SlideShare a Scribd company logo

Containerd Internals: Building a Core Container Runtime

Phil Estes
Phil Estes

Containerd Internals: Building a Core Container Runtime discusses the architecture and internals of Containerd. It provides a brief history of Containerd and explains its goals of providing a clean API, full OCI support, and decoupled components. It describes Containerd's components like runtimes, storage, and snapshots. It then explains the processes of pulling an image, starting a container, and getting Prometheus metrics.

Software
1 of 36
Download to read offline
Containerd Internals: Building a Core Container Runtime Stephen Day, Docker Phil Estes, IBM September 11, 2017 #OSSummit
A Brief History APRIL 2016 Containerd “0.2” announced, Docker 1.11 DECEMBER 2016Announce expansion of containerd OSS project Management/Supervisor for the OCI runc executor Containerd 1.0: A core container runtime project for the industry MARCH 2017 Containerd project contributed to CNCF
runc containerd Why Containerd 1.0? ▪ Continue projects spun out from monolithic Docker engine ▪ Expected use beyond Docker engine (Kubernetes CRI) ▪ Donation to foundation for broad industry collaboration ▫ Similar to runc/libcontainer and the OCI
Technical Goals/Intentions ▪ Clean gRPC-based API + client library ▪ Full OCI support (runtime and image spec) ▪ Stability and performance with tight, well-defined core of container function ▪ Decoupled systems (image, filesystem, runtime) for pluggability, reuse
Requirements - A la carte: use only what is required - Runtime agility: fits into different platforms - Pass-through container configuration (direct OCI) - Decoupled - Use known-good technology - OCI container runtime and images - gRPC for API - Prometheus for Metrics
Runtimes Metadata Architecture ContainersContent DiffSnapshot Tasks EventsImages GRPC Metrics Runtimes Storage OS
Architecture containerd OS (Storage, FS, Networking Runtimes API Client (moby, containerd-cri, etc.)
Containerd: Rich Go API Getting Started https://github.com/containerd/containerd/blob/master/docs/getting-started.md GoDoc https://godoc.org/github.com/containerd/containerd
containerd Events EventsPublish Subscribe
# HELP container_blkio_io_service_bytes_recursive_bytes The blkio io service bytes recursive # TYPE container_blkio_io_service_bytes_recursive_bytes gauge container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Async"} 1.07159552e+08 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Read"} 0 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Sync"} 81920 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Total"} 1.07241472e+08 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Write"} 1.07241472e+08 # HELP container_blkio_io_serviced_recursive_total The blkio io servied recursive # TYPE container_blkio_io_serviced_recursive_total gauge container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Async"} 892 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Read"} 0 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Sync"} 888 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Total"} 1780 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Write"} 1780 # HELP container_cpu_kernel_nanoseconds The total kernel cpu time # TYPE container_cpu_kernel_nanoseconds gauge container_cpu_kernel_nanoseconds{container_id="foo4",namespace="default"} 2.6e+08 # HELP container_cpu_throttle_periods_total The total cpu throttle periods # TYPE container_cpu_throttle_periods_total gauge container_cpu_throttle_periods_total{container_id="foo4",namespace="default"} 0 # HELP container_cpu_throttled_periods_total The total cpu throttled periods # TYPE container_cpu_throttled_periods_total gauge container_cpu_throttled_periods_total{container_id="foo4",namespace="default"} 0 # HELP container_cpu_throttled_time_nanoseconds The total cpu throttled time # TYPE container_cpu_throttled_time_nanoseconds gauge container_cpu_throttled_time_nanoseconds{container_id="foo4",namespace="default"} 0 # HELP container_cpu_total_nanoseconds The total cpu time # TYPE container_cpu_total_nanoseconds gauge container_cpu_total_nanoseconds{container_id="foo4",namespace="default"} 1.003301578e+09 # HELP container_cpu_user_nanoseconds The total user cpu time # TYPE container_cpu_user_nanoseconds gauge container_cpu_user_nanoseconds{container_id="foo4",namespace="default"} 7e+08 # HELP container_hugetlb_failcnt_total The hugetlb failcnt # TYPE container_hugetlb_failcnt_total gauge container_hugetlb_failcnt_total{container_id="foo4",namespace="default",page="1GB"} 0 container_hugetlb_failcnt_total{container_id="foo4",namespace="default",page="2MB"} 0 # HELP container_hugetlb_max_bytes The hugetlb maximum usage # TYPE container_hugetlb_max_bytes gauge container_hugetlb_max_bytes{container_id="foo4",namespace="default",page="1GB"} 0 container_hugetlb_max_bytes{container_id="foo4",namespace="default",page="2MB"} 0 # HELP container_hugetlb_usage_bytes The hugetlb usage # TYPE container_hugetlb_usage_bytes gauge container_hugetlb_usage_bytes{container_id="foo4",namespace="default",page="1GB"} 0 container_hugetlb_usage_bytes{container_id="foo4",namespace="default",page="2MB"} 0 # HELP container_memory_active_anon_bytes The active_anon amount # TYPE container_memory_active_anon_bytes gauge container_memory_active_anon_bytes{container_id="foo4",namespace="default"} 2.658304e+06 # HELP container_memory_active_file_bytes The active_file amount # TYPE container_memory_active_file_bytes gauge container_memory_active_file_bytes{container_id="foo4",namespace="default"} 7.319552e+06 # HELP container_memory_cache_bytes The cache amount used # TYPE container_memory_cache_bytes gauge container_memory_cache_bytes{container_id="foo4",namespace="default"} 5.0597888e+07 # HELP container_memory_dirty_bytes The dirty amount Metrics
Pulling an Image What do runtimes need?
{ "schemaVersion": 2, "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json", "manifests": [ { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2094, "digest": "sha256:7820f9a86d4ad15a2c4f0c0e5479298df2aa7c2f6871288e2ef8546f3e7b6783", "platform": { "architecture": "ppc64le", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 1922, "digest": "sha256:ae1b0e06e8ade3a11267564a26e750585ba2259c0ecab59ab165ad1af41d1bdd", "platform": { "architecture": "amd64", "os": "linux", "features": [ "sse" ] } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:e4c0df75810b953d6717b8f8f28298d73870e8aa2a0d5e77b8391f16fdfbbbe2", "platform": { "architecture": "s390x", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:07ebe243465ef4a667b78154ae6c3ea46fdb1582936aac3ac899ea311a701b40", "platform": { "architecture": "arm", "os": "linux", "variant": "armv7" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2090, "digest": "sha256:fb2fc0707b86dafa9959fe3d29e66af8787aee4d9a23581714be65db4265ad8a", "platform": { "architecture": "arm64", "os": "linux", "variant": "armv8" } Image Formats Index (Manifest List) linux amd64 linux ppc64le windows amd64 Manifests: Manifest linux arm64 Layers: Config: L0 L1 Ln Root Filesystem /usr /bin /dev /etc /home /lib C OCI Spec process args env cwd … root mounts Docker and OCI
Content Addressability digest.FromString(“foo”) -> “sha256:2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae” digest.FromString(“foo tampered”) -> “sha256:51f7f1d1f6bebed72b936c8ea257896cb221b91d303c5b5c44073fce33ab8dd8” digest.FromString(“bar sha256:2c...”) -> “sha256:2e94890c66fbcccca9ad680e1b1c933cc323a5b4bcb14cc8a4bc78bb88d41055” “foo” “bar sha256:2c…” “foo tampered” “bar sha256:2c…”
{ "schemaVersion": 2, "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json", "manifests": [ { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2094, "digest": "sha256:7820f9a86d4ad15a2c4f0c0e5479298df2aa7c2f6871288e2ef8546f3e7b6783", "platform": { "architecture": "ppc64le", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 1922, "digest": "sha256:ae1b0e06e8ade3a11267564a26e750585ba2259c0ecab59ab165ad1af41d1bdd", "platform": { "architecture": "amd64", "os": "linux", "features": [ "sse" ] } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:e4c0df75810b953d6717b8f8f28298d73870e8aa2a0d5e77b8391f16fdfbbbe2", "platform": { "architecture": "s390x", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:07ebe243465ef4a667b78154ae6c3ea46fdb1582936aac3ac899ea311a701b40", "platform": { "architecture": "arm", "os": "linux", "variant": "armv7" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2090, "digest": "sha256:fb2fc0707b86dafa9959fe3d29e66af8787aee4d9a23581714be65db4265ad8a", "platform": { "architecture": "arm64", "os": "linux", "variant": "armv8" } Image Formats Docker and OCI Index (Manifest List) linux amd64 linux ppc64le windows amd64 Manifests: Manifest linux arm64 Layers: Config: L0 Ln C Digest Layer File 0 Layer File 1 Layer File N L1 Digest Digest Digest Digest
Resolution Getting a digest from a name: 15 ubuntu sha256:71cd81252a3563a03ad8daee81047b62ab5d892ebbfbf71cf53415f29c130950
Pulling an Image Data Flow Content Images Snapshots Pull Fetch Unpack Events Remote Mounts
Remotes Locators and Resolution type Fetcher interface { Fetch(ctx context.Context, id string, hints ...string) (io.ReadCloser, error) } type Resolver interface { Resolve(ctx context.Context, locator string) (Fetcher, error) } fetcher := resolver.Resolve("docker.io/library/ubuntu") Endlessly Configurable! (hint: think git remotes)
Example: Pull an Image Via ctr client: $ export CONTAINERD_NAMESPACE=example $ ctr pull docker.io/library/redis:alpine $ ctr image ls ... import ( "context" "github.com/containerd/containerd" "github.com/containerd/containerd/namespaces" ) // connect to our containerd daemon client, err := containerd.New("/run/containerd/containerd.sock") defer client.Close() // set our namespace to “example”: ctx := namespaces.WithNamespace(context.Background(), "example") // pull the alpine-based redis image from DockerHub: image, err := client.Pull(ctx, "docker.io/library/redis:alpine", containerd.WithPullUnpack)
Snapshotters How do you build a container root filesystem?
Snapshots ● No mounting, just returns mounts! ● Explicit active (rw) and committed (ro) ● Commands represent lifecycle ● Reference key chosen by caller (allows using content addresses) ● No tars and no diffs Evolved from Graph Drivers ● Simple layer relationships ● Small and focused interface ● Non-opinionated string keys ● External Mount Lifecycle type Snapshotter interface { Stat(key string) (Info, error) Mounts(key string) ([]containerd.Mount, error) Prepare(key, parent string) ([]containerd.Mount, error) View(key, parent string) ([]containerd.Mount, error) Commit(name, key string) error Remove(key string) error Walk(fn func(Info) error) error } type Info struct { Name string // name or key of snapshot Parent string Kind Kind } type Kind int const ( KindView KindActive KindCommitted )
Active Committed Prepare(a, P0 ) Commit(P1 , a′) Snapshot Model P0a a′ a′′ P1 P2 Commit(P2 , a′′) Remove(c) Prepare(a′′, P1 )
Example: Investigating Root Filesystem $ ctr snapshot ls … $ ctr snapshot tree … $ ctr snapshot mounts <target> <id>
Pulling an Image 1. Resolve manifest or index (manifest list) 2. Download all the resources referenced by the manifest 3. Unpack layers into snapshots 4. Register the mappings between manifests and constituent resources
Pulling an Image Data Flow Content Images Snapshots Pull Fetch Unpack Events Remote Mounts
Starting a Container 1. Initialize a root filesystem (RootFS) from snapshot 2. Setup OCI configuration (config.json) 3. Use metadata from container and snapshotter to specify config and mounts 4. Start process via the task service
Starting a Container Images Snapshot Run Initialize Start Events Running Containers Containers Tasks Setup
Example: Run a Container Via ctr client: $ export CONTAINERD_NAMESPACE=example $ ctr run -t docker.io/library/redis:alpine redis-server $ ctr c ... // create our container object and config container, err := client.NewContainer(ctx, "redis-server", containerd.WithImage(image), containerd.WithNewSpec(containerd.WithImageConfig(image)), ) defer container.Delete() // create a task from the container task, err := container.NewTask(ctx, containerd.Stdio) defer task.Delete(ctx) // make sure we wait before calling start exitStatusC, err := task.Wait(ctx) // call start on the task to execute the redis server if err := task.Start(ctx); err != nil { return err }
Example: Kill a Task Via ctr client: $ export CONTAINERD_NAMESPACE=example $ ctr t kill redis-server $ ctr t ls ... // make sure we wait before calling start exitStatusC, err := task.Wait(ctx) time.Sleep(3 * time.Second) if err := task.Kill(ctx, syscall.SIGTERM); err != nil { return err } // retrieve the process exit status from the channel status := <-exitStatusC code, exitedAt, err := status.Result() if err != nil { return err } // print out the exit code from the process fmt.Printf("redis-server exited with status: %dn", code)
Example: Customize OCI Configuration // WithHtop configures a container to monitor the host via `htop` func WithHtop(s *specs.Spec) error { // make sure we are in the host pid namespace if err := containerd.WithHostNamespace(specs.PIDNamespace)(s); err != nil { return err } // make sure we set htop as our arg s.Process.Args = []string{"htop"} // make sure we have a tty set for htop if err := containerd.WithTTY(s); err != nil { return err } return nil } With{func} functions cleanly separate modifiers
Customization - Linux Namespaces -> WithLinuxNamespace - Networking -> WithNetwork - Volumes -> WithVolume
Use cases - CURRENT - Docker (moby) - Kubernetes (cri-containerd) - SwarmKit (experimental) - LinuxKit - BuildKit - FUTURE/POTENTIAL - IBM Cloud/Bluemix - OpenFaaS - {your project here}
Evolution containerd
Going further with containerd ▪ Contributing: https://github.com/containerd/containerd ▫ Bug fixes, adding tests, improving docs, validation ▪ Using: See the getting started documentation in the docs folder of the repo ▪ Porting/testing: Other architectures & OSs, stress testing (see bucketbench, containerd-stress): ▫ git clone <repo>, make binaries, sudo make install ▪ K8s CRI: incubation project to use containerd as CRI ▫ In alpha today; e2e tests, validation, contributing
Moby Summit at OSS NA Thursday, September 14, 2017 “An open framework to assemble specialized container systems without reinventing the wheel.” Tickets: https://www.eventbrite.com/e/moby-summit-los-angeles-tickets-35930560273
Bella Center, Copenhagen 16-19 October, 2017 https://europe-2017.dockercon.com/ 10% discount code: CaptainPhil
Thank You! Questions? ▪ Stephen Day ▫ https://github.com/stevvooe ▫ stephen@docker.com ▫ Twitter: @stevvooe ▪ Phil Estes ▫ https://github.com/estesp ▫ estesp@gmail.com ▫ Twitter: @estesp

Recommended

Container Performance Analysis
Container Performance AnalysisContainer Performance Analysis
Container Performance Analysis
Brendan Gregg
 
eBPF - Observability In Deep
eBPF - Observability In DeepeBPF - Observability In Deep
eBPF - Observability In Deep
Mydbops
 
Helm intro
Helm introHelm intro
Helm intro
Haggai Philip Zagury
 
Linux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old SecretsLinux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old Secrets
Brendan Gregg
 
Designing a complete ci cd pipeline using argo events, workflow and cd products
Designing a complete ci cd pipeline using argo events, workflow and cd productsDesigning a complete ci cd pipeline using argo events, workflow and cd products
Designing a complete ci cd pipeline using argo events, workflow and cd products
Julian Mazzitelli
 
[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOS[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOS
Akihiro Suda
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
CJ Cullen
 
Gitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCDGitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCD
Haggai Philip Zagury
 

Recommended

Container Performance Analysis
Container Performance AnalysisContainer Performance Analysis
Container Performance Analysis
Brendan Gregg
 
eBPF - Observability In Deep
eBPF - Observability In DeepeBPF - Observability In Deep
eBPF - Observability In Deep
Mydbops
 
Helm intro
Helm introHelm intro
Helm intro
Haggai Philip Zagury
 
Linux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old SecretsLinux Performance Analysis: New Tools and Old Secrets
Linux Performance Analysis: New Tools and Old Secrets
Brendan Gregg
 
Designing a complete ci cd pipeline using argo events, workflow and cd products
Designing a complete ci cd pipeline using argo events, workflow and cd productsDesigning a complete ci cd pipeline using argo events, workflow and cd products
Designing a complete ci cd pipeline using argo events, workflow and cd products
Julian Mazzitelli
 
[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOS[KubeCon EU 2022] Running containerd and k3s on macOS
[KubeCon EU 2022] Running containerd and k3s on macOS
Akihiro Suda
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
CJ Cullen
 
Gitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCDGitlab, GitOps & ArgoCD
Gitlab, GitOps & ArgoCD
Haggai Philip Zagury
 
Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and Introduction
Stefan Schimanski
 
Multi cluster management with rancher
Multi cluster management with rancherMulti cluster management with rancher
Multi cluster management with rancher
Kyohei Mizumoto
 
An intro to Kubernetes operators
An intro to Kubernetes operatorsAn intro to Kubernetes operators
An intro to Kubernetes operators
J On The Beach
 
GitOps and ArgoCD
GitOps and ArgoCDGitOps and ArgoCD
GitOps and ArgoCD
Omar Fathy
 
Kubernetes
KubernetesKubernetes
Kubernetes
erialc_w
 
Helm.pptx
Helm.pptxHelm.pptx
Helm.pptx
SISTechnologies
 
Container Network Interface: Network Plugins for Kubernetes and beyond
Container Network Interface: Network Plugins for Kubernetes and beyondContainer Network Interface: Network Plugins for Kubernetes and beyond
Container Network Interface: Network Plugins for Kubernetes and beyond
KubeAcademy
 
An Introduction to Kubernetes
An Introduction to KubernetesAn Introduction to Kubernetes
An Introduction to Kubernetes
Imesh Gunaratne
 
BPF Internals (eBPF)
BPF Internals (eBPF)BPF Internals (eBPF)
BPF Internals (eBPF)
Brendan Gregg
 
LISA2019 Linux Systems Performance
LISA2019 Linux Systems PerformanceLISA2019 Linux Systems Performance
LISA2019 Linux Systems Performance
Brendan Gregg
 
eBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceeBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to Userspace
SUSE Labs Taipei
 
eBPF maps 101
eBPF maps 101eBPF maps 101
eBPF maps 101
SUSE Labs Taipei
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking Walkthrough
Thomas Graf
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDP
Daniel T. Lee
 
Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)
Brendan Gregg
 
eBPF Perf Tools 2019
eBPF Perf Tools 2019eBPF Perf Tools 2019
eBPF Perf Tools 2019
Brendan Gregg
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Peng Xiao
 
Kubernetes Workshop
Kubernetes WorkshopKubernetes Workshop
Kubernetes Workshop
loodse
 
BPF - in-kernel virtual machine
BPF - in-kernel virtual machineBPF - in-kernel virtual machine
BPF - in-kernel virtual machine
Alexei Starovoitov
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Gabriel Carro
 
Containerd internals: building a core container runtime
Containerd internals: building a core container runtimeContainerd internals: building a core container runtime
Containerd internals: building a core container runtime
Docker, Inc.
 
The state of containerd
The state of containerdThe state of containerd
The state of containerd
Docker, Inc.
 

More Related Content

What's hot

Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and Introduction
Stefan Schimanski
 
Multi cluster management with rancher
Multi cluster management with rancherMulti cluster management with rancher
Multi cluster management with rancher
Kyohei Mizumoto
 
An intro to Kubernetes operators
An intro to Kubernetes operatorsAn intro to Kubernetes operators
An intro to Kubernetes operators
J On The Beach
 
GitOps and ArgoCD
GitOps and ArgoCDGitOps and ArgoCD
GitOps and ArgoCD
Omar Fathy
 
Kubernetes
KubernetesKubernetes
Kubernetes
erialc_w
 
Helm.pptx
Helm.pptxHelm.pptx
Helm.pptx
SISTechnologies
 
Container Network Interface: Network Plugins for Kubernetes and beyond
Container Network Interface: Network Plugins for Kubernetes and beyondContainer Network Interface: Network Plugins for Kubernetes and beyond
Container Network Interface: Network Plugins for Kubernetes and beyond
KubeAcademy
 
An Introduction to Kubernetes
An Introduction to KubernetesAn Introduction to Kubernetes
An Introduction to Kubernetes
Imesh Gunaratne
 
BPF Internals (eBPF)
BPF Internals (eBPF)BPF Internals (eBPF)
BPF Internals (eBPF)
Brendan Gregg
 
LISA2019 Linux Systems Performance
LISA2019 Linux Systems PerformanceLISA2019 Linux Systems Performance
LISA2019 Linux Systems Performance
Brendan Gregg
 
eBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceeBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to Userspace
SUSE Labs Taipei
 
eBPF maps 101
eBPF maps 101eBPF maps 101
eBPF maps 101
SUSE Labs Taipei
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking Walkthrough
Thomas Graf
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDP
Daniel T. Lee
 
Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)
Brendan Gregg
 
eBPF Perf Tools 2019
eBPF Perf Tools 2019eBPF Perf Tools 2019
eBPF Perf Tools 2019
Brendan Gregg
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
Peng Xiao
 
Kubernetes Workshop
Kubernetes WorkshopKubernetes Workshop
Kubernetes Workshop
loodse
 
BPF - in-kernel virtual machine
BPF - in-kernel virtual machineBPF - in-kernel virtual machine
BPF - in-kernel virtual machine
Alexei Starovoitov
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
Gabriel Carro
 

What's hot (20)

Kubernetes Architecture and Introduction
Kubernetes Architecture and IntroductionKubernetes Architecture and Introduction
Kubernetes Architecture and Introduction
 
Multi cluster management with rancher
Multi cluster management with rancherMulti cluster management with rancher
Multi cluster management with rancher
 
An intro to Kubernetes operators
An intro to Kubernetes operatorsAn intro to Kubernetes operators
An intro to Kubernetes operators
 
GitOps and ArgoCD
GitOps and ArgoCDGitOps and ArgoCD
GitOps and ArgoCD
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Helm.pptx
Helm.pptxHelm.pptx
Helm.pptx
 
Container Network Interface: Network Plugins for Kubernetes and beyond
Container Network Interface: Network Plugins for Kubernetes and beyondContainer Network Interface: Network Plugins for Kubernetes and beyond
Container Network Interface: Network Plugins for Kubernetes and beyond
 
An Introduction to Kubernetes
An Introduction to KubernetesAn Introduction to Kubernetes
An Introduction to Kubernetes
 
BPF Internals (eBPF)
BPF Internals (eBPF)BPF Internals (eBPF)
BPF Internals (eBPF)
 
LISA2019 Linux Systems Performance
LISA2019 Linux Systems PerformanceLISA2019 Linux Systems Performance
LISA2019 Linux Systems Performance
 
eBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to UserspaceeBPF Trace from Kernel to Userspace
eBPF Trace from Kernel to Userspace
 
eBPF maps 101
eBPF maps 101eBPF maps 101
eBPF maps 101
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking Walkthrough
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDP
 
Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)
 
eBPF Perf Tools 2019
eBPF Perf Tools 2019eBPF Perf Tools 2019
eBPF Perf Tools 2019
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 
Kubernetes Workshop
Kubernetes WorkshopKubernetes Workshop
Kubernetes Workshop
 
BPF - in-kernel virtual machine
BPF - in-kernel virtual machineBPF - in-kernel virtual machine
BPF - in-kernel virtual machine
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 

Similar to Containerd Internals: Building a Core Container Runtime

Containerd internals: building a core container runtime
Containerd internals: building a core container runtimeContainerd internals: building a core container runtime
Containerd internals: building a core container runtime
Docker, Inc.
 
The state of containerd
The state of containerdThe state of containerd
The state of containerd
Docker, Inc.
 
The State of containerd
The State of containerdThe State of containerd
The State of containerd
Moby Project
 
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
NETWAYS
 
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV ClusterMethod of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
byonggon chun
 
Docker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionDocker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine Evolution
Phil Estes
 
DockerCon 2022 - From legacy to Kubernetes, securely & quickly
DockerCon 2022 - From legacy to Kubernetes, securely & quicklyDockerCon 2022 - From legacy to Kubernetes, securely & quickly
DockerCon 2022 - From legacy to Kubernetes, securely & quickly
Eric Smalling
 
Docker Meetup Rosenheim: Container Runtimes
Docker Meetup Rosenheim: Container RuntimesDocker Meetup Rosenheim: Container Runtimes
Docker Meetup Rosenheim: Container Runtimes
Nico Meisenzahl
 
OpenStack Cinder Best Practices - Meet Up
OpenStack Cinder Best Practices - Meet UpOpenStack Cinder Best Practices - Meet Up
OpenStack Cinder Best Practices - Meet Up
Aaron Delp
 
The App Developer's Kubernetes Toolbox
The App Developer's Kubernetes ToolboxThe App Developer's Kubernetes Toolbox
The App Developer's Kubernetes Toolbox
Nebulaworks
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Radulescu Adina-Valentina
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
Dongwon Kim
 
containerd the universal container runtime
containerd the universal container runtimecontainerd the universal container runtime
containerd the universal container runtime
Docker, Inc.
 
Kubernetes for java developers - Tutorial at Oracle Code One 2018
Kubernetes for java developers - Tutorial at Oracle Code One 2018Kubernetes for java developers - Tutorial at Oracle Code One 2018
Kubernetes for java developers - Tutorial at Oracle Code One 2018
Anthony Dahanne
 
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container RuntimesWhose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Phil Estes
 
Webinar: Enabling Microservices with Containers, Orchestration, and MongoDB
Webinar: Enabling Microservices with Containers, Orchestration, and MongoDBWebinar: Enabling Microservices with Containers, Orchestration, and MongoDB
Webinar: Enabling Microservices with Containers, Orchestration, and MongoDB
MongoDB
 
Kubernetes - how to orchestrate containers
Kubernetes - how to orchestrate containersKubernetes - how to orchestrate containers
Kubernetes - how to orchestrate containers
inovex GmbH
 
Docker Meetup - Melbourne 2015 - Kubernetes Deep Dive
Docker Meetup - Melbourne 2015 - Kubernetes Deep DiveDocker Meetup - Melbourne 2015 - Kubernetes Deep Dive
Docker Meetup - Melbourne 2015 - Kubernetes Deep Dive
Ken Thompson
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
Vishal Biyani
 
A Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsA Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container Platforms
Salman Baset
 

Similar to Containerd Internals: Building a Core Container Runtime (20)

Containerd internals: building a core container runtime
Containerd internals: building a core container runtimeContainerd internals: building a core container runtime
Containerd internals: building a core container runtime
 
The state of containerd
The state of containerdThe state of containerd
The state of containerd
 
The State of containerd
The State of containerdThe State of containerd
The State of containerd
 
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...OSDC 2018 | Three years running containers with Kubernetes in Production by T...
OSDC 2018 | Three years running containers with Kubernetes in Production by T...
 
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV ClusterMethod of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
Method of NUMA-Aware Resource Management for Kubernetes 5G NFV Cluster
 
Docker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionDocker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine Evolution
 
DockerCon 2022 - From legacy to Kubernetes, securely & quickly
DockerCon 2022 - From legacy to Kubernetes, securely & quicklyDockerCon 2022 - From legacy to Kubernetes, securely & quickly
DockerCon 2022 - From legacy to Kubernetes, securely & quickly
 
Docker Meetup Rosenheim: Container Runtimes
Docker Meetup Rosenheim: Container RuntimesDocker Meetup Rosenheim: Container Runtimes
Docker Meetup Rosenheim: Container Runtimes
 
OpenStack Cinder Best Practices - Meet Up
OpenStack Cinder Best Practices - Meet UpOpenStack Cinder Best Practices - Meet Up
OpenStack Cinder Best Practices - Meet Up
 
The App Developer's Kubernetes Toolbox
The App Developer's Kubernetes ToolboxThe App Developer's Kubernetes Toolbox
The App Developer's Kubernetes Toolbox
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
 
Docker and kubernetes
Docker and kubernetesDocker and kubernetes
Docker and kubernetes
 
containerd the universal container runtime
containerd the universal container runtimecontainerd the universal container runtime
containerd the universal container runtime
 
Kubernetes for java developers - Tutorial at Oracle Code One 2018
Kubernetes for java developers - Tutorial at Oracle Code One 2018Kubernetes for java developers - Tutorial at Oracle Code One 2018
Kubernetes for java developers - Tutorial at Oracle Code One 2018
 
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container RuntimesWhose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
Whose Job Is It Anyway? Kubernetes, CRI, & Container Runtimes
 
Webinar: Enabling Microservices with Containers, Orchestration, and MongoDB
Webinar: Enabling Microservices with Containers, Orchestration, and MongoDBWebinar: Enabling Microservices with Containers, Orchestration, and MongoDB
Webinar: Enabling Microservices with Containers, Orchestration, and MongoDB
 
Kubernetes - how to orchestrate containers
Kubernetes - how to orchestrate containersKubernetes - how to orchestrate containers
Kubernetes - how to orchestrate containers
 
Docker Meetup - Melbourne 2015 - Kubernetes Deep Dive
Docker Meetup - Melbourne 2015 - Kubernetes Deep DiveDocker Meetup - Melbourne 2015 - Kubernetes Deep Dive
Docker Meetup - Melbourne 2015 - Kubernetes Deep Dive
 
Introduction to Kubernetes
Introduction to KubernetesIntroduction to Kubernetes
Introduction to Kubernetes
 
A Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsA Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container Platforms
 

More from Phil Estes

Enabling Security via Container Runtimes
Enabling Security via Container RuntimesEnabling Security via Container Runtimes
Enabling Security via Container Runtimes
Phil Estes
 
Extended and embedding: containerd update & project use cases
Extended and embedding: containerd update & project use casesExtended and embedding: containerd update & project use cases
Extended and embedding: containerd update & project use cases
Phil Estes
 
Cloud Native TLV Meetup: Securing Containerized Applications Primer
Cloud Native TLV Meetup: Securing Containerized Applications PrimerCloud Native TLV Meetup: Securing Containerized Applications Primer
Cloud Native TLV Meetup: Securing Containerized Applications Primer
Phil Estes
 
Securing Containerized Applications: A Primer
Securing Containerized Applications: A PrimerSecuring Containerized Applications: A Primer
Securing Containerized Applications: A Primer
Phil Estes
 
Securing Containerized Applications: A Primer
Securing Containerized Applications: A PrimerSecuring Containerized Applications: A Primer
Securing Containerized Applications: A Primer
Phil Estes
 
Let's Try Every CRI Runtime Available for Kubernetes
Let's Try Every CRI Runtime Available for KubernetesLet's Try Every CRI Runtime Available for Kubernetes
Let's Try Every CRI Runtime Available for Kubernetes
Phil Estes
 
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
Phil Estes
 
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
Phil Estes
 
Giving Back to Upstream | DockerCon 2019
Giving Back to Upstream | DockerCon 2019Giving Back to Upstream | DockerCon 2019
Giving Back to Upstream | DockerCon 2019
Phil Estes
 
What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.
Phil Estes
 
FOSDEM 2019: A containerd Project Update
FOSDEM 2019: A containerd Project UpdateFOSDEM 2019: A containerd Project Update
FOSDEM 2019: A containerd Project Update
Phil Estes
 
CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?
Phil Estes
 
Docker Athens: Docker Engine Evolution & Containerd Use Cases
Docker Athens: Docker Engine Evolution & Containerd Use CasesDocker Athens: Docker Engine Evolution & Containerd Use Cases
Docker Athens: Docker Engine Evolution & Containerd Use Cases
Phil Estes
 
It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?
Phil Estes
 
Docker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete ComponentsDocker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete Components
Phil Estes
 
An Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open CommunitiesAn Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open Communities
Phil Estes
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018
Phil Estes
 
Embedding Containerd For Fun and Profit
Embedding Containerd For Fun and ProfitEmbedding Containerd For Fun and Profit
Embedding Containerd For Fun and Profit
Phil Estes
 
Bucketbench: Benchmarking Container Runtime Performance
Bucketbench: Benchmarking Container Runtime PerformanceBucketbench: Benchmarking Container Runtime Performance
Bucketbench: Benchmarking Container Runtime Performance
Phil Estes
 
Container Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's EnginesContainer Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's Engines
Phil Estes
 

More from Phil Estes (20)

Enabling Security via Container Runtimes
Enabling Security via Container RuntimesEnabling Security via Container Runtimes
Enabling Security via Container Runtimes
 
Extended and embedding: containerd update & project use cases
Extended and embedding: containerd update & project use casesExtended and embedding: containerd update & project use cases
Extended and embedding: containerd update & project use cases
 
Cloud Native TLV Meetup: Securing Containerized Applications Primer
Cloud Native TLV Meetup: Securing Containerized Applications PrimerCloud Native TLV Meetup: Securing Containerized Applications Primer
Cloud Native TLV Meetup: Securing Containerized Applications Primer
 
Securing Containerized Applications: A Primer
Securing Containerized Applications: A PrimerSecuring Containerized Applications: A Primer
Securing Containerized Applications: A Primer
 
Securing Containerized Applications: A Primer
Securing Containerized Applications: A PrimerSecuring Containerized Applications: A Primer
Securing Containerized Applications: A Primer
 
Let's Try Every CRI Runtime Available for Kubernetes
Let's Try Every CRI Runtime Available for KubernetesLet's Try Every CRI Runtime Available for Kubernetes
Let's Try Every CRI Runtime Available for Kubernetes
 
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
CraftConf 2019: CRI Runtimes Deep Dive: Who Is Running My Pod?
 
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
JAX Con 2019: Containers. Microservices. Cloud. Open Source. Fantasy or Reali...
 
Giving Back to Upstream | DockerCon 2019
Giving Back to Upstream | DockerCon 2019Giving Back to Upstream | DockerCon 2019
Giving Back to Upstream | DockerCon 2019
 
What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.What's Running My Containers? A review of runtimes and standards.
What's Running My Containers? A review of runtimes and standards.
 
FOSDEM 2019: A containerd Project Update
FOSDEM 2019: A containerd Project UpdateFOSDEM 2019: A containerd Project Update
FOSDEM 2019: A containerd Project Update
 
CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?CRI Runtimes Deep-Dive: Who's Running My Pod!?
CRI Runtimes Deep-Dive: Who's Running My Pod!?
 
Docker Athens: Docker Engine Evolution & Containerd Use Cases
Docker Athens: Docker Engine Evolution & Containerd Use CasesDocker Athens: Docker Engine Evolution & Containerd Use Cases
Docker Athens: Docker Engine Evolution & Containerd Use Cases
 
It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?It's 2018. Are My Containers Secure Yet!?
It's 2018. Are My Containers Secure Yet!?
 
Docker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete ComponentsDocker Engine Evolution: From Monolith to Discrete Components
Docker Engine Evolution: From Monolith to Discrete Components
 
An Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open CommunitiesAn Open Source Story: Open Containers & Open Communities
An Open Source Story: Open Containers & Open Communities
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018
 
Embedding Containerd For Fun and Profit
Embedding Containerd For Fun and ProfitEmbedding Containerd For Fun and Profit
Embedding Containerd For Fun and Profit
 
Bucketbench: Benchmarking Container Runtime Performance
Bucketbench: Benchmarking Container Runtime PerformanceBucketbench: Benchmarking Container Runtime Performance
Bucketbench: Benchmarking Container Runtime Performance
 
Container Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's EnginesContainer Runtimes: Comparing and Contrasting Today's Engines
Container Runtimes: Comparing and Contrasting Today's Engines
 

Recently uploaded

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
Philip Schwarz
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
IES VE
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
Globus
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
Georgi Kodinov
 
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
Tier1 app
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
Globus
 
top nidhi software solution freedownload
top nidhi software solution freedownloadtop nidhi software solution freedownload
top nidhi software solution freedownload
vrstrong314
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
Globus
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.ILBeyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Natan Silnitsky
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
XfilesPro
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
Max Andersen
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Globus
 
Enterprise Resource Planning System in Telangana
Enterprise Resource Planning System in TelanganaEnterprise Resource Planning System in Telangana
Enterprise Resource Planning System in Telangana
NYGGS Automation Suite
 
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxTop Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
rickgrimesss22
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
Globus
 

Recently uploaded (20)

Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
 
GlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote sessionGlobusWorld 2024 Opening Keynote session
GlobusWorld 2024 Opening Keynote session
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
 
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERROR
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
 
Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024Globus Compute Introduction - GlobusWorld 2024
Globus Compute Introduction - GlobusWorld 2024
 
top nidhi software solution freedownload
top nidhi software solution freedownloadtop nidhi software solution freedownload
top nidhi software solution freedownload
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.ILBeyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
Beyond Event Sourcing - Embracing CRUD for Wix Platform - Java.IL
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
 
Enterprise Resource Planning System in Telangana
Enterprise Resource Planning System in TelanganaEnterprise Resource Planning System in Telangana
Enterprise Resource Planning System in Telangana
 
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxTop Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
How to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good PracticesHow to Position Your Globus Data Portal for Success Ten Good Practices
How to Position Your Globus Data Portal for Success Ten Good Practices
 

Containerd Internals: Building a Core Container Runtime

  • 1. Containerd Internals: Building a Core Container Runtime Stephen Day, Docker Phil Estes, IBM September 11, 2017 #OSSummit
  • 2. A Brief History APRIL 2016 Containerd “0.2” announced, Docker 1.11 DECEMBER 2016Announce expansion of containerd OSS project Management/Supervisor for the OCI runc executor Containerd 1.0: A core container runtime project for the industry MARCH 2017 Containerd project contributed to CNCF
  • 3. runc containerd Why Containerd 1.0? ▪ Continue projects spun out from monolithic Docker engine ▪ Expected use beyond Docker engine (Kubernetes CRI) ▪ Donation to foundation for broad industry collaboration ▫ Similar to runc/libcontainer and the OCI
  • 4. Technical Goals/Intentions ▪ Clean gRPC-based API + client library ▪ Full OCI support (runtime and image spec) ▪ Stability and performance with tight, well-defined core of container function ▪ Decoupled systems (image, filesystem, runtime) for pluggability, reuse
  • 5. Requirements - A la carte: use only what is required - Runtime agility: fits into different platforms - Pass-through container configuration (direct OCI) - Decoupled - Use known-good technology - OCI container runtime and images - gRPC for API - Prometheus for Metrics
  • 6. Runtimes Metadata Architecture ContainersContent DiffSnapshot Tasks EventsImages GRPC Metrics Runtimes Storage OS
  • 7. Architecture containerd OS (Storage, FS, Networking Runtimes API Client (moby, containerd-cri, etc.)
  • 8. Containerd: Rich Go API Getting Started https://github.com/containerd/containerd/blob/master/docs/getting-started.md GoDoc https://godoc.org/github.com/containerd/containerd
  • 10. # HELP container_blkio_io_service_bytes_recursive_bytes The blkio io service bytes recursive # TYPE container_blkio_io_service_bytes_recursive_bytes gauge container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Async"} 1.07159552e+08 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Read"} 0 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Sync"} 81920 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Total"} 1.07241472e+08 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Write"} 1.07241472e+08 # HELP container_blkio_io_serviced_recursive_total The blkio io servied recursive # TYPE container_blkio_io_serviced_recursive_total gauge container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Async"} 892 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Read"} 0 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Sync"} 888 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Total"} 1780 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Write"} 1780 # HELP container_cpu_kernel_nanoseconds The total kernel cpu time # TYPE container_cpu_kernel_nanoseconds gauge container_cpu_kernel_nanoseconds{container_id="foo4",namespace="default"} 2.6e+08 # HELP container_cpu_throttle_periods_total The total cpu throttle periods # TYPE container_cpu_throttle_periods_total gauge container_cpu_throttle_periods_total{container_id="foo4",namespace="default"} 0 # HELP container_cpu_throttled_periods_total The total cpu throttled periods # TYPE container_cpu_throttled_periods_total gauge container_cpu_throttled_periods_total{container_id="foo4",namespace="default"} 0 # HELP container_cpu_throttled_time_nanoseconds The total cpu throttled time # TYPE container_cpu_throttled_time_nanoseconds gauge container_cpu_throttled_time_nanoseconds{container_id="foo4",namespace="default"} 0 # HELP container_cpu_total_nanoseconds The total cpu time # TYPE container_cpu_total_nanoseconds gauge container_cpu_total_nanoseconds{container_id="foo4",namespace="default"} 1.003301578e+09 # HELP container_cpu_user_nanoseconds The total user cpu time # TYPE container_cpu_user_nanoseconds gauge container_cpu_user_nanoseconds{container_id="foo4",namespace="default"} 7e+08 # HELP container_hugetlb_failcnt_total The hugetlb failcnt # TYPE container_hugetlb_failcnt_total gauge container_hugetlb_failcnt_total{container_id="foo4",namespace="default",page="1GB"} 0 container_hugetlb_failcnt_total{container_id="foo4",namespace="default",page="2MB"} 0 # HELP container_hugetlb_max_bytes The hugetlb maximum usage # TYPE container_hugetlb_max_bytes gauge container_hugetlb_max_bytes{container_id="foo4",namespace="default",page="1GB"} 0 container_hugetlb_max_bytes{container_id="foo4",namespace="default",page="2MB"} 0 # HELP container_hugetlb_usage_bytes The hugetlb usage # TYPE container_hugetlb_usage_bytes gauge container_hugetlb_usage_bytes{container_id="foo4",namespace="default",page="1GB"} 0 container_hugetlb_usage_bytes{container_id="foo4",namespace="default",page="2MB"} 0 # HELP container_memory_active_anon_bytes The active_anon amount # TYPE container_memory_active_anon_bytes gauge container_memory_active_anon_bytes{container_id="foo4",namespace="default"} 2.658304e+06 # HELP container_memory_active_file_bytes The active_file amount # TYPE container_memory_active_file_bytes gauge container_memory_active_file_bytes{container_id="foo4",namespace="default"} 7.319552e+06 # HELP container_memory_cache_bytes The cache amount used # TYPE container_memory_cache_bytes gauge container_memory_cache_bytes{container_id="foo4",namespace="default"} 5.0597888e+07 # HELP container_memory_dirty_bytes The dirty amount Metrics
  • 11. Pulling an Image What do runtimes need?
  • 12. { "schemaVersion": 2, "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json", "manifests": [ { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2094, "digest": "sha256:7820f9a86d4ad15a2c4f0c0e5479298df2aa7c2f6871288e2ef8546f3e7b6783", "platform": { "architecture": "ppc64le", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 1922, "digest": "sha256:ae1b0e06e8ade3a11267564a26e750585ba2259c0ecab59ab165ad1af41d1bdd", "platform": { "architecture": "amd64", "os": "linux", "features": [ "sse" ] } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:e4c0df75810b953d6717b8f8f28298d73870e8aa2a0d5e77b8391f16fdfbbbe2", "platform": { "architecture": "s390x", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:07ebe243465ef4a667b78154ae6c3ea46fdb1582936aac3ac899ea311a701b40", "platform": { "architecture": "arm", "os": "linux", "variant": "armv7" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2090, "digest": "sha256:fb2fc0707b86dafa9959fe3d29e66af8787aee4d9a23581714be65db4265ad8a", "platform": { "architecture": "arm64", "os": "linux", "variant": "armv8" } Image Formats Index (Manifest List) linux amd64 linux ppc64le windows amd64 Manifests: Manifest linux arm64 Layers: Config: L0 L1 Ln Root Filesystem /usr /bin /dev /etc /home /lib C OCI Spec process args env cwd … root mounts Docker and OCI
  • 13. Content Addressability digest.FromString(“foo”) -> “sha256:2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae” digest.FromString(“foo tampered”) -> “sha256:51f7f1d1f6bebed72b936c8ea257896cb221b91d303c5b5c44073fce33ab8dd8” digest.FromString(“bar sha256:2c...”) -> “sha256:2e94890c66fbcccca9ad680e1b1c933cc323a5b4bcb14cc8a4bc78bb88d41055” “foo” “bar sha256:2c…” “foo tampered” “bar sha256:2c…”
  • 14. { "schemaVersion": 2, "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json", "manifests": [ { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2094, "digest": "sha256:7820f9a86d4ad15a2c4f0c0e5479298df2aa7c2f6871288e2ef8546f3e7b6783", "platform": { "architecture": "ppc64le", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 1922, "digest": "sha256:ae1b0e06e8ade3a11267564a26e750585ba2259c0ecab59ab165ad1af41d1bdd", "platform": { "architecture": "amd64", "os": "linux", "features": [ "sse" ] } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:e4c0df75810b953d6717b8f8f28298d73870e8aa2a0d5e77b8391f16fdfbbbe2", "platform": { "architecture": "s390x", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:07ebe243465ef4a667b78154ae6c3ea46fdb1582936aac3ac899ea311a701b40", "platform": { "architecture": "arm", "os": "linux", "variant": "armv7" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2090, "digest": "sha256:fb2fc0707b86dafa9959fe3d29e66af8787aee4d9a23581714be65db4265ad8a", "platform": { "architecture": "arm64", "os": "linux", "variant": "armv8" } Image Formats Docker and OCI Index (Manifest List) linux amd64 linux ppc64le windows amd64 Manifests: Manifest linux arm64 Layers: Config: L0 Ln C Digest Layer File 0 Layer File 1 Layer File N L1 Digest Digest Digest Digest
  • 15. Resolution Getting a digest from a name: 15 ubuntu sha256:71cd81252a3563a03ad8daee81047b62ab5d892ebbfbf71cf53415f29c130950
  • 16. Pulling an Image Data Flow Content Images Snapshots Pull Fetch Unpack Events Remote Mounts
  • 17. Remotes Locators and Resolution type Fetcher interface { Fetch(ctx context.Context, id string, hints ...string) (io.ReadCloser, error) } type Resolver interface { Resolve(ctx context.Context, locator string) (Fetcher, error) } fetcher := resolver.Resolve("docker.io/library/ubuntu") Endlessly Configurable! (hint: think git remotes)
  • 18. Example: Pull an Image Via ctr client: $ export CONTAINERD_NAMESPACE=example $ ctr pull docker.io/library/redis:alpine $ ctr image ls ... import ( "context" "github.com/containerd/containerd" "github.com/containerd/containerd/namespaces" ) // connect to our containerd daemon client, err := containerd.New("/run/containerd/containerd.sock") defer client.Close() // set our namespace to “example”: ctx := namespaces.WithNamespace(context.Background(), "example") // pull the alpine-based redis image from DockerHub: image, err := client.Pull(ctx, "docker.io/library/redis:alpine", containerd.WithPullUnpack)
  • 19. Snapshotters How do you build a container root filesystem?
  • 20. Snapshots ● No mounting, just returns mounts! ● Explicit active (rw) and committed (ro) ● Commands represent lifecycle ● Reference key chosen by caller (allows using content addresses) ● No tars and no diffs Evolved from Graph Drivers ● Simple layer relationships ● Small and focused interface ● Non-opinionated string keys ● External Mount Lifecycle type Snapshotter interface { Stat(key string) (Info, error) Mounts(key string) ([]containerd.Mount, error) Prepare(key, parent string) ([]containerd.Mount, error) View(key, parent string) ([]containerd.Mount, error) Commit(name, key string) error Remove(key string) error Walk(fn func(Info) error) error } type Info struct { Name string // name or key of snapshot Parent string Kind Kind } type Kind int const ( KindView KindActive KindCommitted )
  • 21. Active Committed Prepare(a, P0 ) Commit(P1 , a′) Snapshot Model P0a a′ a′′ P1 P2 Commit(P2 , a′′) Remove(c) Prepare(a′′, P1 )
  • 22. Example: Investigating Root Filesystem $ ctr snapshot ls … $ ctr snapshot tree … $ ctr snapshot mounts <target> <id>
  • 23. Pulling an Image 1. Resolve manifest or index (manifest list) 2. Download all the resources referenced by the manifest 3. Unpack layers into snapshots 4. Register the mappings between manifests and constituent resources
  • 24. Pulling an Image Data Flow Content Images Snapshots Pull Fetch Unpack Events Remote Mounts
  • 25. Starting a Container 1. Initialize a root filesystem (RootFS) from snapshot 2. Setup OCI configuration (config.json) 3. Use metadata from container and snapshotter to specify config and mounts 4. Start process via the task service
  • 26. Starting a Container Images Snapshot Run Initialize Start Events Running Containers Containers Tasks Setup
  • 27. Example: Run a Container Via ctr client: $ export CONTAINERD_NAMESPACE=example $ ctr run -t docker.io/library/redis:alpine redis-server $ ctr c ... // create our container object and config container, err := client.NewContainer(ctx, "redis-server", containerd.WithImage(image), containerd.WithNewSpec(containerd.WithImageConfig(image)), ) defer container.Delete() // create a task from the container task, err := container.NewTask(ctx, containerd.Stdio) defer task.Delete(ctx) // make sure we wait before calling start exitStatusC, err := task.Wait(ctx) // call start on the task to execute the redis server if err := task.Start(ctx); err != nil { return err }
  • 28. Example: Kill a Task Via ctr client: $ export CONTAINERD_NAMESPACE=example $ ctr t kill redis-server $ ctr t ls ... // make sure we wait before calling start exitStatusC, err := task.Wait(ctx) time.Sleep(3 * time.Second) if err := task.Kill(ctx, syscall.SIGTERM); err != nil { return err } // retrieve the process exit status from the channel status := <-exitStatusC code, exitedAt, err := status.Result() if err != nil { return err } // print out the exit code from the process fmt.Printf("redis-server exited with status: %dn", code)
  • 29. Example: Customize OCI Configuration // WithHtop configures a container to monitor the host via `htop` func WithHtop(s *specs.Spec) error { // make sure we are in the host pid namespace if err := containerd.WithHostNamespace(specs.PIDNamespace)(s); err != nil { return err } // make sure we set htop as our arg s.Process.Args = []string{"htop"} // make sure we have a tty set for htop if err := containerd.WithTTY(s); err != nil { return err } return nil } With{func} functions cleanly separate modifiers
  • 30. Customization - Linux Namespaces -> WithLinuxNamespace - Networking -> WithNetwork - Volumes -> WithVolume
  • 31. Use cases - CURRENT - Docker (moby) - Kubernetes (cri-containerd) - SwarmKit (experimental) - LinuxKit - BuildKit - FUTURE/POTENTIAL - IBM Cloud/Bluemix - OpenFaaS - {your project here}
  • 33. Going further with containerd ▪ Contributing: https://github.com/containerd/containerd ▫ Bug fixes, adding tests, improving docs, validation ▪ Using: See the getting started documentation in the docs folder of the repo ▪ Porting/testing: Other architectures & OSs, stress testing (see bucketbench, containerd-stress): ▫ git clone <repo>, make binaries, sudo make install ▪ K8s CRI: incubation project to use containerd as CRI ▫ In alpha today; e2e tests, validation, contributing
  • 34. Moby Summit at OSS NA Thursday, September 14, 2017 “An open framework to assemble specialized container systems without reinventing the wheel.” Tickets: https://www.eventbrite.com/e/moby-summit-los-angeles-tickets-35930560273
  • 35. Bella Center, Copenhagen 16-19 October, 2017 https://europe-2017.dockercon.com/ 10% discount code: CaptainPhil
  • 36. Thank You! Questions? ▪ Stephen Day ▫ https://github.com/stevvooe ▫ stephen@docker.com ▫ Twitter: @stevvooe ▪ Phil Estes ▫ https://github.com/estesp ▫ estesp@gmail.com ▫ Twitter: @estesp