SlideShare a Scribd company logo

Build and run applications in a dockerless kubernetes world

Jorge Morales
Jorge Morales

Talk at Dev Days Riga 2018: Kubernetes has rapidly grown to support many container runtime formats. In this talk, I'm presenting all the alternatives you have to run your applications in kubernetes, and will present CRI-O which is steadily becoming a replacement to run your Docker containers on production. And since you will no longer have Docker, how will you build now your Docker containers? Buildah is a project that facilitates building Docker containers in a Dockerless world.

Technology
1 of 49
Download to read offline
Build and run applications in a Dockerless Kubernetes world Jorge Morales OpenShift Developer Advocate Riga Dev Days 2018
Me (aka Jorge Morales) ● Spanish by nature and by language ● Work at Red Hat ● OpenShift Developer Advocate ● Mostly Java developer ● Obsessed with improving the developer experience @jorgemoralespou github.com/jorgemoralespou http://jorgemoral.es
Kernel namespaces: sandboxing processes from one another Control Groups (cgroups): control process resource allocations Security: capabilities drop (seccomp), Mandatory access control (SELinux, Apparmor) Linux Containers @jorgemoralespou
VMS vs Containers @jorgemoralespou
@jorgemoralespou
@jorgemoralespou
@jorgemoralespou
With scale came complexity
Orchestration @jorgemoralespou
OTHER ORCHESTRATORS (Cloud Foundry Diego, Nomad, Blox, etc.) 2 YEARS AGO Fragmented landscape TODAY Kubernetes consolidation OTHER ORCHESTRATORS CONTAINER ORCHESTRATION LANDSCAPE @jorgemoralespou
Why kubernetes? #1: Open source, backed by giants #2: Vibrant and fast growing community #3: Supported on all clouds #4: Great partnerships @jorgemoralespou
Started slow June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 @jorgemoralespou
then more runtimes showed up Rkt 1.0 Feb 2016 Kubernetes 1.3: Supports Docker and Rkt containers July 2016 June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 @jorgemoralespou
and code got messy @jorgemoralespou
“Change is the essential process of all of existence.” —SPOCK
Standardize containers ● Runtime spec (runc = Reference implementation) ● Image spec ● Distribution spec (proposal) @jorgemoralespou
Use API/Interfaces to Container Runtimes KUBELET FRAKTI OCI-RUNTIME RUNC DOCKERD RKT CONTAINER RUNTIME INTERFACE (CRI) DOCKERD RKT KUBELET @jorgemoralespou
Standardization became a fact Rkt 1.0 Feb 2016 Kubernetes 1.3: Supports Docker and Rkt containers July 2016 June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 Dec 2016 Kubernetes 1.5: Container Runtime Interface (CRI) alpha July 2017 Kubernetes 1.7: CRI support GA @jorgemoralespou
What is Container Runtime Interface (CRI)? ● A gRPC interface and a group of libraries ● Enables Kubernetes to use a wide variety of container runtimes ● Introduced in Kubernetes 1.5 ● GA in Kubernetes 1.7 @jorgemoralespou
CRI Implementations frakti cri-containerd dockershim virtlet @jorgemoralespou
CRI-O ● Open source & Open governance ● Lean, Stable, Secure and BORING! ○ Tied to the CRI ○ No features that can mine stability and performance ○ Shaped around Kubernetes ○ Only supported user is Kubernetes ○ Versioning and Support are tied to Kubernetes @jorgemoralespou
Man, this guy is so boring! When is the live demo? @jorgemoralespou
Demo script SHOW DOCKER AND STOP IT $ docker images $ systemctl stop docker $ docker images RUN A CONTAINER WITH OC/KUBECTL $ kubectl get pods $ kubectl run --image=nginx --port=80 nginx $ kubectl expose deployment nginx --port=80 $ kubectl get svc $ curl http://<CLUSTER-IP> $ oc expose svc/nginx-http $ oc get route $ kubectl get pods $ kubectl logs -f <POD_NAME> $ kubectl exec -it <POD_NAME> sh $ docker ps $ runc list (show that containers are run by runc)
What if I want to try it? $ minikube start --network-plugin=cni --container-runtime=cri-o --bootstrapper=kubeadm @jorgemoralespou
@jorgemoralespou
libpod/podman Library (libpod) and CLI (podman) for managing OCI-based Pods, Containers, and Container Images ● Replacement for docker cli ○ known CLI ● Integrated with CRI-O (soon) ● No daemon running @jorgemoralespou
Demo script $ podman ps $ podman images $ podman run -it --rm -p 8080:80 nginx $ <ANOTHER TERMINAL> curl http://localhost:8080 $ <ANOTHER TERMINAL> podman ps $ <ANOTHER TERMINAL> podman logs <CONTAINER_ID> $ <ANOTHER TERMINAL> podman exec -t <CONTAINER_ID> sh $ <ANOTHER TERMINAL> ls /etc/nginx $ podman images $ podman run -t fedora echo "Hello Riga" $ podman ps -a $ cd Dockerfiles $ podman build -t rigacontainer . $ podman images $ podman run -it rigacontainer cat /hello $ podman ps -a $ podman rm --all
@jorgemoralespou
skopeo ● Copy images from/to (multiple transports/storages): ○ containers-storage:docker-reference ○ dir:path ○ docker://docker-reference ○ docker-archive:path[:docker-reference] ○ docker-daemon:docker-reference ○ oci:path:tag ○ ostree:image[@/absolute/repo/path] ● Inspect images ● Delete an image from a repository ● Standalone binary / No daemon running ● Perfect for pipelines (e.g. Jenkins) @jorgemoralespou
Demo script $ systemctl start docker $ docker images $ podman images COPY IMAGE $ skopeo copy containers-storage:riga/example:latest docker-daemon:riga/example:latest $ docker images $ docker run -it --rm riga/example cat /hello $ docker ps -a $ docker rm $(docker ps -qa) $ skopeo inspect docker-daemon:riga/example:latest $ skopeo inspect docker:docker.io/library/fedora:latest
@jorgemoralespou
buildah ● Build images ● No daemon running ● shell-like syntax ● Build from Dockerfile(s) @jorgemoralespou
Demo script $ cd ~/Dockerfiles $ skopeo copy containers-storage:registry.fedoraproject.org/fedora:latest docker-daemon:fedora:latest $ docker build -t riga/example-docker . $ docker history riga/example $ docker history riga/example-docker $ buildah bud -t riga/buildah-dockerfile $ container=(buildah from fedora) $ echo $container $ buildah containers $ buildah config --author "Jorge" --label "METADATA=Built with buildah" $container $ buildah inspect $container $ buildah run $container bash # echo “Hello Riga, built by Buildah” > /hello # ls / # cat /hello # exit $ buildah commit $container riga/example-buildah $ podman run -it riga/example-buildah cat /hello
@jorgemoralespou
@jorgemoralespou
Daemon-less Dockerfile builds ● Consume a Dockerfile, but build image without a docker daemon ● Pros ○ Docker build-like experience (just write a Dockerfile) ○ Potentially more control over image layers (combine or shard) ○ Aim is for greater security ● Cons ○ Dockerfile fidelity might make difficult some use cases ○ Different approaches to image layer construction @jorgemoralespou
Daemon-less Dockerfile builds ● Buildah ○ a tool that facilitates building OCI container images ● Img ○ Standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder. ○ The commands/UX are the same as docker (drop-in replacement) ● Kaniko ○ kaniko is a tool to build OCI container images from a Dockerfile, inside a container or Kubernetes cluster ○ executes each command within a Dockerfile completely in userspace ● more... @jorgemoralespou
Dockerfile-less builds ● User input is source / intent: “I want to run a Node.js web server” ● Pros: ○ Less configuration ○ Tools can intelligently build layers, better/safe layer caching ○ Docker image best practices can be codified into tools ● Cons: ○ Less flexible - Opinionated builds ○ Very fragmented across vendors, no real standard @jorgemoralespou
Dockerfile-less builds ● Source to Image ○ User provides source, source gets built+layered into an application image ○ Dependent on ecosystem of framework/language builder images ● Buildpacks ○ Invented by Heroku, adopted by Cloud Foundry / Deis ○ User provides source, “build” produces “slug”, “export” produces container image ● FTL (Faster than light) ○ Purpose-built source to image builders per-language, goal is layer-per-dependency ○ Insight: turn build incrementality into deploy incrementality ● Bazel ○ Google’s OSS build system, supports declarative image builds ○ Used for user-mode Docker image builds for 3+ years @jorgemoralespou
“Our ancestors called it magic, but you call it [computer] science. I come from a land where they are one and the same.” —THOR
@jorgemoralespou
And don’t forget to tweet if you liked it (or if you didn’t) @jorgemoralespou @jorgemoralespou

Recommended

Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Daniel Oh
 
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Jorge Morales
 
Настройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'aНастройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'acorehard_by
 
Automate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOpsAutomate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOpsDaniel Oh
 
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...Amazon Web Services
 
Docker and DevOps --- new IT culture
Docker and DevOps --- new IT cultureDocker and DevOps --- new IT culture
Docker and DevOps --- new IT cultureTerry Chen
 
[OSSummitEU2017]Ten Llayers of Linux Container Security
[OSSummitEU2017]Ten Llayers of Linux Container Security[OSSummitEU2017]Ten Llayers of Linux Container Security
[OSSummitEU2017]Ten Llayers of Linux Container SecurityDaniel Oh
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Radulescu Adina-Valentina
 

Recommended

Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Daniel Oh
 
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Jorge Morales
 
Настройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'aНастройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'acorehard_by
 
Automate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOpsAutomate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOpsDaniel Oh
 
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...
Why Users Are Moving on from Docker and Leaving Its Security Risks Behind (Sp...Amazon Web Services
 
Docker and DevOps --- new IT culture
Docker and DevOps --- new IT cultureDocker and DevOps --- new IT culture
Docker and DevOps --- new IT cultureTerry Chen
 
[OSSummitEU2017]Ten Llayers of Linux Container Security
[OSSummitEU2017]Ten Llayers of Linux Container Security[OSSummitEU2017]Ten Llayers of Linux Container Security
[OSSummitEU2017]Ten Llayers of Linux Container SecurityDaniel Oh
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Radulescu Adina-Valentina
 
Rootless Containers
Rootless ContainersRootless Containers
Rootless ContainersAkihiro Suda
 
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDaysThe world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDaysCodeOps Technologies LLP
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewiredotCloud
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the Worlddamovsky
 
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployOPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployNatale Vinto
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to dockerMarcelo Cenerino
 
Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Jérôme Petazzoni
 
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins Mando Stam
 
Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker, Inc.
 
Learn docker in 90 minutes
Learn docker in 90 minutesLearn docker in 90 minutes
Learn docker in 90 minutesLarry Cai
 
OpenShift As A DevOps Platform
OpenShift As A DevOps PlatformOpenShift As A DevOps Platform
OpenShift As A DevOps PlatformLalatendu Mohanty
 
[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep DiveAkihiro Suda
 
Docker Continuous Delivery Workshop
Docker Continuous Delivery WorkshopDocker Continuous Delivery Workshop
Docker Continuous Delivery WorkshopJirayut Nimsaeng
 
Surveillance on slam technology
Surveillance on slam technologySurveillance on slam technology
Surveillance on slam technologyGMO-Z.com Vietnam Lab Center
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 
Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Jérôme Petazzoni
 
ISC HPCW talks
ISC HPCW talksISC HPCW talks
ISC HPCW talksAkihiro Suda
 
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into ContainerdAkihiro Suda
 
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless Mode[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless ModeAkihiro Suda
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar
 
Build and run applications in a dockerless kubernetes world - DevConf India 18
Build and run applications in a dockerless kubernetes world - DevConf India 18Build and run applications in a dockerless kubernetes world - DevConf India 18
Build and run applications in a dockerless kubernetes world - DevConf India 18Jorge Morales
 
DOCKER-PIAIC-SLIDES
DOCKER-PIAIC-SLIDESDOCKER-PIAIC-SLIDES
DOCKER-PIAIC-SLIDESMuhammadAhmed651877
 

More Related Content

What's hot

Rootless Containers
Rootless ContainersRootless Containers
Rootless ContainersAkihiro Suda
 
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDaysThe world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDaysCodeOps Technologies LLP
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewiredotCloud
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the Worlddamovsky
 
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployOPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployNatale Vinto
 
Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Jérôme Petazzoni
 
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins Mando Stam
 
Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker, Inc.
 
Learn docker in 90 minutes
Learn docker in 90 minutesLearn docker in 90 minutes
Learn docker in 90 minutesLarry Cai
 
OpenShift As A DevOps Platform
OpenShift As A DevOps PlatformOpenShift As A DevOps Platform
OpenShift As A DevOps PlatformLalatendu Mohanty
 
[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep DiveAkihiro Suda
 
Docker Continuous Delivery Workshop
Docker Continuous Delivery WorkshopDocker Continuous Delivery Workshop
Docker Continuous Delivery WorkshopJirayut Nimsaeng
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 
Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Jérôme Petazzoni
 
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into ContainerdAkihiro Suda
 
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless Mode[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless ModeAkihiro Suda
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar
 

What's hot (20)

Rootless Containers
Rootless ContainersRootless Containers
Rootless Containers
 
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDaysThe world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
 
Dockerize the World
Dockerize the WorldDockerize the World
Dockerize the World
 
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & DeployOPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
OPENSHIFT CONTAINER PLATFORM CI/CD Build & Deploy
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
 
Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?Docker and Go: why did we decide to write Docker in Go?
Docker and Go: why did we decide to write Docker in Go?
 
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
GDG-ANDROID-ATHENS Meetup: Build in Docker with Jenkins
 
Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...Docker Platform Internals: Taking runtimes and image creation to the next lev...
Docker Platform Internals: Taking runtimes and image creation to the next lev...
 
Learn docker in 90 minutes
Learn docker in 90 minutesLearn docker in 90 minutes
Learn docker in 90 minutes
 
OpenShift As A DevOps Platform
OpenShift As A DevOps PlatformOpenShift As A DevOps Platform
OpenShift As A DevOps Platform
 
[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive
 
Docker Continuous Delivery Workshop
Docker Continuous Delivery WorkshopDocker Continuous Delivery Workshop
Docker Continuous Delivery Workshop
 
Surveillance on slam technology
Surveillance on slam technologySurveillance on slam technology
Surveillance on slam technology
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode
 
Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...Use the Source or Join the Dark Side: differences between Docker Community an...
Use the Source or Join the Dark Side: differences between Docker Community an...
 
ISC HPCW talks
ISC HPCW talksISC HPCW talks
ISC HPCW talks
 
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
 
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless Mode[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
 

Similar to Build and run applications in a dockerless kubernetes world

Build and run applications in a dockerless kubernetes world - DevConf India 18
Build and run applications in a dockerless kubernetes world - DevConf India 18Build and run applications in a dockerless kubernetes world - DevConf India 18
Build and run applications in a dockerless kubernetes world - DevConf India 18Jorge Morales
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 applicationRoman Rodomansky
 
Powercoders · Docker · Fall 2021.pptx
Powercoders · Docker · Fall 2021.pptxPowercoders · Docker · Fall 2021.pptx
Powercoders · Docker · Fall 2021.pptxIgnacioTamayo2
 
Docker for mere mortals
Docker for mere mortalsDocker for mere mortals
Docker for mere mortalsHenryk Konsek
 
Docker primer and tips
Docker primer and tipsDocker primer and tips
Docker primer and tipsSamuel Chow
 
Dockercon EU 2014
Dockercon EU 2014Dockercon EU 2014
Dockercon EU 2014Rafe Colton
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...Docker, Inc.
 
Docker in everyday development
Docker in everyday developmentDocker in everyday development
Docker in everyday developmentJustyna Ilczuk
 
Introduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxDataIntroduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxDataInfluxData
 
DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline Docker, Inc.
 
Using Docker to build and test in your laptop and Jenkins
Using Docker to build and test in your laptop and JenkinsUsing Docker to build and test in your laptop and Jenkins
Using Docker to build and test in your laptop and JenkinsMicael Gallego
 
Introduction to Docker and Containers
Introduction to Docker and ContainersIntroduction to Docker and Containers
Introduction to Docker and ContainersDocker, Inc.
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesJérôme Petazzoni
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsElasTest Project
 
A Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersA Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersDocker, Inc.
 
Virtual Machines and Docker
Virtual Machines and DockerVirtual Machines and Docker
Virtual Machines and DockerDanish Khakwani
 
Running the Oracle SOA Suite Environment in a Docker Container
Running the Oracle SOA Suite Environment in a Docker ContainerRunning the Oracle SOA Suite Environment in a Docker Container
Running the Oracle SOA Suite Environment in a Docker ContainerGuido Schmutz
 

Similar to Build and run applications in a dockerless kubernetes world (20)

Build and run applications in a dockerless kubernetes world - DevConf India 18
Build and run applications in a dockerless kubernetes world - DevConf India 18Build and run applications in a dockerless kubernetes world - DevConf India 18
Build and run applications in a dockerless kubernetes world - DevConf India 18
 
DOCKER-PIAIC-SLIDES
DOCKER-PIAIC-SLIDESDOCKER-PIAIC-SLIDES
DOCKER-PIAIC-SLIDES
 
Docker, what's next ?
Docker, what's next ?Docker, what's next ?
Docker, what's next ?
 
Dockerizing a Symfony2 application
Dockerizing a Symfony2 applicationDockerizing a Symfony2 application
Dockerizing a Symfony2 application
 
Powercoders · Docker · Fall 2021.pptx
Powercoders · Docker · Fall 2021.pptxPowercoders · Docker · Fall 2021.pptx
Powercoders · Docker · Fall 2021.pptx
 
Docker for mere mortals
Docker for mere mortalsDocker for mere mortals
Docker for mere mortals
 
Docker primer and tips
Docker primer and tipsDocker primer and tips
Docker primer and tips
 
Dockercon EU 2014
Dockercon EU 2014Dockercon EU 2014
Dockercon EU 2014
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
 
Docker in everyday development
Docker in everyday developmentDocker in everyday development
Docker in everyday development
 
Introduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxDataIntroduction to Docker and Monitoring with InfluxData
Introduction to Docker and Monitoring with InfluxData
 
DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline
 
Using Docker to build and test in your laptop and Jenkins
Using Docker to build and test in your laptop and JenkinsUsing Docker to build and test in your laptop and Jenkins
Using Docker to build and test in your laptop and Jenkins
 
Introduction to Docker and Containers
Introduction to Docker and ContainersIntroduction to Docker and Containers
Introduction to Docker and Containers
 
Docker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los AngelesDocker 0.11 at MaxCDN meetup in Los Angeles
Docker 0.11 at MaxCDN meetup in Los Angeles
 
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and JenkinsExpoQA 2017 Using docker to build and test in your laptop and Jenkins
ExpoQA 2017 Using docker to build and test in your laptop and Jenkins
 
A Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersA Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and Containers
 
Docker presentation
Docker presentationDocker presentation
Docker presentation
 
Virtual Machines and Docker
Virtual Machines and DockerVirtual Machines and Docker
Virtual Machines and Docker
 
Running the Oracle SOA Suite Environment in a Docker Container
Running the Oracle SOA Suite Environment in a Docker ContainerRunning the Oracle SOA Suite Environment in a Docker Container
Running the Oracle SOA Suite Environment in a Docker Container
 

More from Jorge Morales

OpenShift for developers in action! - jbcnconf19
OpenShift for developers in action! - jbcnconf19OpenShift for developers in action! - jbcnconf19
OpenShift for developers in action! - jbcnconf19Jorge Morales
 
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19Jorge Morales
 
Automating with operators - FossAsia Summit 2019
Automating with operators - FossAsia Summit 2019Automating with operators - FossAsia Summit 2019
Automating with operators - FossAsia Summit 2019Jorge Morales
 
Odo improving the developer experience on OpenShift - hack &amp; sangria
Odo improving the developer experience on OpenShift - hack &amp; sangriaOdo improving the developer experience on OpenShift - hack &amp; sangria
Odo improving the developer experience on OpenShift - hack &amp; sangriaJorge Morales
 
Mastering java in containers - MadridJUG
Mastering java in containers - MadridJUGMastering java in containers - MadridJUG
Mastering java in containers - MadridJUGJorge Morales
 
Automating stateful applications with kubernetes operators - Openstack Summit...
Automating stateful applications with kubernetes operators - Openstack Summit...Automating stateful applications with kubernetes operators - Openstack Summit...
Automating stateful applications with kubernetes operators - Openstack Summit...Jorge Morales
 
Improving the developer experience on OpenShift - devconf-india-18
Improving the developer experience on OpenShift - devconf-india-18Improving the developer experience on OpenShift - devconf-india-18
Improving the developer experience on OpenShift - devconf-india-18Jorge Morales
 
I tried to dockerize my app but I had to PaaS
I tried to dockerize my app but I had to PaaSI tried to dockerize my app but I had to PaaS
I tried to dockerize my app but I had to PaaSJorge Morales
 

More from Jorge Morales (8)

OpenShift for developers in action! - jbcnconf19
OpenShift for developers in action! - jbcnconf19OpenShift for developers in action! - jbcnconf19
OpenShift for developers in action! - jbcnconf19
 
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
 
Automating with operators - FossAsia Summit 2019
Automating with operators - FossAsia Summit 2019Automating with operators - FossAsia Summit 2019
Automating with operators - FossAsia Summit 2019
 
Odo improving the developer experience on OpenShift - hack &amp; sangria
Odo improving the developer experience on OpenShift - hack &amp; sangriaOdo improving the developer experience on OpenShift - hack &amp; sangria
Odo improving the developer experience on OpenShift - hack &amp; sangria
 
Mastering java in containers - MadridJUG
Mastering java in containers - MadridJUGMastering java in containers - MadridJUG
Mastering java in containers - MadridJUG
 
Automating stateful applications with kubernetes operators - Openstack Summit...
Automating stateful applications with kubernetes operators - Openstack Summit...Automating stateful applications with kubernetes operators - Openstack Summit...
Automating stateful applications with kubernetes operators - Openstack Summit...
 
Improving the developer experience on OpenShift - devconf-india-18
Improving the developer experience on OpenShift - devconf-india-18Improving the developer experience on OpenShift - devconf-india-18
Improving the developer experience on OpenShift - devconf-india-18
 
I tried to dockerize my app but I had to PaaS
I tried to dockerize my app but I had to PaaSI tried to dockerize my app but I had to PaaS
I tried to dockerize my app but I had to PaaS
 

Recently uploaded

Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 

Recently uploaded (20)

Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 

Build and run applications in a dockerless kubernetes world

  • 1. Build and run applications in a Dockerless Kubernetes world Jorge Morales OpenShift Developer Advocate Riga Dev Days 2018
  • 2. Me (aka Jorge Morales) ● Spanish by nature and by language ● Work at Red Hat ● OpenShift Developer Advocate ● Mostly Java developer ● Obsessed with improving the developer experience @jorgemoralespou github.com/jorgemoralespou http://jorgemoral.es
  • 3.
  • 4.
  • 5. Kernel namespaces: sandboxing processes from one another Control Groups (cgroups): control process resource allocations Security: capabilities drop (seccomp), Mandatory access control (SELinux, Apparmor) Linux Containers @jorgemoralespou
  • 8.
  • 11. With scale came complexity
  • 13. OTHER ORCHESTRATORS (Cloud Foundry Diego, Nomad, Blox, etc.) 2 YEARS AGO Fragmented landscape TODAY Kubernetes consolidation OTHER ORCHESTRATORS CONTAINER ORCHESTRATION LANDSCAPE @jorgemoralespou
  • 14. Why kubernetes? #1: Open source, backed by giants #2: Vibrant and fast growing community #3: Supported on all clouds #4: Great partnerships @jorgemoralespou
  • 15. Started slow June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 @jorgemoralespou
  • 16. then more runtimes showed up Rkt 1.0 Feb 2016 Kubernetes 1.3: Supports Docker and Rkt containers July 2016 June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 @jorgemoralespou
  • 17. and code got messy @jorgemoralespou
  • 18. “Change is the essential process of all of existence.” —SPOCK
  • 19. Standardize containers ● Runtime spec (runc = Reference implementation) ● Image spec ● Distribution spec (proposal) @jorgemoralespou
  • 20. Use API/Interfaces to Container Runtimes KUBELET FRAKTI OCI-RUNTIME RUNC DOCKERD RKT CONTAINER RUNTIME INTERFACE (CRI) DOCKERD RKT KUBELET @jorgemoralespou
  • 21. Standardization became a fact Rkt 1.0 Feb 2016 Kubernetes 1.3: Supports Docker and Rkt containers July 2016 June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 Dec 2016 Kubernetes 1.5: Container Runtime Interface (CRI) alpha July 2017 Kubernetes 1.7: CRI support GA @jorgemoralespou
  • 22. What is Container Runtime Interface (CRI)? ● A gRPC interface and a group of libraries ● Enables Kubernetes to use a wide variety of container runtimes ● Introduced in Kubernetes 1.5 ● GA in Kubernetes 1.7 @jorgemoralespou
  • 24. CRI-O ● Open source & Open governance ● Lean, Stable, Secure and BORING! ○ Tied to the CRI ○ No features that can mine stability and performance ○ Shaped around Kubernetes ○ Only supported user is Kubernetes ○ Versioning and Support are tied to Kubernetes @jorgemoralespou
  • 25. Man, this guy is so boring! When is the live demo? @jorgemoralespou
  • 26. Demo script SHOW DOCKER AND STOP IT $ docker images $ systemctl stop docker $ docker images RUN A CONTAINER WITH OC/KUBECTL $ kubectl get pods $ kubectl run --image=nginx --port=80 nginx $ kubectl expose deployment nginx --port=80 $ kubectl get svc $ curl http://<CLUSTER-IP> $ oc expose svc/nginx-http $ oc get route $ kubectl get pods $ kubectl logs -f <POD_NAME> $ kubectl exec -it <POD_NAME> sh $ docker ps $ runc list (show that containers are run by runc)
  • 27.
  • 28. What if I want to try it? $ minikube start --network-plugin=cni --container-runtime=cri-o --bootstrapper=kubeadm @jorgemoralespou
  • 30. libpod/podman Library (libpod) and CLI (podman) for managing OCI-based Pods, Containers, and Container Images ● Replacement for docker cli ○ known CLI ● Integrated with CRI-O (soon) ● No daemon running @jorgemoralespou
  • 31.
  • 32. Demo script $ podman ps $ podman images $ podman run -it --rm -p 8080:80 nginx $ <ANOTHER TERMINAL> curl http://localhost:8080 $ <ANOTHER TERMINAL> podman ps $ <ANOTHER TERMINAL> podman logs <CONTAINER_ID> $ <ANOTHER TERMINAL> podman exec -t <CONTAINER_ID> sh $ <ANOTHER TERMINAL> ls /etc/nginx $ podman images $ podman run -t fedora echo "Hello Riga" $ podman ps -a $ cd Dockerfiles $ podman build -t rigacontainer . $ podman images $ podman run -it rigacontainer cat /hello $ podman ps -a $ podman rm --all
  • 34. skopeo ● Copy images from/to (multiple transports/storages): ○ containers-storage:docker-reference ○ dir:path ○ docker://docker-reference ○ docker-archive:path[:docker-reference] ○ docker-daemon:docker-reference ○ oci:path:tag ○ ostree:image[@/absolute/repo/path] ● Inspect images ● Delete an image from a repository ● Standalone binary / No daemon running ● Perfect for pipelines (e.g. Jenkins) @jorgemoralespou
  • 35.
  • 36. Demo script $ systemctl start docker $ docker images $ podman images COPY IMAGE $ skopeo copy containers-storage:riga/example:latest docker-daemon:riga/example:latest $ docker images $ docker run -it --rm riga/example cat /hello $ docker ps -a $ docker rm $(docker ps -qa) $ skopeo inspect docker-daemon:riga/example:latest $ skopeo inspect docker:docker.io/library/fedora:latest
  • 38. buildah ● Build images ● No daemon running ● shell-like syntax ● Build from Dockerfile(s) @jorgemoralespou
  • 39.
  • 40. Demo script $ cd ~/Dockerfiles $ skopeo copy containers-storage:registry.fedoraproject.org/fedora:latest docker-daemon:fedora:latest $ docker build -t riga/example-docker . $ docker history riga/example $ docker history riga/example-docker $ buildah bud -t riga/buildah-dockerfile $ container=(buildah from fedora) $ echo $container $ buildah containers $ buildah config --author "Jorge" --label "METADATA=Built with buildah" $container $ buildah inspect $container $ buildah run $container bash # echo “Hello Riga, built by Buildah” > /hello # ls / # cat /hello # exit $ buildah commit $container riga/example-buildah $ podman run -it riga/example-buildah cat /hello
  • 43. Daemon-less Dockerfile builds ● Consume a Dockerfile, but build image without a docker daemon ● Pros ○ Docker build-like experience (just write a Dockerfile) ○ Potentially more control over image layers (combine or shard) ○ Aim is for greater security ● Cons ○ Dockerfile fidelity might make difficult some use cases ○ Different approaches to image layer construction @jorgemoralespou
  • 44. Daemon-less Dockerfile builds ● Buildah ○ a tool that facilitates building OCI container images ● Img ○ Standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder. ○ The commands/UX are the same as docker (drop-in replacement) ● Kaniko ○ kaniko is a tool to build OCI container images from a Dockerfile, inside a container or Kubernetes cluster ○ executes each command within a Dockerfile completely in userspace ● more... @jorgemoralespou
  • 45. Dockerfile-less builds ● User input is source / intent: “I want to run a Node.js web server” ● Pros: ○ Less configuration ○ Tools can intelligently build layers, better/safe layer caching ○ Docker image best practices can be codified into tools ● Cons: ○ Less flexible - Opinionated builds ○ Very fragmented across vendors, no real standard @jorgemoralespou
  • 46. Dockerfile-less builds ● Source to Image ○ User provides source, source gets built+layered into an application image ○ Dependent on ecosystem of framework/language builder images ● Buildpacks ○ Invented by Heroku, adopted by Cloud Foundry / Deis ○ User provides source, “build” produces “slug”, “export” produces container image ● FTL (Faster than light) ○ Purpose-built source to image builders per-language, goal is layer-per-dependency ○ Insight: turn build incrementality into deploy incrementality ● Bazel ○ Google’s OSS build system, supports declarative image builds ○ Used for user-mode Docker image builds for 3+ years @jorgemoralespou
  • 47. “Our ancestors called it magic, but you call it [computer] science. I come from a land where they are one and the same.” —THOR
  • 49. And don’t forget to tweet if you liked it (or if you didn’t) @jorgemoralespou @jorgemoralespou