibility ■ Amazon ECR resolver, Azure Teleport, remote snapshotters [cvmfs, stargz] ○ Imports/Subprojects (cri-o use of containerd/cgroups) ● Kubernetes Runtime ○ CRI-containerd ■ IBM Kubernetes Service, GKE, Ticketmaster, Alibaba, microk8s, KinD, k3s, AWS Fargate ● Daemon ○ Docker, BuildKit
  • 11. API
  • 12. API - CRI - CRI gRPC API exposed from containerd - Kubelet can be configured to use containerd as runtime
  • 13. API - containerd - gRPC API, used by Go client - Low level access to components - Mirrors internal component interfaces - Snapshots, Content, Containers, Task, Events, etc
  • 14. Core
  • 18. Plugins - Backend - No re-compilation required - Proxy plugins for content store and snapshotters - Runtime shims are separate binaries implementing shim interface
  • 19. Plugins - Client 1. Override services with service options 2. Customize push and pull with remote options type RemoteOpt func WithImageHandler(h images.Handler) RemoteOpt func WithImageHandlerWrapper(w func(images.Handler) images.Handler) RemoteOpt func WithResolver(resolver remotes.Resolver) RemoteOpt type ServicesOpt func WithContainerService(containerService containersapi.ContainersClient) ServicesOpt func WithContentStore(contentStore content.Store) ServicesOpt func WithDiffService(diffService diff.DiffClient) ServicesOpt func WithEventService(eventService EventService) ServicesOpt func WithImageService(imageService imagesapi.ImagesClient) ServicesOpt func WithLeasesService(leasesService leases.Manager) ServicesOpt func WithNamespaceService(namespaceService namespacesapi.NamespacesClient) ServicesOpt func WithSnapshotters(snapshotters map[string]snapshots.Snapshotter) ServicesOpt func WithTaskService(taskService tasks.TasksClient) ServicesOpt 2 1
  • 20. Plugins - custom containerd binary ● Add a file with import to cmd/containerd/ in your fork. ● Create your own main.go of containerd package main import ( "fmt" "os" "github.com/containerd/containerd/cmd/containerd/command" // import built-in plugins from cmd/containerd/builtins.go _ "github.com/mygithub/customplugin" ) func main() { app := command.App() if err := app.Run(os.Args); err != nil { fmt.Fprintf(os.Stderr, "containerd: %sn", err) os.Exit(1) } }
  • 21. Example Snapshotter Proxy Plugin // Snapshot service manages snapshots service Snapshots { rpc Prepare(PrepareSnapshotRequest) returns (PrepareSnapshotResponse); rpc View(ViewSnapshotRequest) returns (ViewSnapshotResponse); rpc Mounts(MountsRequest) returns (MountsResponse); rpc Commit(CommitSnapshotRequest) returns (google.protobuf.Empty); rpc Remove(RemoveSnapshotRequest) returns (google.protobuf.Empty); rpc Stat(StatSnapshotRequest) returns (StatSnapshotResponse); rpc Update(UpdateSnapshotRequest) returns (UpdateSnapshotResponse); rpc List(ListSnapshotsRequest) returns (stream ListSnapshotsResponse); rpc Usage(UsageRequest) returns (UsageResponse); } - implement Snapshotter gRPC API - backend requests are proxied to plugin
  • 22. External snapshotter ● Configure with proxy_plugins ● Build as an external plugin [proxy_plugins] [proxy_plugins.customsnapshot] type = "snapshot" address = "/var/run/mysnapshotter.sock" package main import( "net" "log" "github.com/containerd/containerd/api/services/snapshots/v1" "github.com/containerd/containerd/contrib/snapshotservice" ) func main() { rpc := grpc.NewServer() sn := CustomSnapshotter() service := snapshotservice.FromSnapshotter(sn) snapshots.RegisterSnapshotsServer(rpc, service) // Listen and serve l, err := net.Listen("unix", "/var/run/mysnapshotter.sock") if err != nil { log.Fatalf("error: %vn", err) } if err := rpc.Serve(l); err != nil { log.Fatalf("error: %vn", err) } }
  • 24. Runtime shim v2 API ● Minimal and scoped to the execution lifecycle of a container ● Binary naming convention ○ Type io.containerd.runsc.v1 -> Binary containerd-shim-runsc-v1
  • 25. Runtime Plugins - Task Service service Task { rpc State(StateRequest) returns (StateResponse); rpc Create(CreateTaskRequest) returns (CreateTaskResponse); rpc Start(StartRequest) returns (StartResponse); rpc Delete(DeleteRequest) returns (DeleteResponse); rpc Pids(PidsRequest) returns (PidsResponse); rpc Pause(PauseRequest) returns (google.protobuf.Empty); rpc Resume(ResumeRequest) returns (google.protobuf.Empty); rpc Checkpoint(CheckpointTaskRequest) returns (google.protobuf.Empty); rpc Kill(KillRequest) returns (google.protobuf.Empty); rpc Exec(ExecProcessRequest) returns (google.protobuf.Empty); rpc ResizePty(ResizePtyRequest) returns (google.protobuf.Empty); rpc CloseIO(CloseIORequest) returns (google.protobuf.Empty); rpc Update(UpdateTaskRequest) returns (google.protobuf.Empty); rpc Wait(WaitRequest) returns (WaitResponse); rpc Stats(StatsRequest) returns (StatsResponse); rpc Connect(ConnectRequest) returns (ConnectResponse); rpc Shutdown(ShutdownRequest) returns (google.protobuf.Empty); }
  • 26. How is containerd used? ● Library ○ Go client API ■ oras, BuildKit, Weaveworks Ignite, IBM Cloud Functions, OpenFaaS “faasd”, Alibaba PouchContainer ○ Extensibility ■ Amazon ECR resolver, Azure Teleport, remote snapshotters [cvmfs, stargz] ○ Imports/Subprojects (cri-o use of containerd/cgroups) ● Kubernetes Runtime ○ CRI-containerd ■ IBM Kubernetes Service, GKE, Ticketmaster, Alibaba, microk8s, KinD, k3s, AWS Fargate ● Daemon ○ Docker, BuildKit