Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Build containers faster with Jib, a Google image build tool for Java applications

57007fa9a005a5dfb163141c67d46c36?s=47 Q Chen
June 14, 2018
Programming
12
7.1k

Build containers faster with Jib, a Google image build tool for Java applications

Watch the talk: https://www.youtube.com/watch?v=H6gR_Cv4yWI

Originally presented at Velocity San Jose 2018 - https://conferences.oreilly.com/velocity/vl-ca/public/schedule/detail/66707

The project is at https://github.com/GoogleContainerTools/jib

57007fa9a005a5dfb163141c67d46c36?s=128

Q Chen

June 14, 2018
Tweet

More Decks by Q Chen

See All by Q Chen
57007fa9a005a5dfb163141c67d46c36?s=48 coollog
3
570

Other Decks in Programming

See All in Programming
345c78640c646c9c55083efd57fb6e54?s=48 kuritatu18
0
220
5b3338b3676d4f7091a575e584f3a4f4?s=48 coe401_
PRO
2
670
E37b4344ef4bfd0fc4826c04971e54fb?s=48 nrslib
0
150
1145fb026140c0af54cf49a9da6e79ee?s=48 stefanscheidt
0
110
8f2c3621c8a56710b8fc8b993f400ef3?s=48 hirokiabe
0
370
3931098ae486b6df619050c63e24f6cc?s=48 osyo
0
790
3bf6da1f63cd8b7a2f802f95c269ed80?s=48 fromatom
0
330
05a867429c5e5a2b4fe997b91bc98c11?s=48 taketo1024
0
130
A760a90c9afd981004343b9861f1e8b4?s=48 daipresents
0
220
028088964f255d677d471558da865b72?s=48 satoshin
2
150
351bca0f01c8cb553535791140636368?s=48 sidepelican
3
200
7d709dd44f86dc8f2b7ddb4c48145dfc?s=48 jollyjoester
2
440

Featured

See All Featured
812e1705ff0f8bc1bcf18587bde687d5?s=48 62gerente
593
210k
Bfd6b681ec6e8c9bef82ff0521c364f7?s=48 kastner
56
2k
9375a9529679f1b42b567a640d775e7d?s=48 schacon
152
6.8k
5ce91fa49a613cbc3e20d5f96856473f?s=48 edds
56
9.6k
3d4519fd34b76fb265fc0237f3792bd4?s=48 danielanewman
6
740
A9a491b0fcbe0fbce3d64063a37add99?s=48 rmw
15
1k
761be20b5ebd271008bcee1244fc5b52?s=48 matthewcrist
73
7.7k
5b9fe87ec1faa67a4599782930f45ec9?s=48 sstephenson
149
12k
3ab1249be442027903e1180025340b3f?s=48 reverentgeek
171
7.7k
Ba530e786553390f3fb271848485681c?s=48 3n
169
23k
E43f8dfd01057f8304f5f8fb9a294d7d?s=48 jeffersonlam
333
16k
5b6a2bd86ef643786a381a212e0ef2f1?s=48 geoffreycrofte
41
1.5k

Transcript

  1. github.com/GoogleContainerTools/jib Build containers faster with Jib A container image builder

    for Java applications

  2. Our Team Cloud Tools for Java Appu Goundan @loosebazooka Qingyang

    “Q” Chen @coollog

  3. github.com/GoogleContainerTools/jib Containers “Write once, run anywhere”

  4. github.com/GoogleContainerTools/jib Building a Java container

  5. github.com/GoogleContainerTools/jib Me Java Developer Building website for pet clinic Wants

    to containerize the backend Wants container on registry ilovejava.io/petclinic-app

  6. github.com/GoogleContainerTools/jib

  7. So I read some tutorials

  8. github.com/GoogleContainerTools/jib FROM ubuntu:14.04 RUN apt-get update && apt-get install -y

    python-software-properties software-properties-common RUN add-apt-repository ppa:webupd8team/java RUN echo "oracle-java8-installer shared/accepted-oracle-license-v1-1 boolean true" | debconf-set-selections RUN apt-get update && apt-get install -y oracle-java8-installer maven ADD . /usr/local/petclinic RUN cd /usr/local/petclinic && mvn install CMD ["/usr/bin/java" , "-cp", "/usr/local/petclinic/target/petclinic-1.0.jar" , "petclinic.WebServer" ]

  9. So I read some more tutorials

  10. github.com/GoogleContainerTools/jib FROM openjdk:8 COPY target/petclinic-*.jar /app.jar ENTRYPOINT java -jar /app.jar

  11. github.com/GoogleContainerTools/jib Problem: openjdk:8 is 284MB FROM openjdk:8 COPY target/petclinic-*.jar /app.jar

    ENTRYPOINT java -jar /app.jar

  12. Some more searching

  13. github.com/GoogleContainerTools/jib FROM openjdk:8-jre-alpine COPY target/petclinic-*.jar /app.jar ENTRYPOINT java -jar /app.jar

    82 MB

  14. github.com/GoogleContainerTools/jib docs.docker.com/develop/develop-images/dockerfile_best-practices

  15. github.com/GoogleContainerTools/jib ** !target/petclinic-*.jar .dockerignore

  16. Some more tutorials later

  17. github.com/GoogleContainerTools/jib FROM openjdk:8-jre-alpine COPY target/dependencies /app/dependencies COPY target/classes /app/classes ENTRYPOINT

    java -cp /app/dependencies/*:/app/classes petclinic.WebServer $ mvn dependencies:copy-dependencies to target/dependencies/

  18. github.com/GoogleContainerTools/jib ... <build> <plugins> <plugin> <groupId>com.spotify</groupId> <artifactId>docker-maven-plugin </artifactId> <version>1.0.0</version> <configuration>

    <imageName>ilovejava.io/petclinic-app </imageName> <baseImage>gcr.io/distroless/java </baseImage> <entryPoint>["java", "-jar", "/${project.build.finalName}.jar" ]</entryPoint> <resources> <resource> <targetPath>/</targetPath> <directory>${project.build.directory} </directory> <include>${project.build.finalName}.jar </include> </resource> </resources> </configuration> </plugin> </plugins> </build> ...

  19. github.com/GoogleContainerTools/jib What did we do? 1. Write first Dockerfile 2.

    Reduce image size 3. Don’t run installs 4. Use better base image 5. Write .dockerignore 6. Improve incremental speed 7. Switch to use a Maven plugin Order of layers to optimize for cache hits Use of multi-stage builds Understanding Docker cache mechanism and quirks Download and install Docker Have elevated privileges to run Docker daemon saturnism.me/talk/docker-tips-and-tricks

  20. github.com/GoogleContainerTools/jib Containerizing with Docker Project JAR docker Docker Daemon Container

    Image Dockerfile build send build push Registry

  21. github.com/GoogleContainerTools/jib I’m a Java developer, I don’t want to have

    to care about Dockerfiles Some Java Developer Somewhere

  22. github.com/GoogleContainerTools/jib Containerizing, simplified Project Container image build on registry

  23. github.com/GoogleContainerTools/jib Containerizing, simplified PetClinic project ilovejava.io/petclinic-app build

  24. github.com/GoogleContainerTools/jib 1. Apply the plugin. 1. Apply the plugin. 2.

    mvn jib:build Steps: (or gradle jib)

  25. github.com/GoogleContainerTools/jib Demo $ git clone https://github.com/spring-projects/spring-petclinic && cd spring-petclinic $

    ./mvnw compile com.google.cloud.tools:jib-maven-plugin:0.9.7:build \ -Dimage=gcr.io/my-project/petclinic

  26. github.com/GoogleContainerTools/jib Project ilovejava.io/petclinic-app build Docker daemon build Docker context generate

    Advanced Configuration JVM flags OCI image format credentials program arguments

  27. github.com/GoogleContainerTools/jib A “compiler” for containers

  28. github.com/GoogleContainerTools/jib Dockerfile “script” FROM base container image Run commands to

    install dependencies COPY application files over Configure the entrypoint Run the container Produces some layers Produces some layers

  29. github.com/GoogleContainerTools/jib Compile Containerize

  30. github.com/GoogleContainerTools/jib Code Executable Compile

  31. github.com/GoogleContainerTools/jib Code Executable Compile Java Container Containerize

  32. github.com/GoogleContainerTools/jib Code Executable Compile Java Container Containerize Containers are the

    executables of the cloud.

  33. github.com/GoogleContainerTools/jib Java JAR jar

  34. github.com/GoogleContainerTools/jib Java JAR jar Java Container Jib

  35. How Jib Works

  36. github.com/GoogleContainerTools/jib Pure Java Speed What benefits do we get from

    Jib Reproducibility

  37. github.com/GoogleContainerTools/jib Pure Java

  38. github.com/GoogleContainerTools/jib A container image is a directory of files

  39. github.com/GoogleContainerTools/jib Docker Image Format Tarballs that compose into a single

    filesystem Tarball A Tarball B Tarball C /bin /usr /tmp /var /jdk /app.jar

  40. github.com/GoogleContainerTools/jib Docker Image Format Tarballs that compose into a single

    filesystem And a container configuration Tarball A Tarball B Tarball C /bin /usr /tmp /var /jdk /app.jar Environment variables, entrypoint, etc. Container configuration

  41. github.com/GoogleContainerTools/jib { "architecture" : "amd64", "os": "linux", "config": { "Env":

    [], "Entrypoint" : [ "java", "-cp", "/app/libs/*:/app/resources/:/app/classes/" , "com.test.HelloWorld" ] }, "rootfs": { "type": "layers", "diff_ids" : [ "sha256:46e7865bff73b5a0c610bf9f20c91dfafa2518ace8703faaffff551a4773b947" , "sha256:6189abe095d53c1c9f2bfc8f50128ee876b9a5d10f9eda1564e5f5357d6ffe61" , "sha256:e8292403028e724f0c7686ede4cd89180faa85aeb63cd0e7d560e8a459d83afe" , "sha256:ff7666ffd3d45500f4af71f091a603413acb04d028ba03a6698f63819d246cb5" , "sha256:db22fdca5c6344265d841ec106e683fb39914f356fb1d8e69accb466a396dc62" , "sha256:9aa41c013edd2a6311dcdd4d26129b01b3ba0b08c8adb51759c63501a69d27f5" ] } } checksums

  42. github.com/GoogleContainerTools/jib Docker Image Format Tarballs that compose into a single

    filesystem And a container configuration And a manifest Tarball A Tarball B Tarball C /bin /usr /tmp /var /jdk /app.jar Tarballs A, B, C, and the configuration Manifest Environment variables, entrypoint, etc. Container configuration

  43. github.com/GoogleContainerTools/jib { "schemaVersion" : 2, "mediaType": "application/vnd.docker.distribution.manifest.v2+json" , "config": {

    "mediaType": "application/vnd.docker.container.image.v1+json" , "digest": "sha256:181b9f9c20bb2f7f485ffd038140551a758507d6255d46f4f62b3e504948fb86" , "size": 635 }, "layers": [ { "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip" , "digest": "sha256:eb05f3dbdb543cc610527248690575bacbbcebabe6ecf665b189cf18b541e3ca" , "size": 7695857 }, { "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip" , "digest": "sha256:ba7c544469e514f1a9a4dec59ab640540d50992b288adbb34a1a63c45bf19a24" , "size": 622796 }, { "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip" , "digest": "sha256:15705ab016593987662839b40f5a22fd1032996c90808d4a1371eb46974017d5" , ... ] } Unique identifiers

  44. github.com/GoogleContainerTools/jib distroless application layers application layers Jib image github.com/GoogleContainerTools/distroless

  45. github.com/GoogleContainerTools/jib Speed

  46. github.com/GoogleContainerTools/jib Docker registry Set of layers, container configurations, and manifests

    build 100MB layer 50MB layer registry send

  47. github.com/GoogleContainerTools/jib Docker registry Set of layers, container configurations, and manifests

    build 100MB layer 50MB layer registry cached send

  48. github.com/GoogleContainerTools/jib Docker registry Set of layers, container configurations, and manifests

    build 100MB layer 40MB layer registry 9MB layer 1MB layer

  49. github.com/GoogleContainerTools/jib 1MB layer Docker registry Set of layers, container configurations,

    and manifests build 100MB layer 40MB layer registry 9MB layer send

  50. github.com/GoogleContainerTools/jib Jib does an optimized build like FROM gcr.io/distroless/java COPY

    target/dependencies /app/dependencies COPY target/resources /app/resources COPY target/classes /app/classes ENTRYPOINT java -cp /app/dependencies/*:/app/resources:/app/classes my.app.Main

  51. github.com/GoogleContainerTools/jib Jib vs Docker

  52. github.com/GoogleContainerTools/jib Jib vs Docker

  53. github.com/GoogleContainerTools/jib Reproducibility

  54. github.com/GoogleContainerTools/jib Why reproducible ? Version Control Reduce variation between prod

    and dev

  55. github.com/GoogleContainerTools/jib How? Wipe metadata that vary between builds Timestamps Users

    Groups

  56. github.com/GoogleContainerTools/jib Possibilities for a container “compiler”

  57. github.com/GoogleContainerTools/jib Possibilities for a container “compiler” Smart inferences Container optimizations

    Even faster builds Smaller images Tools for running the container Run and debug on Kubernetes

  58. github.com/GoogleContainerTools/jib Demo $ gcloud container clusters create jib-demo

  59. github.com/GoogleContainerTools/jib Project kubernetes-dev:debug

  60. github.com/GoogleContainerTools/jib The Future More containerization tools and Java library for

    building container images Release Maven/Gradle plugin for run and debug on Kubernetes (with Skaffold) Be able to write code and have it run automatically in a distributed container cluster ...

  61. github.com/GoogleContainerTools/jib github.com/GoogleContainerTools/distroless saturnism.me/talk/docker-tips-and-tricks