SlideShare a Scribd company logo

OpenShift Commons - Adopting Podman, Skopeo and Buildah for Building and Managing Containers

Mihai Criveti
Mihai Criveti

KubeCon OpenShift Commons - How Podman, Skopeo and Buildah provide a drop in replacement for Docker. How Podman offers better security using a fork-exec model. Building images with buildah. Introducing podman-compose and the Red Hat Universal Base Image.

Software
1 of 20
Download to read offline
Lessons Learned Adopting RHEL Container Tools Podman, Buildah, Quay, Skopeo, Clair and S2I Mihai Criveti, CTO & STSM, RHCA, IBM Elif Mosessohn-Samedin, RHCA II, Take off Labs 1
Agenda and Introduction Use Case: Team Driven End-to-End Container Build Podman, Skopeo and Buildah Resources and Links 2
Agenda and Introduction
Overview Adopting Podman for end-to-end container run and build. Use cases: • Understand the impact of SELinux, namespaces and cgroups. • Move from docker-compose to Podman pods. • Build container images for OpenShift Container Platform. 3
Speaker Overview Mihai CRIVETI Mihai builds containers for fun and profit, sometimes in the cloud, sometimes in his home datacenter, when the weather is cold. He’s also a Red Hat Certified Architect and the CTO and Senior Technical Staff Member for Cloud Native and Red Hat Solutions at IBM, where he builds multi-cloud solutions based on Red Hat OpenShift. Elif MOSESSOHN-SAMEDIN DevOps (Automation) Engineer with experience in Infrastructure Optimization and Management. Red Hat Certified Architect in Infrastructure and ITIL Certified in IT Service Management. Advocate for Continuous Learning, Open Source Communities, and Technical Innovation. 4
Use Case: Team Driven End-to-End Container Build
Breaking this up • Elif is responsible for developing the secure base images and pushing them to a private registry. • Mihai is responsible for building applications using the provided images. 5
Podman, Skopeo and Buildah
Podman Overview What is Podman? Figure 1: Podman - Manage pods, containers and OCI compliant container images How is Podman different? • Can be run as a regular user without requiring root. • Can manage pods (groups of one or more containers that operate together). • Lets you import Kubernetes definitions using podman play. • Fork-exec model instead of client-server model (containers are child processes of podman). • Compatible with Docker, Docker Hub or any OCI compliant container implementation. 6
Buildah What is Buildah? Figure 2: Buildah - Build container images from CLI or Dockerfiles How is Buildah different? • Containers can be build using simple CLI commands or shell scripts instead of Dockerfiles. • Images can then be pushed to any container registry and can be used by any container engine, including Podman, CRI-O, and Docker. • Buildah is also often used to securely build containers while running inside of a locked down container by a tool like Podman, OpenShift/Kubernetes or Docker. 7
Skopeo What is Skopeo? Figure 3: skopeo - inspect and copy containers and images between different storage How does Skopeo help? • It can copy images to and from a host, as well as to other container environments and registries. • Skopeo can inspect images from container image registries, get images and image layers, and use signatures to create and verify images. 8
Red Hat Image Sources Explained Red Hat Software Collections Library (RHSCL) • For developers that need the latest versions of tools not in the RHEL release schedule. • Use the latest development tools without impacting RHEL. • Available to all RHEL subscribers. Red Hat Container Catalog (RHCC) • Certified, curated and texted images built on RHEL. • Images have gone through a QA process. • Upgraded on a regular bases to avoid security vulnerabilities. Quay.io • Public / private container repository. 9
Universal Base Image - UBI Red Hat Universal Base Image - UBI Figure 4: UBI - Freely distributable OCI compliant secure container base images based on RHEL How does UBI Help? • More than just a base image, UBI provides three base images across RHEL 7 and RHEL 8: ubi, ubi-minimal and ubi-init • And a set of language runtimes (ex: nodejs, ruby, python, php, perl, etc.) • All packages in UBI come from RHEL channels and are supported on RHEL and OpenShift. • Secure by default, maintained and supported by Red Hat. 10
The Red Hat Container Catalog Certified container images from Red Hat and 3rd party vendors Figure 5: Container Images with a Container Health Index Pulling a container image podman pull registry.access.redhat.com/ubi8/python-38 11
Podman Compose What is podman-compose? • An implementation of docker-compose with Podman backend. When and why use podman-compose? • run unmodified docker-compose.yaml files, rootless • no daemon or setup required • Only depends on podman, Python 3 and PyYAML. When NOT to use podman-compose? • When you can use podman pod or podman generate and podman play‘ instead to create pods or import Kubernetes definitions. • For single-machine development, consider CodeReady Containers • For multi-node clusters, check out Red Hat OpenShift, Kubernetes or OKD. Getting podman-compose • macOS • Windows 12
Install Podman, Skopeo and Buildah Fedora 33 / RHEL 8 # Install podman, buildah and skopeo on Fedora 33 sudo dnf -y install podman buildah skopeo slirp4netns fuse-overlayfs Ubuntu / Debian sudo apt update && sudo apt -y install podman buildah skopeo Getting Help podman version podman --help # list available commands man podman-ps # or commands like run, rm, rmi, image, build podman info # display podman system information https://podman.io/getting-started/installation 13
Rootless Containers and cgroup v2 Note that our regular user has UID 1000 uid=1000(cmihai) gid=1000(cmihai) groups=1000(cmihai) What are UIDs mapped to inside the container? podman unshare cat /proc/self/uid_map 0 1000 1 1 100000 65536 UID 0 is mapped my UID (1000). UID 1 is mapped to 100000, UID 2 would map to 100001, etc. That means that a container UID of 27 would map to UID 1000026. Let’s test this mkdir test && podman unshare chown 27:27 test ls -ld test drwxrwxr-x. 2 100026 100026 4096 Sep 27 09:38 test 14
Resources and Links
Get this presentation https://github.com/kubetalks/OpenShift-Commons-Lessons-Learned-Podman 15
Getting started with Podman • https://podman.io/getting-started/ • https://github.com/containers/buildah • https://github.com/containers/skopeo • https://developers.redhat.com/products/rhel/ubi • https://quay.io/ • https://www.katacoda.com/courses/containers-without-docker/running-containers-with-podman • https://developers.redhat.com/products/codeready-containers/overview 16

Recommended

ShipItCon - Continuous Deployment and Multicloud with Ansible and Kubernetes
ShipItCon - Continuous Deployment and Multicloud with Ansible and KubernetesShipItCon - Continuous Deployment and Multicloud with Ansible and Kubernetes
ShipItCon - Continuous Deployment and Multicloud with Ansible and KubernetesMihai Criveti
 
AnsibleFest 2021 - DevSecOps with Ansible, OpenShift Virtualization, Packer a...
AnsibleFest 2021 - DevSecOps with Ansible, OpenShift Virtualization, Packer a...AnsibleFest 2021 - DevSecOps with Ansible, OpenShift Virtualization, Packer a...
AnsibleFest 2021 - DevSecOps with Ansible, OpenShift Virtualization, Packer a...Mihai Criveti
 
OpenShift Virtualization - VM and OS Image Lifecycle
OpenShift Virtualization - VM and OS Image LifecycleOpenShift Virtualization - VM and OS Image Lifecycle
OpenShift Virtualization - VM and OS Image LifecycleMihai Criveti
 
Mihai Criveti - PyCon Ireland - Automate Everything
Mihai Criveti - PyCon Ireland - Automate EverythingMihai Criveti - PyCon Ireland - Automate Everything
Mihai Criveti - PyCon Ireland - Automate EverythingMihai Criveti
 
Docker Meetup Rosenheim: Container Runtimes
Docker Meetup Rosenheim: Container RuntimesDocker Meetup Rosenheim: Container Runtimes
Docker Meetup Rosenheim: Container RuntimesNico Meisenzahl
 
Ansible Workshop for Pythonistas
Ansible Workshop for PythonistasAnsible Workshop for Pythonistas
Ansible Workshop for PythonistasMihai Criveti
 
Deploying Apache Kylin on AWS and designing a task scheduler for it
Deploying Apache Kylin on AWS and designing a task scheduler for itDeploying Apache Kylin on AWS and designing a task scheduler for it
Deploying Apache Kylin on AWS and designing a task scheduler for itChase Zhang
 
Red Hat OpenShift on Bare Metal and Containerized Storage
Red Hat OpenShift on Bare Metal and Containerized StorageRed Hat OpenShift on Bare Metal and Containerized Storage
Red Hat OpenShift on Bare Metal and Containerized StorageGreg Hoelzer
 

Recommended

ShipItCon - Continuous Deployment and Multicloud with Ansible and Kubernetes
ShipItCon - Continuous Deployment and Multicloud with Ansible and KubernetesShipItCon - Continuous Deployment and Multicloud with Ansible and Kubernetes
ShipItCon - Continuous Deployment and Multicloud with Ansible and KubernetesMihai Criveti
 
AnsibleFest 2021 - DevSecOps with Ansible, OpenShift Virtualization, Packer a...
AnsibleFest 2021 - DevSecOps with Ansible, OpenShift Virtualization, Packer a...AnsibleFest 2021 - DevSecOps with Ansible, OpenShift Virtualization, Packer a...
AnsibleFest 2021 - DevSecOps with Ansible, OpenShift Virtualization, Packer a...Mihai Criveti
 
OpenShift Virtualization - VM and OS Image Lifecycle
OpenShift Virtualization - VM and OS Image LifecycleOpenShift Virtualization - VM and OS Image Lifecycle
OpenShift Virtualization - VM and OS Image LifecycleMihai Criveti
 
Mihai Criveti - PyCon Ireland - Automate Everything
Mihai Criveti - PyCon Ireland - Automate EverythingMihai Criveti - PyCon Ireland - Automate Everything
Mihai Criveti - PyCon Ireland - Automate EverythingMihai Criveti
 
Docker Meetup Rosenheim: Container Runtimes
Docker Meetup Rosenheim: Container RuntimesDocker Meetup Rosenheim: Container Runtimes
Docker Meetup Rosenheim: Container RuntimesNico Meisenzahl
 
Ansible Workshop for Pythonistas
Ansible Workshop for PythonistasAnsible Workshop for Pythonistas
Ansible Workshop for PythonistasMihai Criveti
 
Deploying Apache Kylin on AWS and designing a task scheduler for it
Deploying Apache Kylin on AWS and designing a task scheduler for itDeploying Apache Kylin on AWS and designing a task scheduler for it
Deploying Apache Kylin on AWS and designing a task scheduler for itChase Zhang
 
Red Hat OpenShift on Bare Metal and Containerized Storage
Red Hat OpenShift on Bare Metal and Containerized StorageRed Hat OpenShift on Bare Metal and Containerized Storage
Red Hat OpenShift on Bare Metal and Containerized StorageGreg Hoelzer
 
From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...
From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...
From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...OpenShift Origin
 
Your journey into the serverless world
Your journey into the serverless worldYour journey into the serverless world
Your journey into the serverless worldRed Hat Developers
 
Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Hao H. Zhang
 
OpenShift Application Development | DO288 | Red Hat OpenShift
OpenShift Application Development | DO288 | Red Hat OpenShiftOpenShift Application Development | DO288 | Red Hat OpenShift
OpenShift Application Development | DO288 | Red Hat OpenShiftGlobal Knowledge Technologies
 
Open shift and docker - october,2014
Open shift and docker - october,2014Open shift and docker - october,2014
Open shift and docker - october,2014Hojoong Kim
 
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployOPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployNatale Vinto
 
Kubernetes or OpenShift - choosing your container platform for Dev and Ops
Kubernetes or OpenShift - choosing your container platform for Dev and OpsKubernetes or OpenShift - choosing your container platform for Dev and Ops
Kubernetes or OpenShift - choosing your container platform for Dev and OpsTomasz Cholewa
 
OpenShift and next generation application development
OpenShift and next generation application developmentOpenShift and next generation application development
OpenShift and next generation application developmentSyed Shaaf
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar
 
Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Vincenzo Ferme
 
Developing Microservices Directly in AKS/Kubernetes
Developing Microservices Directly in AKS/KubernetesDeveloping Microservices Directly in AKS/Kubernetes
Developing Microservices Directly in AKS/KubernetesChakradhar Rao Jonagam
 
Docker Meetup - Melbourne 2015 - Kubernetes Deep Dive
Docker Meetup - Melbourne 2015 - Kubernetes Deep DiveDocker Meetup - Melbourne 2015 - Kubernetes Deep Dive
Docker Meetup - Melbourne 2015 - Kubernetes Deep DiveKen Thompson
 
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...OpenShift Origin
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...Docker, Inc.
 
DEVNET-1183 OpenShift + Kubernetes + Docker
DEVNET-1183 OpenShift + Kubernetes + DockerDEVNET-1183 OpenShift + Kubernetes + Docker
DEVNET-1183 OpenShift + Kubernetes + DockerCisco DevNet
 
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Jorge Morales
 
Galera on kubernetes_no_video
Galera on kubernetes_no_videoGalera on kubernetes_no_video
Galera on kubernetes_no_videoPatrick Galbraith
 
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...OpenShift Origin
 
VM vs Docker-Based Pipelines
VM vs Docker-Based PipelinesVM vs Docker-Based Pipelines
VM vs Docker-Based PipelinesCodefresh
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
Kubernetes Story - Day 1: Build and Manage Containers with Podman
Kubernetes Story - Day 1: Build and Manage Containers with PodmanKubernetes Story - Day 1: Build and Manage Containers with Podman
Kubernetes Story - Day 1: Build and Manage Containers with PodmanMihai Criveti
 
Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...
Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...
Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...Mihai Criveti
 

More Related Content

What's hot

From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...
From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...
From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...OpenShift Origin
 
Your journey into the serverless world
Your journey into the serverless worldYour journey into the serverless world
Your journey into the serverless worldRed Hat Developers
 
Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Hao H. Zhang
 
OpenShift Application Development | DO288 | Red Hat OpenShift
OpenShift Application Development | DO288 | Red Hat OpenShiftOpenShift Application Development | DO288 | Red Hat OpenShift
OpenShift Application Development | DO288 | Red Hat OpenShiftGlobal Knowledge Technologies
 
Open shift and docker - october,2014
Open shift and docker - october,2014Open shift and docker - october,2014
Open shift and docker - october,2014Hojoong Kim
 
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployOPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployNatale Vinto
 
Kubernetes or OpenShift - choosing your container platform for Dev and Ops
Kubernetes or OpenShift - choosing your container platform for Dev and OpsKubernetes or OpenShift - choosing your container platform for Dev and Ops
Kubernetes or OpenShift - choosing your container platform for Dev and OpsTomasz Cholewa
 
OpenShift and next generation application development
OpenShift and next generation application developmentOpenShift and next generation application development
OpenShift and next generation application developmentSyed Shaaf
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar
 
Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Vincenzo Ferme
 
Developing Microservices Directly in AKS/Kubernetes
Developing Microservices Directly in AKS/KubernetesDeveloping Microservices Directly in AKS/Kubernetes
Developing Microservices Directly in AKS/KubernetesChakradhar Rao Jonagam
 
Docker Meetup - Melbourne 2015 - Kubernetes Deep Dive
Docker Meetup - Melbourne 2015 - Kubernetes Deep DiveDocker Meetup - Melbourne 2015 - Kubernetes Deep Dive
Docker Meetup - Melbourne 2015 - Kubernetes Deep DiveKen Thompson
 
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...OpenShift Origin
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...Docker, Inc.
 
DEVNET-1183 OpenShift + Kubernetes + Docker
DEVNET-1183 OpenShift + Kubernetes + DockerDEVNET-1183 OpenShift + Kubernetes + Docker
DEVNET-1183 OpenShift + Kubernetes + DockerCisco DevNet
 
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Jorge Morales
 
Galera on kubernetes_no_video
Galera on kubernetes_no_videoGalera on kubernetes_no_video
Galera on kubernetes_no_videoPatrick Galbraith
 
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...OpenShift Origin
 
VM vs Docker-Based Pipelines
VM vs Docker-Based PipelinesVM vs Docker-Based Pipelines
VM vs Docker-Based PipelinesCodefresh
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 

What's hot (20)

From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...
From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...
From Zero to Cloud: Revolutionize your Application Life Cycle with OpenShift ...
 
Your journey into the serverless world
Your journey into the serverless worldYour journey into the serverless world
Your journey into the serverless world
 
Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1Kubernetes Architecture - beyond a black box - Part 1
Kubernetes Architecture - beyond a black box - Part 1
 
OpenShift Application Development | DO288 | Red Hat OpenShift
OpenShift Application Development | DO288 | Red Hat OpenShiftOpenShift Application Development | DO288 | Red Hat OpenShift
OpenShift Application Development | DO288 | Red Hat OpenShift
 
Open shift and docker - october,2014
Open shift and docker - october,2014Open shift and docker - october,2014
Open shift and docker - october,2014
 
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployOPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
 
Kubernetes or OpenShift - choosing your container platform for Dev and Ops
Kubernetes or OpenShift - choosing your container platform for Dev and OpsKubernetes or OpenShift - choosing your container platform for Dev and Ops
Kubernetes or OpenShift - choosing your container platform for Dev and Ops
 
OpenShift and next generation application development
OpenShift and next generation application developmentOpenShift and next generation application development
OpenShift and next generation application development
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
 
Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...Using Docker Containers to Improve Reproducibility in Software and Web Engine...
Using Docker Containers to Improve Reproducibility in Software and Web Engine...
 
Developing Microservices Directly in AKS/Kubernetes
Developing Microservices Directly in AKS/KubernetesDeveloping Microservices Directly in AKS/Kubernetes
Developing Microservices Directly in AKS/Kubernetes
 
Docker Meetup - Melbourne 2015 - Kubernetes Deep Dive
Docker Meetup - Melbourne 2015 - Kubernetes Deep DiveDocker Meetup - Melbourne 2015 - Kubernetes Deep Dive
Docker Meetup - Melbourne 2015 - Kubernetes Deep Dive
 
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...
Build Your Own PaaS, Just like Red Hat's OpenShift from LinuxCon 2013 New Orl...
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
 
DEVNET-1183 OpenShift + Kubernetes + Docker
DEVNET-1183 OpenShift + Kubernetes + DockerDEVNET-1183 OpenShift + Kubernetes + Docker
DEVNET-1183 OpenShift + Kubernetes + Docker
 
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
 
Galera on kubernetes_no_video
Galera on kubernetes_no_videoGalera on kubernetes_no_video
Galera on kubernetes_no_video
 
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
Extending OpenShift Origin: Build Your Own Cartridge with Bill DeCoste of Red...
 
VM vs Docker-Based Pipelines
VM vs Docker-Based PipelinesVM vs Docker-Based Pipelines
VM vs Docker-Based Pipelines
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetes
 

Similar to OpenShift Commons - Adopting Podman, Skopeo and Buildah for Building and Managing Containers

Kubernetes Story - Day 1: Build and Manage Containers with Podman
Kubernetes Story - Day 1: Build and Manage Containers with PodmanKubernetes Story - Day 1: Build and Manage Containers with Podman
Kubernetes Story - Day 1: Build and Manage Containers with PodmanMihai Criveti
 
Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...
Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...
Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...Mihai Criveti
 
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Daniel Oh
 
Containers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech TalkContainers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech TalkRed Hat Developers
 
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...Amazon Web Services
 
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ....docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ...ICON UK EVENTS Limited
 
docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...Matteo Bisi
 
.docker : how to deploy Digital Experience in a container drinking a cup of c...
.docker : how to deploy Digital Experience in a container drinking a cup of c....docker : how to deploy Digital Experience in a container drinking a cup of c...
.docker : how to deploy Digital Experience in a container drinking a cup of c...Andrea Fontana
 
Docking, loading, running domino on docker v12
Docking, loading, running domino on docker v12Docking, loading, running domino on docker v12
Docking, loading, running domino on docker v12Daniele Vistalli
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...Ambassador Labs
 
Docker 101: An Introduction
Docker 101: An IntroductionDocker 101: An Introduction
Docker 101: An IntroductionPOSSCON
 
Docker, how to use it. organize a meeting with IBM products...
Docker, how to use it. organize a meeting with IBM products...Docker, how to use it. organize a meeting with IBM products...
Docker, how to use it. organize a meeting with IBM products...Andrea Fontana
 
Lean Drupal Repositories with Composer and Drush
Lean Drupal Repositories with Composer and DrushLean Drupal Repositories with Composer and Drush
Lean Drupal Repositories with Composer and DrushPantheon
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Ambassador Labs
 
Linux Containers and Docker SHARE.ORG Seattle 2015
Linux Containers and Docker SHARE.ORG Seattle 2015Linux Containers and Docker SHARE.ORG Seattle 2015
Linux Containers and Docker SHARE.ORG Seattle 2015Filipe Miranda
 
Devoxx 2016: A Developer's Guide to OCI and runC
Devoxx 2016: A Developer's Guide to OCI and runCDevoxx 2016: A Developer's Guide to OCI and runC
Devoxx 2016: A Developer's Guide to OCI and runCPhil Estes
 
DCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development PipelineDCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development PipelineDocker, Inc.
 
Ippevent : openshift Introduction
Ippevent : openshift IntroductionIppevent : openshift Introduction
Ippevent : openshift Introductionkanedafromparis
 

Similar to OpenShift Commons - Adopting Podman, Skopeo and Buildah for Building and Managing Containers (20)

Kubernetes Story - Day 1: Build and Manage Containers with Podman
Kubernetes Story - Day 1: Build and Manage Containers with PodmanKubernetes Story - Day 1: Build and Manage Containers with Podman
Kubernetes Story - Day 1: Build and Manage Containers with Podman
 
Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...
Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...
Kubernetes Story - Day 2: Quay.io Container Registry for Publishing, Building...
 
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
 
Containers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech TalkContainers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech Talk
 
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
 
Docker basic
Docker basicDocker basic
Docker basic
 
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ....docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
 
docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...
 
.docker : how to deploy Digital Experience in a container drinking a cup of c...
.docker : how to deploy Digital Experience in a container drinking a cup of c....docker : how to deploy Digital Experience in a container drinking a cup of c...
.docker : how to deploy Digital Experience in a container drinking a cup of c...
 
Docking, loading, running domino on docker v12
Docking, loading, running domino on docker v12Docking, loading, running domino on docker v12
Docking, loading, running domino on docker v12
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
 
Docker 101: An Introduction
Docker 101: An IntroductionDocker 101: An Introduction
Docker 101: An Introduction
 
Docker, how to use it. organize a meeting with IBM products...
Docker, how to use it. organize a meeting with IBM products...Docker, how to use it. organize a meeting with IBM products...
Docker, how to use it. organize a meeting with IBM products...
 
Lean Drupal Repositories with Composer and Drush
Lean Drupal Repositories with Composer and DrushLean Drupal Repositories with Composer and Drush
Lean Drupal Repositories with Composer and Drush
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
 
Dockerize All The Things
Dockerize All The ThingsDockerize All The Things
Dockerize All The Things
 
Linux Containers and Docker SHARE.ORG Seattle 2015
Linux Containers and Docker SHARE.ORG Seattle 2015Linux Containers and Docker SHARE.ORG Seattle 2015
Linux Containers and Docker SHARE.ORG Seattle 2015
 
Devoxx 2016: A Developer's Guide to OCI and runC
Devoxx 2016: A Developer's Guide to OCI and runCDevoxx 2016: A Developer's Guide to OCI and runC
Devoxx 2016: A Developer's Guide to OCI and runC
 
DCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development PipelineDCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development Pipeline
 
Ippevent : openshift Introduction
Ippevent : openshift IntroductionIppevent : openshift Introduction
Ippevent : openshift Introduction
 

More from Mihai Criveti

10 Limitations of Large Language Models and Mitigation Options
10 Limitations of Large Language Models and Mitigation Options10 Limitations of Large Language Models and Mitigation Options
10 Limitations of Large Language Models and Mitigation OptionsMihai Criveti
 
Retrieval Augmented Generation in Practice: Scalable GenAI platforms with k8s...
Retrieval Augmented Generation in Practice: Scalable GenAI platforms with k8s...Retrieval Augmented Generation in Practice: Scalable GenAI platforms with k8s...
Retrieval Augmented Generation in Practice: Scalable GenAI platforms with k8s...Mihai Criveti
 
Data Science at Scale - The DevOps Approach
Data Science at Scale - The DevOps ApproachData Science at Scale - The DevOps Approach
Data Science at Scale - The DevOps ApproachMihai Criveti
 
DevOps for Data Engineers - Automate Your Data Science Pipeline with Ansible,...
DevOps for Data Engineers - Automate Your Data Science Pipeline with Ansible,...DevOps for Data Engineers - Automate Your Data Science Pipeline with Ansible,...
DevOps for Data Engineers - Automate Your Data Science Pipeline with Ansible,...Mihai Criveti
 
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftKubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftMihai Criveti
 
Container Technologies and Transformational value
Container Technologies and Transformational valueContainer Technologies and Transformational value
Container Technologies and Transformational valueMihai Criveti
 

More from Mihai Criveti (6)

10 Limitations of Large Language Models and Mitigation Options
10 Limitations of Large Language Models and Mitigation Options10 Limitations of Large Language Models and Mitigation Options
10 Limitations of Large Language Models and Mitigation Options
 
Retrieval Augmented Generation in Practice: Scalable GenAI platforms with k8s...
Retrieval Augmented Generation in Practice: Scalable GenAI platforms with k8s...Retrieval Augmented Generation in Practice: Scalable GenAI platforms with k8s...
Retrieval Augmented Generation in Practice: Scalable GenAI platforms with k8s...
 
Data Science at Scale - The DevOps Approach
Data Science at Scale - The DevOps ApproachData Science at Scale - The DevOps Approach
Data Science at Scale - The DevOps Approach
 
DevOps for Data Engineers - Automate Your Data Science Pipeline with Ansible,...
DevOps for Data Engineers - Automate Your Data Science Pipeline with Ansible,...DevOps for Data Engineers - Automate Your Data Science Pipeline with Ansible,...
DevOps for Data Engineers - Automate Your Data Science Pipeline with Ansible,...
 
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShiftKubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
Kubernetes Story - Day 3: Deploying and Scaling Applications on OpenShift
 
Container Technologies and Transformational value
Container Technologies and Transformational valueContainer Technologies and Transformational value
Container Technologies and Transformational value
 

Recently uploaded

TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 

Recently uploaded (20)

TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 

OpenShift Commons - Adopting Podman, Skopeo and Buildah for Building and Managing Containers

  • 1. Lessons Learned Adopting RHEL Container Tools Podman, Buildah, Quay, Skopeo, Clair and S2I Mihai Criveti, CTO & STSM, RHCA, IBM Elif Mosessohn-Samedin, RHCA II, Take off Labs 1
  • 2. Agenda and Introduction Use Case: Team Driven End-to-End Container Build Podman, Skopeo and Buildah Resources and Links 2
  • 4. Overview Adopting Podman for end-to-end container run and build. Use cases: • Understand the impact of SELinux, namespaces and cgroups. • Move from docker-compose to Podman pods. • Build container images for OpenShift Container Platform. 3
  • 5. Speaker Overview Mihai CRIVETI Mihai builds containers for fun and profit, sometimes in the cloud, sometimes in his home datacenter, when the weather is cold. He’s also a Red Hat Certified Architect and the CTO and Senior Technical Staff Member for Cloud Native and Red Hat Solutions at IBM, where he builds multi-cloud solutions based on Red Hat OpenShift. Elif MOSESSOHN-SAMEDIN DevOps (Automation) Engineer with experience in Infrastructure Optimization and Management. Red Hat Certified Architect in Infrastructure and ITIL Certified in IT Service Management. Advocate for Continuous Learning, Open Source Communities, and Technical Innovation. 4
  • 6. Use Case: Team Driven End-to-End Container Build
  • 7. Breaking this up • Elif is responsible for developing the secure base images and pushing them to a private registry. • Mihai is responsible for building applications using the provided images. 5
  • 9. Podman Overview What is Podman? Figure 1: Podman - Manage pods, containers and OCI compliant container images How is Podman different? • Can be run as a regular user without requiring root. • Can manage pods (groups of one or more containers that operate together). • Lets you import Kubernetes definitions using podman play. • Fork-exec model instead of client-server model (containers are child processes of podman). • Compatible with Docker, Docker Hub or any OCI compliant container implementation. 6
  • 10. Buildah What is Buildah? Figure 2: Buildah - Build container images from CLI or Dockerfiles How is Buildah different? • Containers can be build using simple CLI commands or shell scripts instead of Dockerfiles. • Images can then be pushed to any container registry and can be used by any container engine, including Podman, CRI-O, and Docker. • Buildah is also often used to securely build containers while running inside of a locked down container by a tool like Podman, OpenShift/Kubernetes or Docker. 7
  • 11. Skopeo What is Skopeo? Figure 3: skopeo - inspect and copy containers and images between different storage How does Skopeo help? • It can copy images to and from a host, as well as to other container environments and registries. • Skopeo can inspect images from container image registries, get images and image layers, and use signatures to create and verify images. 8
  • 12. Red Hat Image Sources Explained Red Hat Software Collections Library (RHSCL) • For developers that need the latest versions of tools not in the RHEL release schedule. • Use the latest development tools without impacting RHEL. • Available to all RHEL subscribers. Red Hat Container Catalog (RHCC) • Certified, curated and texted images built on RHEL. • Images have gone through a QA process. • Upgraded on a regular bases to avoid security vulnerabilities. Quay.io • Public / private container repository. 9
  • 13. Universal Base Image - UBI Red Hat Universal Base Image - UBI Figure 4: UBI - Freely distributable OCI compliant secure container base images based on RHEL How does UBI Help? • More than just a base image, UBI provides three base images across RHEL 7 and RHEL 8: ubi, ubi-minimal and ubi-init • And a set of language runtimes (ex: nodejs, ruby, python, php, perl, etc.) • All packages in UBI come from RHEL channels and are supported on RHEL and OpenShift. • Secure by default, maintained and supported by Red Hat. 10
  • 14. The Red Hat Container Catalog Certified container images from Red Hat and 3rd party vendors Figure 5: Container Images with a Container Health Index Pulling a container image podman pull registry.access.redhat.com/ubi8/python-38 11
  • 15. Podman Compose What is podman-compose? • An implementation of docker-compose with Podman backend. When and why use podman-compose? • run unmodified docker-compose.yaml files, rootless • no daemon or setup required • Only depends on podman, Python 3 and PyYAML. When NOT to use podman-compose? • When you can use podman pod or podman generate and podman play‘ instead to create pods or import Kubernetes definitions. • For single-machine development, consider CodeReady Containers • For multi-node clusters, check out Red Hat OpenShift, Kubernetes or OKD. Getting podman-compose • macOS • Windows 12
  • 16. Install Podman, Skopeo and Buildah Fedora 33 / RHEL 8 # Install podman, buildah and skopeo on Fedora 33 sudo dnf -y install podman buildah skopeo slirp4netns fuse-overlayfs Ubuntu / Debian sudo apt update && sudo apt -y install podman buildah skopeo Getting Help podman version podman --help # list available commands man podman-ps # or commands like run, rm, rmi, image, build podman info # display podman system information https://podman.io/getting-started/installation 13
  • 17. Rootless Containers and cgroup v2 Note that our regular user has UID 1000 uid=1000(cmihai) gid=1000(cmihai) groups=1000(cmihai) What are UIDs mapped to inside the container? podman unshare cat /proc/self/uid_map 0 1000 1 1 100000 65536 UID 0 is mapped my UID (1000). UID 1 is mapped to 100000, UID 2 would map to 100001, etc. That means that a container UID of 27 would map to UID 1000026. Let’s test this mkdir test && podman unshare chown 27:27 test ls -ld test drwxrwxr-x. 2 100026 100026 4096 Sep 27 09:38 test 14
  • 20. Getting started with Podman • https://podman.io/getting-started/ • https://github.com/containers/buildah • https://github.com/containers/skopeo • https://developers.redhat.com/products/rhel/ubi • https://quay.io/ • https://www.katacoda.com/courses/containers-without-docker/running-containers-with-podman • https://developers.redhat.com/products/codeready-containers/overview 16