SlideShare uma empresa Scribd logo

Containers 101: What are they? Why should I care

A
Allen Vailliencourt

The document is an agenda for an Upstate DevOps meetup event on March 28, 2019. It includes an introduction, thanks to event sponsors, a request for introductions from attendees, and a presentation on containers. The presentation covers what containers are, how they differ from virtual machines, common container runtimes and engines, Kubernetes basics, and new container tools like Buildah and Skopeo. It concludes with additional resource links.

Tecnologia
1 de 35
Baixar para ler offline
UPSTATE DEVOPS! WELCOME TO
UPSTATE DEVOPS - MARCH 28, 2019 TODAY’S AGENDA ▸ Lunch & Networking! ~ 11:30 - 12:00 PM ▸ Sponsor acknowledgement & introductions ▸ Today’s Topic ~ 12:00 - 12:45 PM ▸ Containers 101: What are they? Why should I care? ▸ Q/A and dismissal! ~ 12:45 - 1:00 PM 2
THANK YOU SPONSORS! ▸ Big thanks to Find Great People for the food! ▸ www.fgptech.com ▸ Big thanks to OpenWorks for the venue! ▸ www.joinopenworks.com 3UPSTATE DEVOPS - MARCH 28, 2019
INTRODUCE YOURSELF… ▸ Name? ▸ What do you do & what company do you work for? ▸ Would you like to present in a future meeting? 4UPSTATE DEVOPS - MARCH 28, 2019
CONTAINERS 101: WHAT ARE THEY? WHY SHOULD I CARE? 5UPSTATE DEVOPS - MARCH 28, 2019
WHAT ARE CONTAINERS? It Depends Who You Ask ! Application processes on a shared kernel ! Simpler, lighter, and denser than VMs ! Portable across different environments ! Package apps with all dependencies ! Deploy to any environment in seconds ! Easily accessed and shared INFRASTRUCTURE APPLICATIONS
VIRTUAL MACHINES AND CONTAINERS VIRTUAL MACHINES CONTAINERS VM isolates the hardware Container isolates the process VM OS Dependencies Kernel Hypervisor Hardware App App App App Container Host (Kernel) Container App OS deps Container App OS deps Container App OS deps Container App OS deps Hypervisor Hardware
Virtual Machine Application OS dependencies Operating System VIRTUAL MACHINES AND CONTAINERS VM Isolation Complete OS Static Compute Static Memory High Resource Usage Container Isolation Shared Kernel Burstable Compute Burstable Memory Low Resource Usage Container Host Container Application OS dependencies
VIRTUAL MACHINES AND CONTAINERS Container Host Container Application OS dependencies Dev IT Ops Infrastructure Virtual Machine Application OS dependencies Operating System IT Ops
 (and Dev, sort of) Infrastructure Clear ownership boundary between Dev and IT Ops drives DevOps adoption and fosters agility Optimized for stability Optimized for agility
Virtual machines are NOT portable across hypervisor and do NOT provide portable packaging for applications APPLICATION PORTABILITY WITH VM VM Type X Application OS dependencies Operating System BARE METAL PRIVATE CLOUD PUBLIC CLOUDVIRTUALIZATIONLAPTOP Application OS dependencies Operating System VM Type Y Application OS dependencies Operating System VM Type Z Application OS dependencies Operating System Guest VM Application OS dependencies Operating System
APPLICATION PORTABILITY WITH CONTAINERS LAPTOP Container Application OS dependencies Guest VM Linux BARE METAL Container Application OS dependencies Linux VIRTUALIZATION Container Application OS dependencies Virtual Machine Linux PRIVATE CLOUD Container Application OS dependencies Virtual Machine Linux PUBLIC CLOUD Container Application OS dependencies Virtual Machine Linux Linux Containers + Linux Host = Guaranteed Portability
 Across Any Infrastructure
LINUX AND CONTAINER INFRASTRUCTURE CONTAINERS ARE LINUX Red Hat Enterprise Linux is a leader in paid Linux 70% CY2016 paid Linux share CONTAINER CONTAINER CONTAINER LINUX CONTAINER HOST (KERNEL) LINUX O/S DEPENDENCY LINUX O/S DEPENDENCY LINUX O/S DEPENDENCY APP APP APP Linux OS host spans every container 1 2 Linux is in every single container
Base Image Image Layer 1 Image Layer 2 Image Layer 3 Base Linux OS Update Layer Java Runtime Layer Application Layer Container Image Layers Example Container Image RAPID SECURITY PATCHING USING
 CONTAINER IMAGE LAYERING
A REALLY QUICK DEMO… UPSTATE DEVOPS - MARCH 28, 2019 14
WHAT’S IN THAT CONTAINER? (DOCKERFILE) UPSTATE DEVOPS - MARCH 28, 2019 FROM --platform=$BUILDPLATFORM golang:1.11-alpine AS builder RUN apk add --no-cache git RUN go get github.com/pdevine/go-asciisprite WORKDIR /project COPY surprise.go . ARG TARGETOS ARG TARGETARCH ENV GOOS=$TARGETOS GOARCH=$TARGETARCH RUN CGO_ENABLED=0 go build -a -ldflags '-extldflags "-static"' -o surprise surprise.go FROM scratch AS release-linux COPY --from=builder /project/surprise /surprise ENTRYPOINT ["/surprise"] FROM microsoft/nanoserver AS release-windows COPY --from=builder /project/surprise /surprise.exe ENTRYPOINT ["surprise.exe"] FROM release-$TARGETOS 15
CONTAINER RUNTIMES/ENGINES ▸ Docker - https://www.docker.com/ ▸ CRI-O - https://cri-o.io ▸ containerd - https://containerd.io ▸ Kata Containers - https://katacontainers.io/ ▸ and many more… UPSTATE DEVOPS - MARCH 28, 2019 16
A lightweight, OCI-compliant container runtime Minimal and Secure Architecture Optimized for Kubernetes Runs any OCI- compliant image (including docker)
A PRIMER ON 19UPSTATE DEVOPS - MARCH 28, 2019 AKA K8S
A container is the smallest compute unit CONTAINER
containers are created from 
 container images CONTAINER CONTAINER
 IMAGE BINARY RUNTIME
IMAGE REGISTRY container images are stored in 
 an image registry CONTAINER CONTAINER
 IMAGE CONTAINER
 IMAGE CONTAINER
 IMAGE CONTAINER
 IMAGE CONTAINER
 IMAGE CONTAINER
 IMAGE
an image repository contains all versions of an image in the image registry IMAGE REGISTRY frontend:latest frontend:2.0 frontend:1.1 frontend:1.0 CONTAINER
 IMAGE mongo:latest mongo:3.7 mongo:3.6 mongo:3.4 CONTAINER
 IMAGE myregistry/frontend myregistry/mongo
PODPOD containers are wrapped in pods which are units of deployment and management CONTAINER CONTAINERCONTAINER IP: 10.1.0.11 IP: 10.1.0.55
pods configuration is defined 
 in a deployment image name replicas labels
 cpu
 memory storage POD CONTAINER POD CONTAINER POD CONTAINER DEPLOYMENT
services provide internal load-balancing and service discovery across pods POD CONTAINER POD CONTAINER POD CONTAINER BACKEND SERVICE
 POD CONTAINER role: backend role: backendrole: backendrole: backendrole: frontend 10.110.1.11 10.120.2.22 10.130.3.3310.140.4.44 172.30.170.110
apps can talk to each other via services Invoke
 Backend API POD CONTAINER POD CONTAINER POD CONTAINER BACKEND SERVICE
 POD CONTAINER role: backend role: backendrole: backendrole: backendrole: frontend 10.110.1.11 10.120.2.22 10.130.3.3310.140.4.44 172.30.170.110
POD routes add services to the external load-balancer and provide readable urls for the app CONTAINER POD CONTAINER POD CONTAINER BACKEND SERVICE ROUTE
 app-prod.mycompany.com > curl http://app-prod.mycompany.com
projects isolate apps across environments, teams, groups and departments POD C POD C POD C PAYMENT DEV POD C POD C POD C PAYMENT PROD POD C POD C POD C CATALOG POD C POD C POD C INVENTORY ❌ ❌❌
COOL NEW TOOLS! 30UPSTATE DEVOPS - MARCH 28, 2019 ▸ Buildah - (https://buildah.io) ▸ A tool that facilities building OCI compliant images ▸ Create a working container, either from scratch or using an image as a starting point ▸ Create an image, either from a working container or via the instructions in a Dockerfile ▸ Images can be built in either the OCI image format or the traditional upstream docker image format ▸ Mount a working container's root filesystem for manipulation ▸ Unmount a working container's root filesystem ▸ Use the updated contents of a container's root filesystem as a filesystem layer to create a new image ▸ Delete a working container or an image ▸ Rename a local container
COOL NEW TOOLS! 31UPSTATE DEVOPS - MARCH 28, 2019 ▸ skopeo - (https://github.com/containers/skopeo) ▸ No daemon required ▸ Copying an image from and to various storage mechanisms. For example you can copy images from one registry to another, without requiring privilege. ▸ Inspecting a remote image showing its properties including its layers, without requiring you to pull the image to the host. ▸ Deleting an image from an image repository. ▸ When required by the repository, skopeo can pass the appropriate credentials and certificates for authentication
ANOTHER REALLY QUICK DEMO (SKOPEO VS DOCKER INSPECT)… UPSTATE DEVOPS - MARCH 28, 2019 32
COOL NEW TOOLS! 33UPSTATE DEVOPS - MARCH 28, 2019 ▸ podman - (https://podman.io/) ▸ What is Podman? Simply put: `alias docker=podman` ▸ Support multiple image formats including the OCI and Docker image formats. ▸ Support for multiple means to download images including trust & image verification. ▸ Container image management (managing image layers, overlay filesystems, etc). ▸ Full management of container lifecycle ▸ Support for pods to manage groups of containers together ▸ Resource isolation of containers and pods. ▸ Integration with CRI-O to share containers and backend code.
UPSTATE DEVOPS - MARCH 28, 2019 RESOURCES: ▸ CNCF - https://www.cncf.io/ ▸ CNCF Landscape - https://landscape.cncf.io ▸ Docker Surprise Repo - https://github.com/docker/birthday ▸ Open Container Initiative - https://www.opencontainers.org 34
THANK YOU! @VALIEN @UPSTATEDEVOPS WWW.MEETUP.COM/UPSTATE-DEVOPS

Recomendados

[Paris Container Day 2021] nerdctl: yet another Docker & Docker Compose imple...
[Paris Container Day 2021] nerdctl: yet another Docker & Docker Compose imple...[Paris Container Day 2021] nerdctl: yet another Docker & Docker Compose imple...
[Paris Container Day 2021] nerdctl: yet another Docker & Docker Compose imple...Akihiro Suda
 
[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep DiveAkihiro Suda
 
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless Mode[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless ModeAkihiro Suda
 
Rootless Containers & Unresolved issues
Rootless Containers & Unresolved issuesRootless Containers & Unresolved issues
Rootless Containers & Unresolved issuesAkihiro Suda
 
[KubeCon NA 2020] containerd: Rootless Containers 2020
[KubeCon NA 2020] containerd: Rootless Containers 2020[KubeCon NA 2020] containerd: Rootless Containers 2020
[KubeCon NA 2020] containerd: Rootless Containers 2020Akihiro Suda
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 
ISC HPCW talks
ISC HPCW talksISC HPCW talks
ISC HPCW talksAkihiro Suda
 
[FOSDEM 2020] Lazy distribution of container images
[FOSDEM 2020] Lazy distribution of container images[FOSDEM 2020] Lazy distribution of container images
[FOSDEM 2020] Lazy distribution of container imagesAkihiro Suda
 

Recomendados

[Paris Container Day 2021] nerdctl: yet another Docker & Docker Compose imple...
[Paris Container Day 2021] nerdctl: yet another Docker & Docker Compose imple...[Paris Container Day 2021] nerdctl: yet another Docker & Docker Compose imple...
[Paris Container Day 2021] nerdctl: yet another Docker & Docker Compose imple...Akihiro Suda
 
[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep Dive[KubeCon EU 2020] containerd Deep Dive
[KubeCon EU 2020] containerd Deep DiveAkihiro Suda
 
[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless Mode[DockerCon 2020] Hardening Docker daemon with Rootless Mode
[DockerCon 2020] Hardening Docker daemon with Rootless ModeAkihiro Suda
 
Rootless Containers & Unresolved issues
Rootless Containers & Unresolved issuesRootless Containers & Unresolved issues
Rootless Containers & Unresolved issuesAkihiro Suda
 
[KubeCon NA 2020] containerd: Rootless Containers 2020
[KubeCon NA 2020] containerd: Rootless Containers 2020[KubeCon NA 2020] containerd: Rootless Containers 2020
[KubeCon NA 2020] containerd: Rootless Containers 2020Akihiro Suda
 
[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless mode[DockerCon 2019] Hardening Docker daemon with Rootless mode
[DockerCon 2019] Hardening Docker daemon with Rootless modeAkihiro Suda
 
ISC HPCW talks
ISC HPCW talksISC HPCW talks
ISC HPCW talksAkihiro Suda
 
[FOSDEM 2020] Lazy distribution of container images
[FOSDEM 2020] Lazy distribution of container images[FOSDEM 2020] Lazy distribution of container images
[FOSDEM 2020] Lazy distribution of container imagesAkihiro Suda
 
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into ContainerdAkihiro Suda
 
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui... [KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...Akihiro Suda
 
Rootless Kubernetes
Rootless KubernetesRootless Kubernetes
Rootless KubernetesAkihiro Suda
 
Rootless Containers
Rootless ContainersRootless Containers
Rootless ContainersAkihiro Suda
 
[KubeConEU] Building images efficiently and securely on Kubernetes with BuildKit
[KubeConEU] Building images efficiently and securely on Kubernetes with BuildKit[KubeConEU] Building images efficiently and securely on Kubernetes with BuildKit
[KubeConEU] Building images efficiently and securely on Kubernetes with BuildKitAkihiro Suda
 
Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building ToolsAkihiro Suda
 
The State of Rootless Containers
The State of Rootless ContainersThe State of Rootless Containers
The State of Rootless ContainersAkihiro Suda
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionIntroduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionJérôme Petazzoni
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewiredotCloud
 
Docker engine - Indroduc
Docker engine - IndroducDocker engine - Indroduc
Docker engine - IndroducAl Gifari
 
SCALE 2011 Deploying OpenStack with Chef
SCALE 2011 Deploying OpenStack with ChefSCALE 2011 Deploying OpenStack with Chef
SCALE 2011 Deploying OpenStack with ChefMatt Ray
 
Building images efficiently and securely on Kubernetes with BuildKit
Building images efficiently and securely on Kubernetes with BuildKitBuilding images efficiently and securely on Kubernetes with BuildKit
Building images efficiently and securely on Kubernetes with BuildKitNTT Software Innovation Center
 
About docker in GDG Seoul
About docker in GDG SeoulAbout docker in GDG Seoul
About docker in GDG SeoulJude Kim
 
Ansible docker
Ansible dockerAnsible docker
Ansible dockerQNIB Solutions
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionMiloš Zubal
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Phil Estes
 
App container rkt
App container rktApp container rkt
App container rktXiaofeng Guo
 
Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Henryk Konsek
 
Introduction and Deep Dive Into Containerd
Introduction and Deep Dive Into ContainerdIntroduction and Deep Dive Into Containerd
Introduction and Deep Dive Into ContainerdKohei Tokunaga
 
What's new in kubernetes 1.3?
What's new in kubernetes 1.3?What's new in kubernetes 1.3?
What's new in kubernetes 1.3?Suraj Deshmukh
 
Deploying your first application with Kubernetes
Deploying your first application with KubernetesDeploying your first application with Kubernetes
Deploying your first application with KubernetesOVHcloud
 
Managing Micro Services with Windows Container Service
Managing Micro Services with Windows Container ServiceManaging Micro Services with Windows Container Service
Managing Micro Services with Windows Container ServicePedro Sousa
 

Mais conteúdo relacionado

Mais procurados

[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into ContainerdAkihiro Suda
 
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui... [KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...Akihiro Suda
 
Rootless Kubernetes
Rootless KubernetesRootless Kubernetes
Rootless KubernetesAkihiro Suda
 
Rootless Containers
Rootless ContainersRootless Containers
Rootless ContainersAkihiro Suda
 
[KubeConEU] Building images efficiently and securely on Kubernetes with BuildKit
[KubeConEU] Building images efficiently and securely on Kubernetes with BuildKit[KubeConEU] Building images efficiently and securely on Kubernetes with BuildKit
[KubeConEU] Building images efficiently and securely on Kubernetes with BuildKitAkihiro Suda
 
Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building ToolsAkihiro Suda
 
The State of Rootless Containers
The State of Rootless ContainersThe State of Rootless Containers
The State of Rootless ContainersAkihiro Suda
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionIntroduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionJérôme Petazzoni
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewiredotCloud
 
Docker engine - Indroduc
Docker engine - IndroducDocker engine - Indroduc
Docker engine - IndroducAl Gifari
 
SCALE 2011 Deploying OpenStack with Chef
SCALE 2011 Deploying OpenStack with ChefSCALE 2011 Deploying OpenStack with Chef
SCALE 2011 Deploying OpenStack with ChefMatt Ray
 
Building images efficiently and securely on Kubernetes with BuildKit
Building images efficiently and securely on Kubernetes with BuildKitBuilding images efficiently and securely on Kubernetes with BuildKit
Building images efficiently and securely on Kubernetes with BuildKitNTT Software Innovation Center
 
About docker in GDG Seoul
About docker in GDG SeoulAbout docker in GDG Seoul
About docker in GDG SeoulJude Kim
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionMiloš Zubal
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Phil Estes
 
Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Henryk Konsek
 
Introduction and Deep Dive Into Containerd
Introduction and Deep Dive Into ContainerdIntroduction and Deep Dive Into Containerd
Introduction and Deep Dive Into ContainerdKohei Tokunaga
 
What's new in kubernetes 1.3?
What's new in kubernetes 1.3?What's new in kubernetes 1.3?
What's new in kubernetes 1.3?Suraj Deshmukh
 

Mais procurados (20)

[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
[KubeCon EU 2021] Introduction and Deep Dive Into Containerd
 
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui... [KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
[KubeConUS2019 Docker, Inc. Booth] Distributed Builds on Kubernetes with Bui...
 
Rootless Kubernetes
Rootless KubernetesRootless Kubernetes
Rootless Kubernetes
 
Rootless Containers
Rootless ContainersRootless Containers
Rootless Containers
 
[KubeConEU] Building images efficiently and securely on Kubernetes with BuildKit
[KubeConEU] Building images efficiently and securely on Kubernetes with BuildKit[KubeConEU] Building images efficiently and securely on Kubernetes with BuildKit
[KubeConEU] Building images efficiently and securely on Kubernetes with BuildKit
 
Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools Comparing Next-Generation Container Image Building Tools
Comparing Next-Generation Container Image Building Tools
 
The State of Rootless Containers
The State of Rootless ContainersThe State of Rootless Containers
The State of Rootless Containers
 
Introduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" EditionIntroduction to Docker, December 2014 "Tour de France" Edition
Introduction to Docker, December 2014 "Tour de France" Edition
 
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @GuidewireIntroduction to Docker at SF Peninsula Software Development Meetup @Guidewire
Introduction to Docker at SF Peninsula Software Development Meetup @Guidewire
 
Docker engine - Indroduc
Docker engine - IndroducDocker engine - Indroduc
Docker engine - Indroduc
 
SCALE 2011 Deploying OpenStack with Chef
SCALE 2011 Deploying OpenStack with ChefSCALE 2011 Deploying OpenStack with Chef
SCALE 2011 Deploying OpenStack with Chef
 
Building images efficiently and securely on Kubernetes with BuildKit
Building images efficiently and securely on Kubernetes with BuildKitBuilding images efficiently and securely on Kubernetes with BuildKit
Building images efficiently and securely on Kubernetes with BuildKit
 
About docker in GDG Seoul
About docker in GDG SeoulAbout docker in GDG Seoul
About docker in GDG Seoul
 
Ansible docker
Ansible dockerAnsible docker
Ansible docker
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018
 
App container rkt
App container rktApp container rkt
App container rkt
 
Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.Containerize! Between Docker and Jube.
Containerize! Between Docker and Jube.
 
Introduction and Deep Dive Into Containerd
Introduction and Deep Dive Into ContainerdIntroduction and Deep Dive Into Containerd
Introduction and Deep Dive Into Containerd
 
What's new in kubernetes 1.3?
What's new in kubernetes 1.3?What's new in kubernetes 1.3?
What's new in kubernetes 1.3?
 

Semelhante a Containers 101: What are they? Why should I care

Deploying your first application with Kubernetes
Deploying your first application with KubernetesDeploying your first application with Kubernetes
Deploying your first application with KubernetesOVHcloud
 
Managing Micro Services with Windows Container Service
Managing Micro Services with Windows Container ServiceManaging Micro Services with Windows Container Service
Managing Micro Services with Windows Container ServicePedro Sousa
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar
 
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12dotCloud
 
Application Deployment on Openstack
Application Deployment on OpenstackApplication Deployment on Openstack
Application Deployment on OpenstackDocker, Inc.
 
Full stack development best practice and toolset
Full stack development best practice and toolsetFull stack development best practice and toolset
Full stack development best practice and toolsetReid Lai
 
Modernizing Your Application With Containers
Modernizing Your Application With ContainersModernizing Your Application With Containers
Modernizing Your Application With ContainersJay Gordon
 
Containers in a Kubernetes World
Containers in a Kubernetes WorldContainers in a Kubernetes World
Containers in a Kubernetes Worldplarsen67
 
La sécurité avec Kubernetes et les conteneurs Docker (June 19th, 2019)
La sécurité avec Kubernetes et les conteneurs Docker (June 19th, 2019)La sécurité avec Kubernetes et les conteneurs Docker (June 19th, 2019)
La sécurité avec Kubernetes et les conteneurs Docker (June 19th, 2019)Alexandre Roman
 
Halifax DevOps - Meet-up - July.19 2017
Halifax DevOps - Meet-up - July.19 2017Halifax DevOps - Meet-up - July.19 2017
Halifax DevOps - Meet-up - July.19 2017Kyle Bassett
 
Docker: The Blue Whale of Awesomness
Docker: The Blue Whale of AwesomnessDocker: The Blue Whale of Awesomness
Docker: The Blue Whale of AwesomnessSigfred Balatan Jr.
 
MongoDB World 2018: Partner Talk - Red Hat: Deploying to Enterprise Kubernetes
MongoDB World 2018: Partner Talk - Red Hat: Deploying to Enterprise KubernetesMongoDB World 2018: Partner Talk - Red Hat: Deploying to Enterprise Kubernetes
MongoDB World 2018: Partner Talk - Red Hat: Deploying to Enterprise KubernetesMongoDB
 
Future of Cloud Computing with Containers
Future of Cloud Computing with ContainersFuture of Cloud Computing with Containers
Future of Cloud Computing with ContainersLakmal Warusawithana
 
Altinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Ltd
 
Framework Agnostic Discovery
Framework Agnostic DiscoveryFramework Agnostic Discovery
Framework Agnostic DiscoveryKubeAcademy
 
Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_kanedafromparis
 
Federated Kubernetes: As a Platform for Distributed Scientific Computing
Federated Kubernetes: As a Platform for Distributed Scientific ComputingFederated Kubernetes: As a Platform for Distributed Scientific Computing
Federated Kubernetes: As a Platform for Distributed Scientific ComputingBob Killen
 
Paris Container Day 2016 : Deep dive dc-os ci-cd (Mesosphere & Container Solu...
Paris Container Day 2016 : Deep dive dc-os ci-cd (Mesosphere & Container Solu...Paris Container Day 2016 : Deep dive dc-os ci-cd (Mesosphere & Container Solu...
Paris Container Day 2016 : Deep dive dc-os ci-cd (Mesosphere & Container Solu...Publicis Sapient Engineering
 

Semelhante a Containers 101: What are they? Why should I care (20)

Deploying your first application with Kubernetes
Deploying your first application with KubernetesDeploying your first application with Kubernetes
Deploying your first application with Kubernetes
 
Managing Micro Services with Windows Container Service
Managing Micro Services with Windows Container ServiceManaging Micro Services with Windows Container Service
Managing Micro Services with Windows Container Service
 
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - PirosOpenbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
Openbar 7 - Leuven - OpenShift - The Enterprise Container Platform - Piros
 
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
Docker Presentation at the OpenStack Austin Meetup | 2013-09-12
 
Application Deployment on Openstack
Application Deployment on OpenstackApplication Deployment on Openstack
Application Deployment on Openstack
 
Introduction Into Docker Ecosystem
Introduction Into Docker EcosystemIntroduction Into Docker Ecosystem
Introduction Into Docker Ecosystem
 
Full stack development best practice and toolset
Full stack development best practice and toolsetFull stack development best practice and toolset
Full stack development best practice and toolset
 
Modernizing Your Application With Containers
Modernizing Your Application With ContainersModernizing Your Application With Containers
Modernizing Your Application With Containers
 
Containers in a Kubernetes World
Containers in a Kubernetes WorldContainers in a Kubernetes World
Containers in a Kubernetes World
 
La sécurité avec Kubernetes et les conteneurs Docker (June 19th, 2019)
La sécurité avec Kubernetes et les conteneurs Docker (June 19th, 2019)La sécurité avec Kubernetes et les conteneurs Docker (June 19th, 2019)
La sécurité avec Kubernetes et les conteneurs Docker (June 19th, 2019)
 
Halifax DevOps - Meet-up - July.19 2017
Halifax DevOps - Meet-up - July.19 2017Halifax DevOps - Meet-up - July.19 2017
Halifax DevOps - Meet-up - July.19 2017
 
Natively clouded Journey
Natively clouded JourneyNatively clouded Journey
Natively clouded Journey
 
Docker: The Blue Whale of Awesomness
Docker: The Blue Whale of AwesomnessDocker: The Blue Whale of Awesomness
Docker: The Blue Whale of Awesomness
 
MongoDB World 2018: Partner Talk - Red Hat: Deploying to Enterprise Kubernetes
MongoDB World 2018: Partner Talk - Red Hat: Deploying to Enterprise KubernetesMongoDB World 2018: Partner Talk - Red Hat: Deploying to Enterprise Kubernetes
MongoDB World 2018: Partner Talk - Red Hat: Deploying to Enterprise Kubernetes
 
Future of Cloud Computing with Containers
Future of Cloud Computing with ContainersFuture of Cloud Computing with Containers
Future of Cloud Computing with Containers
 
Altinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and CloudAltinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
Altinity Cluster Manager: ClickHouse Management for Kubernetes and Cloud
 
Framework Agnostic Discovery
Framework Agnostic DiscoveryFramework Agnostic Discovery
Framework Agnostic Discovery
 
Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_Dev opsec dockerimage_patch_n_lifecyclemanagement_
Dev opsec dockerimage_patch_n_lifecyclemanagement_
 
Federated Kubernetes: As a Platform for Distributed Scientific Computing
Federated Kubernetes: As a Platform for Distributed Scientific ComputingFederated Kubernetes: As a Platform for Distributed Scientific Computing
Federated Kubernetes: As a Platform for Distributed Scientific Computing
 
Paris Container Day 2016 : Deep dive dc-os ci-cd (Mesosphere & Container Solu...
Paris Container Day 2016 : Deep dive dc-os ci-cd (Mesosphere & Container Solu...Paris Container Day 2016 : Deep dive dc-os ci-cd (Mesosphere & Container Solu...
Paris Container Day 2016 : Deep dive dc-os ci-cd (Mesosphere & Container Solu...
 

Último

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 

Último (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

Containers 101: What are they? Why should I care

  • 2. UPSTATE DEVOPS - MARCH 28, 2019 TODAY’S AGENDA ▸ Lunch & Networking! ~ 11:30 - 12:00 PM ▸ Sponsor acknowledgement & introductions ▸ Today’s Topic ~ 12:00 - 12:45 PM ▸ Containers 101: What are they? Why should I care? ▸ Q/A and dismissal! ~ 12:45 - 1:00 PM 2
  • 3. THANK YOU SPONSORS! ▸ Big thanks to Find Great People for the food! ▸ www.fgptech.com ▸ Big thanks to OpenWorks for the venue! ▸ www.joinopenworks.com 3UPSTATE DEVOPS - MARCH 28, 2019
  • 4. INTRODUCE YOURSELF… ▸ Name? ▸ What do you do & what company do you work for? ▸ Would you like to present in a future meeting? 4UPSTATE DEVOPS - MARCH 28, 2019
  • 5. CONTAINERS 101: WHAT ARE THEY? WHY SHOULD I CARE? 5UPSTATE DEVOPS - MARCH 28, 2019
  • 6. WHAT ARE CONTAINERS? It Depends Who You Ask ! Application processes on a shared kernel ! Simpler, lighter, and denser than VMs ! Portable across different environments ! Package apps with all dependencies ! Deploy to any environment in seconds ! Easily accessed and shared INFRASTRUCTURE APPLICATIONS
  • 7. VIRTUAL MACHINES AND CONTAINERS VIRTUAL MACHINES CONTAINERS VM isolates the hardware Container isolates the process VM OS Dependencies Kernel Hypervisor Hardware App App App App Container Host (Kernel) Container App OS deps Container App OS deps Container App OS deps Container App OS deps Hypervisor Hardware
  • 8. Virtual Machine Application OS dependencies Operating System VIRTUAL MACHINES AND CONTAINERS VM Isolation Complete OS Static Compute Static Memory High Resource Usage Container Isolation Shared Kernel Burstable Compute Burstable Memory Low Resource Usage Container Host Container Application OS dependencies
  • 9. VIRTUAL MACHINES AND CONTAINERS Container Host Container Application OS dependencies Dev IT Ops Infrastructure Virtual Machine Application OS dependencies Operating System IT Ops
 (and Dev, sort of) Infrastructure Clear ownership boundary between Dev and IT Ops drives DevOps adoption and fosters agility Optimized for stability Optimized for agility
  • 10. Virtual machines are NOT portable across hypervisor and do NOT provide portable packaging for applications APPLICATION PORTABILITY WITH VM VM Type X Application OS dependencies Operating System BARE METAL PRIVATE CLOUD PUBLIC CLOUDVIRTUALIZATIONLAPTOP Application OS dependencies Operating System VM Type Y Application OS dependencies Operating System VM Type Z Application OS dependencies Operating System Guest VM Application OS dependencies Operating System
  • 11. APPLICATION PORTABILITY WITH CONTAINERS LAPTOP Container Application OS dependencies Guest VM Linux BARE METAL Container Application OS dependencies Linux VIRTUALIZATION Container Application OS dependencies Virtual Machine Linux PRIVATE CLOUD Container Application OS dependencies Virtual Machine Linux PUBLIC CLOUD Container Application OS dependencies Virtual Machine Linux Linux Containers + Linux Host = Guaranteed Portability
 Across Any Infrastructure
  • 12. LINUX AND CONTAINER INFRASTRUCTURE CONTAINERS ARE LINUX Red Hat Enterprise Linux is a leader in paid Linux 70% CY2016 paid Linux share CONTAINER CONTAINER CONTAINER LINUX CONTAINER HOST (KERNEL) LINUX O/S DEPENDENCY LINUX O/S DEPENDENCY LINUX O/S DEPENDENCY APP APP APP Linux OS host spans every container 1 2 Linux is in every single container
  • 13. Base Image Image Layer 1 Image Layer 2 Image Layer 3 Base Linux OS Update Layer Java Runtime Layer Application Layer Container Image Layers Example Container Image RAPID SECURITY PATCHING USING
 CONTAINER IMAGE LAYERING
  • 14. A REALLY QUICK DEMO… UPSTATE DEVOPS - MARCH 28, 2019 14
  • 15. WHAT’S IN THAT CONTAINER? (DOCKERFILE) UPSTATE DEVOPS - MARCH 28, 2019 FROM --platform=$BUILDPLATFORM golang:1.11-alpine AS builder RUN apk add --no-cache git RUN go get github.com/pdevine/go-asciisprite WORKDIR /project COPY surprise.go . ARG TARGETOS ARG TARGETARCH ENV GOOS=$TARGETOS GOARCH=$TARGETARCH RUN CGO_ENABLED=0 go build -a -ldflags '-extldflags "-static"' -o surprise surprise.go FROM scratch AS release-linux COPY --from=builder /project/surprise /surprise ENTRYPOINT ["/surprise"] FROM microsoft/nanoserver AS release-windows COPY --from=builder /project/surprise /surprise.exe ENTRYPOINT ["surprise.exe"] FROM release-$TARGETOS 15
  • 16. CONTAINER RUNTIMES/ENGINES ▸ Docker - https://www.docker.com/ ▸ CRI-O - https://cri-o.io ▸ containerd - https://containerd.io ▸ Kata Containers - https://katacontainers.io/ ▸ and many more… UPSTATE DEVOPS - MARCH 28, 2019 16
  • 17. A lightweight, OCI-compliant container runtime Minimal and Secure Architecture Optimized for Kubernetes Runs any OCI- compliant image (including docker)
  • 18.
  • 19. A PRIMER ON 19UPSTATE DEVOPS - MARCH 28, 2019 AKA K8S
  • 20. A container is the smallest compute unit CONTAINER
  • 21. containers are created from 
 container images CONTAINER CONTAINER
 IMAGE BINARY RUNTIME
  • 22. IMAGE REGISTRY container images are stored in 
 an image registry CONTAINER CONTAINER
 IMAGE CONTAINER
 IMAGE CONTAINER
 IMAGE CONTAINER
 IMAGE CONTAINER
 IMAGE CONTAINER
 IMAGE
  • 23. an image repository contains all versions of an image in the image registry IMAGE REGISTRY frontend:latest frontend:2.0 frontend:1.1 frontend:1.0 CONTAINER
 IMAGE mongo:latest mongo:3.7 mongo:3.6 mongo:3.4 CONTAINER
 IMAGE myregistry/frontend myregistry/mongo
  • 24. PODPOD containers are wrapped in pods which are units of deployment and management CONTAINER CONTAINERCONTAINER IP: 10.1.0.11 IP: 10.1.0.55
  • 25. pods configuration is defined 
 in a deployment image name replicas labels
 cpu
 memory storage POD CONTAINER POD CONTAINER POD CONTAINER DEPLOYMENT
  • 26. services provide internal load-balancing and service discovery across pods POD CONTAINER POD CONTAINER POD CONTAINER BACKEND SERVICE
 POD CONTAINER role: backend role: backendrole: backendrole: backendrole: frontend 10.110.1.11 10.120.2.22 10.130.3.3310.140.4.44 172.30.170.110
  • 27. apps can talk to each other via services Invoke
 Backend API POD CONTAINER POD CONTAINER POD CONTAINER BACKEND SERVICE
 POD CONTAINER role: backend role: backendrole: backendrole: backendrole: frontend 10.110.1.11 10.120.2.22 10.130.3.3310.140.4.44 172.30.170.110
  • 28. POD routes add services to the external load-balancer and provide readable urls for the app CONTAINER POD CONTAINER POD CONTAINER BACKEND SERVICE ROUTE
 app-prod.mycompany.com > curl http://app-prod.mycompany.com
  • 29. projects isolate apps across environments, teams, groups and departments POD C POD C POD C PAYMENT DEV POD C POD C POD C PAYMENT PROD POD C POD C POD C CATALOG POD C POD C POD C INVENTORY ❌ ❌❌
  • 30. COOL NEW TOOLS! 30UPSTATE DEVOPS - MARCH 28, 2019 ▸ Buildah - (https://buildah.io) ▸ A tool that facilities building OCI compliant images ▸ Create a working container, either from scratch or using an image as a starting point ▸ Create an image, either from a working container or via the instructions in a Dockerfile ▸ Images can be built in either the OCI image format or the traditional upstream docker image format ▸ Mount a working container's root filesystem for manipulation ▸ Unmount a working container's root filesystem ▸ Use the updated contents of a container's root filesystem as a filesystem layer to create a new image ▸ Delete a working container or an image ▸ Rename a local container
  • 31. COOL NEW TOOLS! 31UPSTATE DEVOPS - MARCH 28, 2019 ▸ skopeo - (https://github.com/containers/skopeo) ▸ No daemon required ▸ Copying an image from and to various storage mechanisms. For example you can copy images from one registry to another, without requiring privilege. ▸ Inspecting a remote image showing its properties including its layers, without requiring you to pull the image to the host. ▸ Deleting an image from an image repository. ▸ When required by the repository, skopeo can pass the appropriate credentials and certificates for authentication
  • 32. ANOTHER REALLY QUICK DEMO (SKOPEO VS DOCKER INSPECT)… UPSTATE DEVOPS - MARCH 28, 2019 32
  • 33. COOL NEW TOOLS! 33UPSTATE DEVOPS - MARCH 28, 2019 ▸ podman - (https://podman.io/) ▸ What is Podman? Simply put: `alias docker=podman` ▸ Support multiple image formats including the OCI and Docker image formats. ▸ Support for multiple means to download images including trust & image verification. ▸ Container image management (managing image layers, overlay filesystems, etc). ▸ Full management of container lifecycle ▸ Support for pods to manage groups of containers together ▸ Resource isolation of containers and pods. ▸ Integration with CRI-O to share containers and backend code.
  • 34. UPSTATE DEVOPS - MARCH 28, 2019 RESOURCES: ▸ CNCF - https://www.cncf.io/ ▸ CNCF Landscape - https://landscape.cncf.io ▸ Docker Surprise Repo - https://github.com/docker/birthday ▸ Open Container Initiative - https://www.opencontainers.org 34