SlideShare uma empresa Scribd logo

Build and run applications in a dockerless kubernetes world - DevConf India 18

Jorge Morales
Jorge Morales

Kubernetes has rapidly grown to support many container runtime formats. In this talk, I'm presenting all the alternatives you have to run your applications in kubernetes, and will present CRI-O which is steadily becoming a replacement to run your Docker containers on production. And since you will no longer have a docker daemon on your hosts, how will you build now your containers? I'll talk about all the options you have in this new world of Dockerless containers.

Software
1 de 42
Baixar para ler offline
Build and run applications in a Dockerless Kubernetes world Jorge Morales OpenShift Developer Advocate DevConf India 2018 August 5th - 11:45 - Room 1
Me (aka Jorge Morales) ● Spanish by nature and by language ● Work at Red Hat ● OpenShift Developer Advocate ● Mostly Java developer ● Obsessed with improving the developer experience @jorgemoralespou github.com/jorgemoralespou http://jorgemoral.es
Kernel namespaces: sandboxing processes from one another Control Groups (cgroups): control process resource allocations Security: capabilities drop (seccomp), Mandatory access control (SELinux, Apparmor) Linux Containers @jorgemoralespou
@jorgemoralespou
@jorgemoralespou
@jorgemoralespou
@jorgemoralespou
With scale came complexity
Orchestration @jorgemoralespou
OTHER ORCHESTRATORS (Cloud Foundry Diego, Nomad, Blox, etc.) 2 YEARS AGO Fragmented landscape TODAY Kubernetes consolidation OTHER ORCHESTRATORS CONTAINER ORCHESTRATION LANDSCAPE @jorgemoralespou
Why kubernetes? #1: Open source, backed by giants #2: Vibrant and fast growing community #3: Supported on all clouds #4: Great partnerships @jorgemoralespou
Started slow June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 @jorgemoralespou
then more runtimes showed up Rkt 1.0 Feb 2016 Kubernetes 1.3: Supports Docker and Rkt containers July 2016 June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 @jorgemoralespou
and code got messy @jorgemoralespou
“Change is the essential process of all of existence.” —SPOCK
Standardize containers ● Runtime spec (runc = Reference implementation) ● Image spec ● Distribution spec (proposal) @jorgemoralespou
Use API/Interfaces to Container Runtimes KUBELET FRAKTI OCI-RUNTIME RUNC DOCKERD RKT CONTAINER RUNTIME INTERFACE (CRI) DOCKERD RKT KUBELET @jorgemoralespou
Standardization became a fact Rkt 1.0 Feb 2016 Kubernetes 1.3: Supports Docker and Rkt containers July 2016 June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 Dec 2016 Kubernetes 1.5: Container Runtime Interface (CRI) alpha July 2017 Kubernetes 1.7: CRI support GA @jorgemoralespou
What is Container Runtime Interface (CRI)? ● A gRPC interface and a group of libraries ● Enables Kubernetes to use a wide variety of container runtimes ● Introduced in Kubernetes 1.5 ● GA in Kubernetes 1.7 @jorgemoralespou
CRI Implementations frakti cri-containerd dockershim virtlet @jorgemoralespou
CRI-O ● Open source & Open governance ● Lean, Stable, Secure and BORING! ○ Tied to the CRI ○ No features that can mine stability and performance ○ Shaped around Kubernetes ○ Only supported user is Kubernetes ○ Versioning and Support are tied to Kubernetes @jorgemoralespou
Man, this guy is so boring! When is the live demo? @jorgemoralespou
What if I want to try it? $ minikube start --network-plugin=cni --container-runtime=cri-o --bootstrapper=kubeadm @jorgemoralespou
@jorgemoralespou
skopeo ● Copy images from/to (multiple transports/storages): ○ containers-storage:docker-reference ○ dir:path ○ docker://docker-reference ○ docker-archive:path[:docker-reference] ○ docker-daemon:docker-reference ○ oci:path:tag ○ ostree:image[@/absolute/repo/path] ● Inspect images ● Delete an image from a repository ● Standalone binary / No daemon running ● Perfect for pipelines (e.g. Jenkins) @jorgemoralespou
@jorgemoralespou
buildah ● Build images ● No daemon running ● shell-like syntax ● Build from Dockerfile(s) @jorgemoralespou
@jorgemoralespou
libpod/podman Library (libpod) and CLI (podman) for managing OCI-based Pods, Containers, and Container Images ● Replacement for docker cli ○ known CLI ● Integrated with CRI-O (soon) ● No daemon running @jorgemoralespou
“Our ancestors called it magic, but you call it [computer] science. I come from a land where they are one and the same.” —THOR
@jorgemoralespou
@jorgemoralespou
Daemon-less Dockerfile builds ● Consume a Dockerfile, but build image without a docker daemon ● Pros ○ Docker build-like experience (just write a Dockerfile) ○ Potentially more control over image layers (combine or shard) ○ Aim is for greater security ● Cons ○ Dockerfile fidelity might make difficult some use cases ○ Different approaches to image layer construction @jorgemoralespou
Daemon-less Dockerfile builds ● Buildah ○ a tool that facilitates building OCI container images ● Img ○ Standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder. ○ The commands/UX are the same as docker (drop-in replacement) ● Kaniko ○ kaniko is a tool to build OCI container images from a Dockerfile, inside a container or Kubernetes cluster ○ executes each command within a Dockerfile completely in userspace ● more... @jorgemoralespou
Dockerfile-less builds ● User input is source / intent: “I want to run a Node.js web server” ● Pros: ○ Less configuration ○ Tools can intelligently build layers, better/safe layer caching ○ Docker image best practices can be codified into tools ● Cons: ○ Less flexible - Opinionated builds ○ Very fragmented across vendors, no real standard @jorgemoralespou
Dockerfile-less builds ● Source to Image ○ User provides source, source gets built+layered into an application image ○ Dependent on ecosystem of framework/language builder images ● Buildpacks ○ Invented by Heroku, adopted by Cloud Foundry / Deis ○ User provides source, “build” produces “slug”, “export” produces container image ● FTL (Faster than light) ○ Purpose-built source to image builders per-language, goal is layer-per-dependency ○ Insight: turn build incrementality into deploy incrementality ● Bazel ○ Google’s OSS build system, supports declarative image builds ○ Used for user-mode Docker image builds for 3+ years @jorgemoralespou
And don’t forget to tweet if you liked it (or if you didn’t) @jorgemoralespou @jorgemoralespou

Recomendados

[Szjug] Docker. Does it matter for java developer?
[Szjug] Docker. Does it matter for java developer?[Szjug] Docker. Does it matter for java developer?
[Szjug] Docker. Does it matter for java developer?Izzet Mustafaiev
 
Docker from a team perspective
Docker from a team perspectiveDocker from a team perspective
Docker from a team perspectiveEdwin Vlieg
 
Docker at MoneyBird
Docker at MoneyBirdDocker at MoneyBird
Docker at MoneyBirdEdwin Vlieg
 
Docker in Production
Docker in ProductionDocker in Production
Docker in ProductionJirayut Nimsaeng
 
06/03/19 Docker, Docker Compose y Heroku - Granada Developer Group - Salesforce
06/03/19 Docker, Docker Compose y Heroku - Granada Developer Group - Salesforce06/03/19 Docker, Docker Compose y Heroku - Granada Developer Group - Salesforce
06/03/19 Docker, Docker Compose y Heroku - Granada Developer Group - SalesforceAlba Azcona Rivas
 
QA Club Kiev #20. Making life easier with Docker
QA Club Kiev #20. Making life easier with DockerQA Club Kiev #20. Making life easier with Docker
QA Club Kiev #20. Making life easier with DockerQA Club Kiev
 
Docker for developers
Docker for developersDocker for developers
Docker for developerssparkfabrik
 
Настройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'aНастройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'acorehard_by
 

Recomendados

[Szjug] Docker. Does it matter for java developer?
[Szjug] Docker. Does it matter for java developer?[Szjug] Docker. Does it matter for java developer?
[Szjug] Docker. Does it matter for java developer?Izzet Mustafaiev
 
Docker from a team perspective
Docker from a team perspectiveDocker from a team perspective
Docker from a team perspectiveEdwin Vlieg
 
Docker at MoneyBird
Docker at MoneyBirdDocker at MoneyBird
Docker at MoneyBirdEdwin Vlieg
 
Docker in Production
Docker in ProductionDocker in Production
Docker in ProductionJirayut Nimsaeng
 
06/03/19 Docker, Docker Compose y Heroku - Granada Developer Group - Salesforce
06/03/19 Docker, Docker Compose y Heroku - Granada Developer Group - Salesforce06/03/19 Docker, Docker Compose y Heroku - Granada Developer Group - Salesforce
06/03/19 Docker, Docker Compose y Heroku - Granada Developer Group - SalesforceAlba Azcona Rivas
 
QA Club Kiev #20. Making life easier with Docker
QA Club Kiev #20. Making life easier with DockerQA Club Kiev #20. Making life easier with Docker
QA Club Kiev #20. Making life easier with DockerQA Club Kiev
 
Docker for developers
Docker for developersDocker for developers
Docker for developerssparkfabrik
 
Настройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'aНастройка окружения для кросскомпиляции проектов на основе docker'a
Настройка окружения для кросскомпиляции проектов на основе docker'acorehard_by
 
Quick Review of Desktop and Native Apps using Javascript
Quick Review of Desktop and Native Apps using JavascriptQuick Review of Desktop and Native Apps using Javascript
Quick Review of Desktop and Native Apps using JavascriptRobert Ellen
 
AllTheTalks 2020: Buildpacks - container for everyone!
AllTheTalks 2020: Buildpacks - container for everyone!AllTheTalks 2020: Buildpacks - container for everyone!
AllTheTalks 2020: Buildpacks - container for everyone!Zander Mackie
 
Atomic Developer Bundle
Atomic Developer BundleAtomic Developer Bundle
Atomic Developer BundleDharmit Shah
 
DockerCon 2016 Seattle Recap
DockerCon 2016 Seattle RecapDockerCon 2016 Seattle Recap
DockerCon 2016 Seattle RecapPhilipp Garbe
 
Kubernetes
KubernetesKubernetes
KubernetesDharmit Shah
 
VN Tech Seminor Vol.2 Docker Tutorial
VN Tech Seminor Vol.2 Docker TutorialVN Tech Seminor Vol.2 Docker Tutorial
VN Tech Seminor Vol.2 Docker TutorialShuhei Yamashita
 
Gomobile: gophers in the land of Android
Gomobile: gophers in the land of AndroidGomobile: gophers in the land of Android
Gomobile: gophers in the land of AndroidJovica Popovic
 
Docker for Developers
Docker for DevelopersDocker for Developers
Docker for DevelopersJames Turnbull
 
Docker 101
Docker 101Docker 101
Docker 101Hung-Che Lo
 
Software archaeology for beginners: code, community and culture
Software archaeology for beginners: code, community and cultureSoftware archaeology for beginners: code, community and culture
Software archaeology for beginners: code, community and cultureJames Turnbull
 
DockerCon 2016 Recap
DockerCon 2016 RecapDockerCon 2016 Recap
DockerCon 2016 RecapJochen Zehnder
 
The Self-Service Developer - GOTOCon CPH
The Self-Service Developer - GOTOCon CPHThe Self-Service Developer - GOTOCon CPH
The Self-Service Developer - GOTOCon CPHLaszlo Fogas
 
Writing native Linux desktop apps with JavaScript
Writing native Linux desktop apps with JavaScriptWriting native Linux desktop apps with JavaScript
Writing native Linux desktop apps with JavaScriptIgalia
 
Scaling Docker Registry
Scaling Docker RegistryScaling Docker Registry
Scaling Docker RegistryMirantis IT Russia
 
ISC HPCW talks
ISC HPCW talksISC HPCW talks
ISC HPCW talksAkihiro Suda
 
Docker off the grid
Docker off the gridDocker off the grid
Docker off the gridMirantis IT Russia
 
DevAssistant, Docker and You
DevAssistant, Docker and YouDevAssistant, Docker and You
DevAssistant, Docker and YouBalaBit
 
Knowit study group örnsköldsvik - introduction to qt & qt creator
Knowit study group örnsköldsvik - introduction to qt & qt creatorKnowit study group örnsköldsvik - introduction to qt & qt creator
Knowit study group örnsköldsvik - introduction to qt & qt creatorMathias Westin
 
Docker presentation
Docker presentationDocker presentation
Docker presentationthehoagie
 
Block Storage Updates - Juno Edition
Block Storage Updates - Juno EditionBlock Storage Updates - Juno Edition
Block Storage Updates - Juno EditionOpenStack Foundation
 
Build and run applications in a dockerless kubernetes world
Build and run applications in a dockerless kubernetes worldBuild and run applications in a dockerless kubernetes world
Build and run applications in a dockerless kubernetes worldJorge Morales
 
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Daniel Oh
 

Mais conteúdo relacionado

Mais procurados

Quick Review of Desktop and Native Apps using Javascript
Quick Review of Desktop and Native Apps using JavascriptQuick Review of Desktop and Native Apps using Javascript
Quick Review of Desktop and Native Apps using JavascriptRobert Ellen
 
AllTheTalks 2020: Buildpacks - container for everyone!
AllTheTalks 2020: Buildpacks - container for everyone!AllTheTalks 2020: Buildpacks - container for everyone!
AllTheTalks 2020: Buildpacks - container for everyone!Zander Mackie
 
Atomic Developer Bundle
Atomic Developer BundleAtomic Developer Bundle
Atomic Developer BundleDharmit Shah
 
DockerCon 2016 Seattle Recap
DockerCon 2016 Seattle RecapDockerCon 2016 Seattle Recap
DockerCon 2016 Seattle RecapPhilipp Garbe
 
VN Tech Seminor Vol.2 Docker Tutorial
VN Tech Seminor Vol.2 Docker TutorialVN Tech Seminor Vol.2 Docker Tutorial
VN Tech Seminor Vol.2 Docker TutorialShuhei Yamashita
 
Gomobile: gophers in the land of Android
Gomobile: gophers in the land of AndroidGomobile: gophers in the land of Android
Gomobile: gophers in the land of AndroidJovica Popovic
 
Software archaeology for beginners: code, community and culture
Software archaeology for beginners: code, community and cultureSoftware archaeology for beginners: code, community and culture
Software archaeology for beginners: code, community and cultureJames Turnbull
 
The Self-Service Developer - GOTOCon CPH
The Self-Service Developer - GOTOCon CPHThe Self-Service Developer - GOTOCon CPH
The Self-Service Developer - GOTOCon CPHLaszlo Fogas
 
Writing native Linux desktop apps with JavaScript
Writing native Linux desktop apps with JavaScriptWriting native Linux desktop apps with JavaScript
Writing native Linux desktop apps with JavaScriptIgalia
 
DevAssistant, Docker and You
DevAssistant, Docker and YouDevAssistant, Docker and You
DevAssistant, Docker and YouBalaBit
 
Knowit study group örnsköldsvik - introduction to qt & qt creator
Knowit study group örnsköldsvik - introduction to qt & qt creatorKnowit study group örnsköldsvik - introduction to qt & qt creator
Knowit study group örnsköldsvik - introduction to qt & qt creatorMathias Westin
 
Docker presentation
Docker presentationDocker presentation
Docker presentationthehoagie
 
Block Storage Updates - Juno Edition
Block Storage Updates - Juno EditionBlock Storage Updates - Juno Edition
Block Storage Updates - Juno EditionOpenStack Foundation
 

Mais procurados (20)

Quick Review of Desktop and Native Apps using Javascript
Quick Review of Desktop and Native Apps using JavascriptQuick Review of Desktop and Native Apps using Javascript
Quick Review of Desktop and Native Apps using Javascript
 
AllTheTalks 2020: Buildpacks - container for everyone!
AllTheTalks 2020: Buildpacks - container for everyone!AllTheTalks 2020: Buildpacks - container for everyone!
AllTheTalks 2020: Buildpacks - container for everyone!
 
Atomic Developer Bundle
Atomic Developer BundleAtomic Developer Bundle
Atomic Developer Bundle
 
DockerCon 2016 Seattle Recap
DockerCon 2016 Seattle RecapDockerCon 2016 Seattle Recap
DockerCon 2016 Seattle Recap
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
VN Tech Seminor Vol.2 Docker Tutorial
VN Tech Seminor Vol.2 Docker TutorialVN Tech Seminor Vol.2 Docker Tutorial
VN Tech Seminor Vol.2 Docker Tutorial
 
Gomobile: gophers in the land of Android
Gomobile: gophers in the land of AndroidGomobile: gophers in the land of Android
Gomobile: gophers in the land of Android
 
Docker for Developers
Docker for DevelopersDocker for Developers
Docker for Developers
 
Docker 101
Docker 101Docker 101
Docker 101
 
Software archaeology for beginners: code, community and culture
Software archaeology for beginners: code, community and cultureSoftware archaeology for beginners: code, community and culture
Software archaeology for beginners: code, community and culture
 
DockerCon 2016 Recap
DockerCon 2016 RecapDockerCon 2016 Recap
DockerCon 2016 Recap
 
The Self-Service Developer - GOTOCon CPH
The Self-Service Developer - GOTOCon CPHThe Self-Service Developer - GOTOCon CPH
The Self-Service Developer - GOTOCon CPH
 
Writing native Linux desktop apps with JavaScript
Writing native Linux desktop apps with JavaScriptWriting native Linux desktop apps with JavaScript
Writing native Linux desktop apps with JavaScript
 
Scaling Docker Registry
Scaling Docker RegistryScaling Docker Registry
Scaling Docker Registry
 
ISC HPCW talks
ISC HPCW talksISC HPCW talks
ISC HPCW talks
 
Docker off the grid
Docker off the gridDocker off the grid
Docker off the grid
 
DevAssistant, Docker and You
DevAssistant, Docker and YouDevAssistant, Docker and You
DevAssistant, Docker and You
 
Knowit study group örnsköldsvik - introduction to qt & qt creator
Knowit study group örnsköldsvik - introduction to qt & qt creatorKnowit study group örnsköldsvik - introduction to qt & qt creator
Knowit study group örnsköldsvik - introduction to qt & qt creator
 
Docker presentation
Docker presentationDocker presentation
Docker presentation
 
Block Storage Updates - Juno Edition
Block Storage Updates - Juno EditionBlock Storage Updates - Juno Edition
Block Storage Updates - Juno Edition
 

Semelhante a Build and run applications in a dockerless kubernetes world - DevConf India 18

Build and run applications in a dockerless kubernetes world
Build and run applications in a dockerless kubernetes worldBuild and run applications in a dockerless kubernetes world
Build and run applications in a dockerless kubernetes worldJorge Morales
 
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Daniel Oh
 
Docker 101 : Introduction to Docker and Containers
Docker 101 : Introduction to Docker and ContainersDocker 101 : Introduction to Docker and Containers
Docker 101 : Introduction to Docker and ContainersYajushi Srivastava
 
Start your container journey safely
Start your container journey safelyStart your container journey safely
Start your container journey safelyRachid Zarouali
 
Introduction to docker and docker compose
Introduction to docker and docker composeIntroduction to docker and docker compose
Introduction to docker and docker composeLalatendu Mohanty
 
DCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development PipelineDCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development PipelineDocker, Inc.
 
Docker for developers
Docker for developersDocker for developers
Docker for developersDrupalDay
 
A Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersA Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersDocker, Inc.
 
Getting started with docker (2017)
Getting started with docker (2017)Getting started with docker (2017)
Getting started with docker (2017)JEMLI Fathi
 
Docker up and Running For Web Developers
Docker up and Running For Web DevelopersDocker up and Running For Web Developers
Docker up and Running For Web DevelopersBADR
 
Docker Up and Running for Web Developers
Docker Up and Running for Web DevelopersDocker Up and Running for Web Developers
Docker Up and Running for Web DevelopersAmr Fawzy
 
Docker primer and tips
Docker primer and tipsDocker primer and tips
Docker primer and tipsSamuel Chow
 
Docker for developers
Docker for developersDocker for developers
Docker for developersAnvay Patil
 
Survey of Container Build Tools
Survey of Container Build ToolsSurvey of Container Build Tools
Survey of Container Build ToolsMichael Ducy
 
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...DynamicInfraDays
 

Semelhante a Build and run applications in a dockerless kubernetes world - DevConf India 18 (20)

Build and run applications in a dockerless kubernetes world
Build and run applications in a dockerless kubernetes worldBuild and run applications in a dockerless kubernetes world
Build and run applications in a dockerless kubernetes world
 
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies
 
Docker 101 : Introduction to Docker and Containers
Docker 101 : Introduction to Docker and ContainersDocker 101 : Introduction to Docker and Containers
Docker 101 : Introduction to Docker and Containers
 
Docker, what's next ?
Docker, what's next ?Docker, what's next ?
Docker, what's next ?
 
Start your container journey safely
Start your container journey safelyStart your container journey safely
Start your container journey safely
 
Introduction to docker and docker compose
Introduction to docker and docker composeIntroduction to docker and docker compose
Introduction to docker and docker compose
 
DCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development PipelineDCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development Pipeline
 
Docker for developers
Docker for developersDocker for developers
Docker for developers
 
A Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and ContainersA Gentle Introduction to Docker and Containers
A Gentle Introduction to Docker and Containers
 
Getting started with docker (2017)
Getting started with docker (2017)Getting started with docker (2017)
Getting started with docker (2017)
 
Docker up and Running For Web Developers
Docker up and Running For Web DevelopersDocker up and Running For Web Developers
Docker up and Running For Web Developers
 
Docker Up and Running for Web Developers
Docker Up and Running for Web DevelopersDocker Up and Running for Web Developers
Docker Up and Running for Web Developers
 
Docker primer and tips
Docker primer and tipsDocker primer and tips
Docker primer and tips
 
Containerization using docker and its applications
Containerization using docker and its applicationsContainerization using docker and its applications
Containerization using docker and its applications
 
Containerization using docker and its applications
Containerization using docker and its applicationsContainerization using docker and its applications
Containerization using docker and its applications
 
Docker for developers
Docker for developersDocker for developers
Docker for developers
 
Survey of Container Build Tools
Survey of Container Build ToolsSurvey of Container Build Tools
Survey of Container Build Tools
 
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
ContainerDays NYC 2015: "Easing Your Way Into Docker: Lessons From a Journey ...
 
Container Days
Container DaysContainer Days
Container Days
 
JOSA TechTalks - Docker in Production
JOSA TechTalks - Docker in ProductionJOSA TechTalks - Docker in Production
JOSA TechTalks - Docker in Production
 

Mais de Jorge Morales

OpenShift for developers in action! - jbcnconf19
OpenShift for developers in action! - jbcnconf19OpenShift for developers in action! - jbcnconf19
OpenShift for developers in action! - jbcnconf19Jorge Morales
 
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19Jorge Morales
 
Automating with operators - FossAsia Summit 2019
Automating with operators - FossAsia Summit 2019Automating with operators - FossAsia Summit 2019
Automating with operators - FossAsia Summit 2019Jorge Morales
 
Odo improving the developer experience on OpenShift - hack & sangria
Odo improving the developer experience on OpenShift - hack & sangriaOdo improving the developer experience on OpenShift - hack & sangria
Odo improving the developer experience on OpenShift - hack & sangriaJorge Morales
 
Mastering java in containers - MadridJUG
Mastering java in containers - MadridJUGMastering java in containers - MadridJUG
Mastering java in containers - MadridJUGJorge Morales
 
Automating stateful applications with kubernetes operators - Openstack Summit...
Automating stateful applications with kubernetes operators - Openstack Summit...Automating stateful applications with kubernetes operators - Openstack Summit...
Automating stateful applications with kubernetes operators - Openstack Summit...Jorge Morales
 
Improving the developer experience on OpenShift - devconf-india-18
Improving the developer experience on OpenShift - devconf-india-18Improving the developer experience on OpenShift - devconf-india-18
Improving the developer experience on OpenShift - devconf-india-18Jorge Morales
 
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Jorge Morales
 
I tried to dockerize my app but I had to PaaS
I tried to dockerize my app but I had to PaaSI tried to dockerize my app but I had to PaaS
I tried to dockerize my app but I had to PaaSJorge Morales
 

Mais de Jorge Morales (9)

OpenShift for developers in action! - jbcnconf19
OpenShift for developers in action! - jbcnconf19OpenShift for developers in action! - jbcnconf19
OpenShift for developers in action! - jbcnconf19
 
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
Put the dev back in devops - Cloud-native at local speed! - RH Summit 19
 
Automating with operators - FossAsia Summit 2019
Automating with operators - FossAsia Summit 2019Automating with operators - FossAsia Summit 2019
Automating with operators - FossAsia Summit 2019
 
Odo improving the developer experience on OpenShift - hack & sangria
Odo improving the developer experience on OpenShift - hack & sangriaOdo improving the developer experience on OpenShift - hack & sangria
Odo improving the developer experience on OpenShift - hack & sangria
 
Mastering java in containers - MadridJUG
Mastering java in containers - MadridJUGMastering java in containers - MadridJUG
Mastering java in containers - MadridJUG
 
Automating stateful applications with kubernetes operators - Openstack Summit...
Automating stateful applications with kubernetes operators - Openstack Summit...Automating stateful applications with kubernetes operators - Openstack Summit...
Automating stateful applications with kubernetes operators - Openstack Summit...
 
Improving the developer experience on OpenShift - devconf-india-18
Improving the developer experience on OpenShift - devconf-india-18Improving the developer experience on OpenShift - devconf-india-18
Improving the developer experience on OpenShift - devconf-india-18
 
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18Openshift: The power of kubernetes for engineers - Riga Dev Days 18
Openshift: The power of kubernetes for engineers - Riga Dev Days 18
 
I tried to dockerize my app but I had to PaaS
I tried to dockerize my app but I had to PaaSI tried to dockerize my app but I had to PaaS
I tried to dockerize my app but I had to PaaS
 

Último

%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisamasabamasaba
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park masabamasaba
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...Jittipong Loespradit
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...chiefasafspells
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...masabamasaba
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrandmasabamasaba
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...masabamasaba
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisamasabamasaba
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxAnnaArtyushina1
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Bert Jan Schrijver
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...SelfMade bd
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfonteinmasabamasaba
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024VictoriaMetrics
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareJim McKeeth
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Hararemasabamasaba
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is insideshinachiaurasa2
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 

Último (20)

%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Toronto Psychic Readings, Attraction spells,Brin...
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 
%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand%in Midrand+277-882-255-28 abortion pills for sale in midrand
%in Midrand+277-882-255-28 abortion pills for sale in midrand
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
Artyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptxArtyushina_Guest lecture_YorkU CS May 2024.pptx
Artyushina_Guest lecture_YorkU CS May 2024.pptx
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 

Build and run applications in a dockerless kubernetes world - DevConf India 18

  • 1. Build and run applications in a Dockerless Kubernetes world Jorge Morales OpenShift Developer Advocate DevConf India 2018 August 5th - 11:45 - Room 1
  • 2. Me (aka Jorge Morales) ● Spanish by nature and by language ● Work at Red Hat ● OpenShift Developer Advocate ● Mostly Java developer ● Obsessed with improving the developer experience @jorgemoralespou github.com/jorgemoralespou http://jorgemoral.es
  • 3.
  • 4.
  • 5. Kernel namespaces: sandboxing processes from one another Control Groups (cgroups): control process resource allocations Security: capabilities drop (seccomp), Mandatory access control (SELinux, Apparmor) Linux Containers @jorgemoralespou
  • 8.
  • 11. With scale came complexity
  • 13. OTHER ORCHESTRATORS (Cloud Foundry Diego, Nomad, Blox, etc.) 2 YEARS AGO Fragmented landscape TODAY Kubernetes consolidation OTHER ORCHESTRATORS CONTAINER ORCHESTRATION LANDSCAPE @jorgemoralespou
  • 14. Why kubernetes? #1: Open source, backed by giants #2: Vibrant and fast growing community #3: Supported on all clouds #4: Great partnerships @jorgemoralespou
  • 15. Started slow June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 @jorgemoralespou
  • 16. then more runtimes showed up Rkt 1.0 Feb 2016 Kubernetes 1.3: Supports Docker and Rkt containers July 2016 June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 @jorgemoralespou
  • 17. and code got messy @jorgemoralespou
  • 18. “Change is the essential process of all of existence.” —SPOCK
  • 19. Standardize containers ● Runtime spec (runc = Reference implementation) ● Image spec ● Distribution spec (proposal) @jorgemoralespou
  • 20. Use API/Interfaces to Container Runtimes KUBELET FRAKTI OCI-RUNTIME RUNC DOCKERD RKT CONTAINER RUNTIME INTERFACE (CRI) DOCKERD RKT KUBELET @jorgemoralespou
  • 21. Standardization became a fact Rkt 1.0 Feb 2016 Kubernetes 1.3: Supports Docker and Rkt containers July 2016 June 2014 Docker 1.0 Dec 2014 Kubernetes 1.0: Supports Docker containers Rkt 0.1.0 July 2015 Dec 2016 Kubernetes 1.5: Container Runtime Interface (CRI) alpha July 2017 Kubernetes 1.7: CRI support GA @jorgemoralespou
  • 22. What is Container Runtime Interface (CRI)? ● A gRPC interface and a group of libraries ● Enables Kubernetes to use a wide variety of container runtimes ● Introduced in Kubernetes 1.5 ● GA in Kubernetes 1.7 @jorgemoralespou
  • 24. CRI-O ● Open source & Open governance ● Lean, Stable, Secure and BORING! ○ Tied to the CRI ○ No features that can mine stability and performance ○ Shaped around Kubernetes ○ Only supported user is Kubernetes ○ Versioning and Support are tied to Kubernetes @jorgemoralespou
  • 25. Man, this guy is so boring! When is the live demo? @jorgemoralespou
  • 26.
  • 27. What if I want to try it? $ minikube start --network-plugin=cni --container-runtime=cri-o --bootstrapper=kubeadm @jorgemoralespou
  • 29. skopeo ● Copy images from/to (multiple transports/storages): ○ containers-storage:docker-reference ○ dir:path ○ docker://docker-reference ○ docker-archive:path[:docker-reference] ○ docker-daemon:docker-reference ○ oci:path:tag ○ ostree:image[@/absolute/repo/path] ● Inspect images ● Delete an image from a repository ● Standalone binary / No daemon running ● Perfect for pipelines (e.g. Jenkins) @jorgemoralespou
  • 31. buildah ● Build images ● No daemon running ● shell-like syntax ● Build from Dockerfile(s) @jorgemoralespou
  • 33. libpod/podman Library (libpod) and CLI (podman) for managing OCI-based Pods, Containers, and Container Images ● Replacement for docker cli ○ known CLI ● Integrated with CRI-O (soon) ● No daemon running @jorgemoralespou
  • 34.
  • 35. “Our ancestors called it magic, but you call it [computer] science. I come from a land where they are one and the same.” —THOR
  • 38. Daemon-less Dockerfile builds ● Consume a Dockerfile, but build image without a docker daemon ● Pros ○ Docker build-like experience (just write a Dockerfile) ○ Potentially more control over image layers (combine or shard) ○ Aim is for greater security ● Cons ○ Dockerfile fidelity might make difficult some use cases ○ Different approaches to image layer construction @jorgemoralespou
  • 39. Daemon-less Dockerfile builds ● Buildah ○ a tool that facilitates building OCI container images ● Img ○ Standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder. ○ The commands/UX are the same as docker (drop-in replacement) ● Kaniko ○ kaniko is a tool to build OCI container images from a Dockerfile, inside a container or Kubernetes cluster ○ executes each command within a Dockerfile completely in userspace ● more... @jorgemoralespou
  • 40. Dockerfile-less builds ● User input is source / intent: “I want to run a Node.js web server” ● Pros: ○ Less configuration ○ Tools can intelligently build layers, better/safe layer caching ○ Docker image best practices can be codified into tools ● Cons: ○ Less flexible - Opinionated builds ○ Very fragmented across vendors, no real standard @jorgemoralespou
  • 41. Dockerfile-less builds ● Source to Image ○ User provides source, source gets built+layered into an application image ○ Dependent on ecosystem of framework/language builder images ● Buildpacks ○ Invented by Heroku, adopted by Cloud Foundry / Deis ○ User provides source, “build” produces “slug”, “export” produces container image ● FTL (Faster than light) ○ Purpose-built source to image builders per-language, goal is layer-per-dependency ○ Insight: turn build incrementality into deploy incrementality ● Bazel ○ Google’s OSS build system, supports declarative image builds ○ Used for user-mode Docker image builds for 3+ years @jorgemoralespou
  • 42. And don’t forget to tweet if you liked it (or if you didn’t) @jorgemoralespou @jorgemoralespou