Docker, Inc., profile picture
Uploaded byDocker, Inc.
PDF, PPTX271 views

Labels, Labels, Labels

The document discusses the importance of using labels in software development for security, simplicity, and documentation. It provides specific examples of label schemas for container images, including details about authors, version control, and build information. Additionally, it outlines how to create and view these labels using Docker and Kubernetes commands.

Embed presentation

Download as PDF, PPTX
Andy Clemenko Labels, Labels, Labels… Senior Solutions Engineer, StackRox @clemenko clemenko andy@stackrox.com
https://andyc.info/dc20
Why Labels? • Security • Simplicity • Self Documenting • Audit Trail
Label Schema Key = Value • Author • Date • Description • Version • and more…
Labels for CI? • Source - Version Control • Commit Number • How to build • Where it was built • Build number
Labels for Security • Build Server • Version Control • Commit Number • How to was built • Build number
Sample Labels "org.opencontainers.image.authors": "clemenko@gmail.com", "org.opencontainers.image.source": "https://github.com/clemenko/dc20_labels/tree/master/demo_flask", "org.opencontainers.image.build": "docker build -t clemenko/flask_demo..." , "org.opencontainers.image.build_number": 22, "org.opencontainers.image.build.server": http://jenkins.dockr.life/, ”org.opencontainers.image.commit": "98c997f", "org.opencontainers.image.created": "05/07/20", "org.opencontainers.image.description": "The repository contains a simple flask application.", "org.opencontainers.image.healthz": "/healthz", "org.opencontainers.image.version": "0.1", "org.opencontainers.image.title": "clemenko/flask_demo", "org.zdocker.compose": ... , "org.zdocker.k8s": ...
Create Labels • Dockerfile • Build Argument • docker build - -label key=value LABEL org.opencontainers.image.authors=$BUILD_SIGNATURE org.opencontainers.image.source="https://github.com/cleme org.opencontainers.image.created=$BUILD_DATE org.opencontainers.image.build_number=$BUILD_NUMBER org.opencontainers.image.commit=$GIT_COMMIT org.opencontainers.image.build.server=$JENKINS_URL org.opencontainers.image.title="clemenko/flask_demo" org.opencontainers.image.description="The repository cont flask --> redis." org.opencontainers.image.version=$BUILD_VERSION org.opencontainers.image.healthz="/healthz"
View Labels • docker pull; docker inspect • skopeo $ skopeo inspect docker://docker.io/clemenko/flask_demo:prod | jq -r ' { "org.opencontainers.image.authors": "clemenko@gmail.com", "org.opencontainers.image.build.server": "http://jenkins.dockr.life/ "org.opencontainers.image.build_number": "2", "org.opencontainers.image.commit": "cb03b31", "org.opencontainers.image.created": "05/14/20", "org.opencontainers.image.healthz": "/healthz", "org.opencontainers.image.source": "https://github.com/clemenko/dc20 demo_flask", "org.opencontainers.image.title": "clemenko/flask_demo", "org.opencontainers.image.version": “0.1”…
Use Labels - k8s $ skopeo inspect docker://docker.io/clemenko/flask_demo:prod | jq -r '.Labels."org.zdocker.k8s"'| base64 -D | kubectl apply -f - namespace/flask created deployment.apps/flask created deployment.apps/mongo created deployment.apps/redis created service/flask created service/redis created service/mongo created ingress.networking.k8s.io/flask created ingressroute.traefik.containo.us/flask-ingressroute created
DEMO
Demo Stack ● DigitalOcean - Ubuntu 19.10 VMS ● k3s ● Traefik - Ingress Controller ● Jenkins - CI ● StackRox - Image Scanning and policy
https://andyc.info/dc20 thanks! andy@stackrox.com

More Related Content

PDF
How To Build and Run Node Apps with Docker and Compose
byDocker, Inc.
 
PDF
Exploring Docker in CI/CD
byHenry Huang
 
PDF
Become a Docker Power User With Microsoft Visual Studio Code
byDocker, Inc.
 
PDF
How to Use Mirroring and Caching to Optimize your Container Registry
byDocker, Inc.
 
PDF
Drone CI - Container native continuous Integration / Delivery
byPatrick Jahns
 
DOCX
Build Your Own SaaS using Docker
byJulien Barbier
 
PPTX
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
bydevopsdaysaustin
 
PPTX
Continuous Delivery with Jenkins & Kubernetes @ Sky
byAdriana Vasiu
 
How To Build and Run Node Apps with Docker and Compose
byDocker, Inc.
 
Exploring Docker in CI/CD
byHenry Huang
 
Become a Docker Power User With Microsoft Visual Studio Code
byDocker, Inc.
 
How to Use Mirroring and Caching to Optimize your Container Registry
byDocker, Inc.
 
Drone CI - Container native continuous Integration / Delivery
byPatrick Jahns
 
Build Your Own SaaS using Docker
byJulien Barbier
 
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
bydevopsdaysaustin
 
Continuous Delivery with Jenkins & Kubernetes @ Sky
byAdriana Vasiu
 

What's hot

PPTX
Docker Security workshop slides
byDocker, Inc.
 
PPTX
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
byDocker, Inc.
 
PDF
Jenkins & IaC
byHungWei Chiu
 
PPTX
Continuous Delivery With Selenium Grid And Docker
byBarbara Gonzalez
 
PDF
How to Improve Your Image Builds Using Advance Docker Build
byDocker, Inc.
 
PDF
Container orchestration from theory to practice
byDocker, Inc.
 
PDF
Continuous Delivery Pipeline with Docker and Jenkins
byCamilo Ribeiro
 
PDF
From Zero Docker to Hackathon Winner - Marcos Lilljedahl and Jimena Tapia
byDocker, Inc.
 
PDF
Activision's Skypilot: Delivering Amazing Game Experiences Through Containeri...
byDocker, Inc.
 
PDF
Improve your Java Environment with Docker
byHanoiJUG
 
PDF
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
byDocker, Inc.
 
PDF
Democratizing Development - Scott Gress
byDocker, Inc.
 
PDF
Build & Deploy Multi-Container Applications to AWS
byDocker, Inc.
 
PDF
Online Meetup: Why should container system / platform builders care about con...
byDocker, Inc.
 
PDF
GDGSCL - Docker a jeho provoz v Heroku a AWS
byLadislav Prskavec
 
PDF
Dockers zero to hero
byNicolas De Loof
 
PPTX
Zero to Continuous Delivery on Google Cloud
byJames Heggs
 
PPTX
Docker and Windows: The State of the Union
byElton Stoneman
 
PDF
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
byDocker, Inc.
 
PDF
OpenStack Preso: DevOps on Hybrid Infrastructure
byrhirschfeld
 
Docker Security workshop slides
byDocker, Inc.
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
byDocker, Inc.
 
Jenkins & IaC
byHungWei Chiu
 
Continuous Delivery With Selenium Grid And Docker
byBarbara Gonzalez
 
How to Improve Your Image Builds Using Advance Docker Build
byDocker, Inc.
 
Container orchestration from theory to practice
byDocker, Inc.
 
Continuous Delivery Pipeline with Docker and Jenkins
byCamilo Ribeiro
 
From Zero Docker to Hackathon Winner - Marcos Lilljedahl and Jimena Tapia
byDocker, Inc.
 
Activision's Skypilot: Delivering Amazing Game Experiences Through Containeri...
byDocker, Inc.
 
Improve your Java Environment with Docker
byHanoiJUG
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
byDocker, Inc.
 
Democratizing Development - Scott Gress
byDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
byDocker, Inc.
 
Online Meetup: Why should container system / platform builders care about con...
byDocker, Inc.
 
GDGSCL - Docker a jeho provoz v Heroku a AWS
byLadislav Prskavec
 
Dockers zero to hero
byNicolas De Loof
 
Zero to Continuous Delivery on Google Cloud
byJames Heggs
 
Docker and Windows: The State of the Union
byElton Stoneman
 
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
byDocker, Inc.
 
OpenStack Preso: DevOps on Hybrid Infrastructure
byrhirschfeld
 

Similar to Labels, Labels, Labels

PPTX
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
byDocker, Inc.
 
PDF
Into The Box 2018 Going live with commandbox and docker
byOrtus Solutions, Corp
 
PPTX
Docker - A curtain raiser to the Container world
byzekeLabs Technologies
 
PPTX
Docker Ecosystem on Azure
byPatrick Chanezon
 
PDF
Présentation de Docker
byProto204
 
PDF
Managing Open Source software in the Docker era
bynexB Inc.
 
PDF
How to write a Dockerfile
byKnoldus Inc.
 
PDF
Going live with BommandBox and docker Into The Box 2018
byOrtus Solutions, Corp
 
PDF
Dockercon EU 2014
byRafe Colton
 
PDF
Dockercon 23 - Getting started with Docker
byssuserfb6acb
 
PDF
Work shop - an introduction to the docker ecosystem
byJoão Pedro Harbs
 
PDF
Be a better developer with Docker (revision 3)
byNicola Paolucci
 
PPTX
Docker for developers z java
byandrzejsydor
 
PDF
Docker Up and Running Introduction
byMark Beacom
 
PPTX
Academy PRO: Docker. Lecture 2
byBinary Studio
 
PPTX
Academy PRO: Docker. Part 2
byBinary Studio
 
PDF
Docker in a JS Developer’s Life
byGlobalLogic Ukraine
 
PPTX
Effective images remix
by🎥 Brent Langston
 
PDF
Getting Started with Docker
byAnup Segu
 
PDF
The Challenges of Container Configuration
byGareth Rushgrove
 
The Tale of a Docker-based Continuous Delivery Pipeline by Rafe Colton (ModCl...
byDocker, Inc.
 
Into The Box 2018 Going live with commandbox and docker
byOrtus Solutions, Corp
 
Docker - A curtain raiser to the Container world
byzekeLabs Technologies
 
Docker Ecosystem on Azure
byPatrick Chanezon
 
Présentation de Docker
byProto204
 
Managing Open Source software in the Docker era
bynexB Inc.
 
How to write a Dockerfile
byKnoldus Inc.
 
Going live with BommandBox and docker Into The Box 2018
byOrtus Solutions, Corp
 
Dockercon EU 2014
byRafe Colton
 
Dockercon 23 - Getting started with Docker
byssuserfb6acb
 
Work shop - an introduction to the docker ecosystem
byJoão Pedro Harbs
 
Be a better developer with Docker (revision 3)
byNicola Paolucci
 
Docker for developers z java
byandrzejsydor
 
Docker Up and Running Introduction
byMark Beacom
 
Academy PRO: Docker. Lecture 2
byBinary Studio
 
Academy PRO: Docker. Part 2
byBinary Studio
 
Docker in a JS Developer’s Life
byGlobalLogic Ukraine
 
Effective images remix
by🎥 Brent Langston
 
Getting Started with Docker
byAnup Segu
 
The Challenges of Container Configuration
byGareth Rushgrove
 

More from Docker, Inc.

PDF
Securing Your Containerized Applications with NGINX
byDocker, Inc.
 
PDF
Monolithic to Microservices + Docker = SDLC on Steroids!
byDocker, Inc.
 
PDF
Virtual Meetup Docker + Arm: Building Multi-arch Apps with Buildx
byDocker, Inc.
 
PDF
Predicting Space Weather with Docker
byDocker, Inc.
 
PDF
DCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
byDocker, Inc.
 
PDF
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
byDocker, Inc.
 
PDF
Kubernetes at Datadog Scale
byDocker, Inc.
 
PDF
Containerize Your Game Server for the Best Multiplayer Experience
byDocker, Inc.
 
PDF
The First 10M Pulls: Building The Official Curl Image for Docker Hub
byDocker, Inc.
 
PDF
Hands-on Helm
byDocker, Inc.
 
PDF
DCSF 19 eBPF Superpowers
byDocker, Inc.
 
PDF
Build & Deploy Multi-Container Applications to AWS
byDocker, Inc.
 
PDF
Monitoring in a Microservices World
byDocker, Inc.
 
PDF
Sharing is Caring: How to Begin Speaking at Conferences
byDocker, Inc.
 
PDF
DCSF 19 Developing Apps with Containers, Functions and Cloud Services
byDocker, Inc.
 
PDF
Developing with Docker for the Arm Architecture
byDocker, Inc.
 
PDF
DCSF 19 Node.js Rocks in Docker for Dev and Ops
byDocker, Inc.
 
PDF
Distributed Deep Learning with Docker at Salesforce
byDocker, Inc.
 
PDF
DCSF 19 How Entergy is Mitigating Legacy Windows Operating System Vulnerabili...
byDocker, Inc.
 
PDF
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
byDocker, Inc.
 
Securing Your Containerized Applications with NGINX
byDocker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
byDocker, Inc.
 
Virtual Meetup Docker + Arm: Building Multi-arch Apps with Buildx
byDocker, Inc.
 
Predicting Space Weather with Docker
byDocker, Inc.
 
DCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
byDocker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
byDocker, Inc.
 
Kubernetes at Datadog Scale
byDocker, Inc.
 
Containerize Your Game Server for the Best Multiplayer Experience
byDocker, Inc.
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
byDocker, Inc.
 
Hands-on Helm
byDocker, Inc.
 
DCSF 19 eBPF Superpowers
byDocker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
byDocker, Inc.
 
Monitoring in a Microservices World
byDocker, Inc.
 
Sharing is Caring: How to Begin Speaking at Conferences
byDocker, Inc.
 
DCSF 19 Developing Apps with Containers, Functions and Cloud Services
byDocker, Inc.
 
Developing with Docker for the Arm Architecture
byDocker, Inc.
 
DCSF 19 Node.js Rocks in Docker for Dev and Ops
byDocker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
byDocker, Inc.
 
DCSF 19 How Entergy is Mitigating Legacy Windows Operating System Vulnerabili...
byDocker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
byDocker, Inc.
 

Recently uploaded

PDF
Cheryl Hung, Vibe Coding Auth Without Melting Down! isaqb Software Architectu...
byCheryl Hung
 
PDF
[BDD 2025 - Mobile Development] Exploring Apple’s On-Device FoundationModels
byWintari Yasmin
 
PDF
ODSC AI West: Agent Optimization: Beyond Context engineering
byShashikant Jagtap
 
PDF
Agentic Intro and Hands-on: Build your first Coded Agent
byUiPathCommunity
 
PDF
[DevFest Strasbourg 2025] - NodeJs Can do that !!
bymoassiongbon
 
PDF
How Much Does It Cost to Build an eCommerce Website in 2025.pdf
byPixlogix Infotech
 
PDF
[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...
bywintari3
 
PDF
PCCC25(設立25年記念PCクラスタシンポジウム):エヌビディア合同会社 テーマ2「NVIDIA BlueField-4 DPU」
byPC Cluster Consortium
 
PDF
Lets Build a Serverless Function with Kiro
byChris Bingham
 
PDF
[BDD 2025 - Artificial Intelligence] Building AI Systems That Users (and Comp...
byWintari Yasmin
 
PPTX
Leon Brands - Intro to GPU Occlusion (Graphics Programming Conference 2024)
byleonbrands1998
 
PDF
[BDD 2025 - Mobile Development] Crafting Immersive UI with E2E and AGSL Shade...
byWintari Yasmin
 
PDF
So You Want to Work at Google | DevFest Seattle 2025
byMargaret Maynard-Reid
 
PDF
Transforming Supply Chains with Amazon Bedrock AgentCore (AWS Swiss User Grou...
byChris Bingham
 
PDF
Top Crypto Supers 15th Report November 2025
byStephen Perrenod
 
PDF
Integrating AI with Meaningful Human Collaboration
byCadabra Studio
 
PDF
DUBAI IT MODERNIZATION WITH AZURE MANAGED SERVICES.pdf
byLogicEra
 
PPTX
Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]
byUiPathCommunity
 
PDF
The partnership effect: Libraries and publishers on collaborating and thrivin...
byBookNet Canada
 
PDF
The Evolving Role of the CEO in the Age of AI
byPipal Tree Services Executive Search Firm
 
Cheryl Hung, Vibe Coding Auth Without Melting Down! isaqb Software Architectu...
byCheryl Hung
 
[BDD 2025 - Mobile Development] Exploring Apple’s On-Device FoundationModels
byWintari Yasmin
 
ODSC AI West: Agent Optimization: Beyond Context engineering
byShashikant Jagtap
 
Agentic Intro and Hands-on: Build your first Coded Agent
byUiPathCommunity
 
[DevFest Strasbourg 2025] - NodeJs Can do that !!
bymoassiongbon
 
How Much Does It Cost to Build an eCommerce Website in 2025.pdf
byPixlogix Infotech
 
[BDD 2025 - Full-Stack Development] Digital Accessibility: Why Developers nee...
bywintari3
 
PCCC25(設立25年記念PCクラスタシンポジウム):エヌビディア合同会社 テーマ2「NVIDIA BlueField-4 DPU」
byPC Cluster Consortium
 
Lets Build a Serverless Function with Kiro
byChris Bingham
 
[BDD 2025 - Artificial Intelligence] Building AI Systems That Users (and Comp...
byWintari Yasmin
 
Leon Brands - Intro to GPU Occlusion (Graphics Programming Conference 2024)
byleonbrands1998
 
[BDD 2025 - Mobile Development] Crafting Immersive UI with E2E and AGSL Shade...
byWintari Yasmin
 
So You Want to Work at Google | DevFest Seattle 2025
byMargaret Maynard-Reid
 
Transforming Supply Chains with Amazon Bedrock AgentCore (AWS Swiss User Grou...
byChris Bingham
 
Top Crypto Supers 15th Report November 2025
byStephen Perrenod
 
Integrating AI with Meaningful Human Collaboration
byCadabra Studio
 
DUBAI IT MODERNIZATION WITH AZURE MANAGED SERVICES.pdf
byLogicEra
 
Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]
byUiPathCommunity
 
The partnership effect: Libraries and publishers on collaborating and thrivin...
byBookNet Canada
 
The Evolving Role of the CEO in the Age of AI
byPipal Tree Services Executive Search Firm
 

Labels, Labels, Labels

  • 1.
    Andy Clemenko Labels, Labels,Labels… Senior Solutions Engineer, StackRox @clemenko clemenko andy@stackrox.com
  • 2.
  • 4.
    Why Labels? • Security •Simplicity • Self Documenting • Audit Trail
  • 5.
    Label Schema Key =Value • Author • Date • Description • Version • and more…
  • 6.
    Labels for CI? •Source - Version Control • Commit Number • How to build • Where it was built • Build number
  • 7.
    Labels for Security •Build Server • Version Control • Commit Number • How to was built • Build number
  • 8.
    Sample Labels "org.opencontainers.image.authors": "clemenko@gmail.com", "org.opencontainers.image.source":"https://github.com/clemenko/dc20_labels/tree/master/demo_flask", "org.opencontainers.image.build": "docker build -t clemenko/flask_demo..." , "org.opencontainers.image.build_number": 22, "org.opencontainers.image.build.server": http://jenkins.dockr.life/, ”org.opencontainers.image.commit": "98c997f", "org.opencontainers.image.created": "05/07/20", "org.opencontainers.image.description": "The repository contains a simple flask application.", "org.opencontainers.image.healthz": "/healthz", "org.opencontainers.image.version": "0.1", "org.opencontainers.image.title": "clemenko/flask_demo", "org.zdocker.compose": ... , "org.zdocker.k8s": ...
  • 9.
    Create Labels • Dockerfile •Build Argument • docker build - -label key=value LABEL org.opencontainers.image.authors=$BUILD_SIGNATURE org.opencontainers.image.source="https://github.com/cleme org.opencontainers.image.created=$BUILD_DATE org.opencontainers.image.build_number=$BUILD_NUMBER org.opencontainers.image.commit=$GIT_COMMIT org.opencontainers.image.build.server=$JENKINS_URL org.opencontainers.image.title="clemenko/flask_demo" org.opencontainers.image.description="The repository cont flask --> redis." org.opencontainers.image.version=$BUILD_VERSION org.opencontainers.image.healthz="/healthz"
  • 10.
    View Labels • dockerpull; docker inspect • skopeo $ skopeo inspect docker://docker.io/clemenko/flask_demo:prod | jq -r ' { "org.opencontainers.image.authors": "clemenko@gmail.com", "org.opencontainers.image.build.server": "http://jenkins.dockr.life/ "org.opencontainers.image.build_number": "2", "org.opencontainers.image.commit": "cb03b31", "org.opencontainers.image.created": "05/14/20", "org.opencontainers.image.healthz": "/healthz", "org.opencontainers.image.source": "https://github.com/clemenko/dc20 demo_flask", "org.opencontainers.image.title": "clemenko/flask_demo", "org.opencontainers.image.version": “0.1”…
  • 11.
    Use Labels -k8s $ skopeo inspect docker://docker.io/clemenko/flask_demo:prod | jq -r '.Labels."org.zdocker.k8s"'| base64 -D | kubectl apply -f - namespace/flask created deployment.apps/flask created deployment.apps/mongo created deployment.apps/redis created service/flask created service/redis created service/mongo created ingress.networking.k8s.io/flask created ingressroute.traefik.containo.us/flask-ingressroute created
  • 12.
  • 13.
    Demo Stack ● DigitalOcean- Ubuntu 19.10 VMS ● k3s ● Traefik - Ingress Controller ● Jenkins - CI ● StackRox - Image Scanning and policy
  • 14.