Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Build containers faster with Jib, a Google image build tool for Java applications

57007fa9a005a5dfb163141c67d46c36?s=47 Q Chen
June 14, 2018
Programming
13
7.5k

Build containers faster with Jib, a Google image build tool for Java applications

Watch the talk: https://www.youtube.com/watch?v=H6gR_Cv4yWI

Originally presented at Velocity San Jose 2018 - https://conferences.oreilly.com/velocity/vl-ca/public/schedule/detail/66707

The project is at https://github.com/GoogleContainerTools/jib

57007fa9a005a5dfb163141c67d46c36?s=128

Q Chen

June 14, 2018
Tweet

More Decks by Q Chen

See All by Q Chen
57007fa9a005a5dfb163141c67d46c36?s=48 coollog
3
610

Other Decks in Programming

See All in Programming
Cf337591106e061c317b6e103c80e961?s=48 brn
0
140
0b26590a0a8b0f1da140ed5de9b68379?s=48 usamik26
0
210
2594ac7ce91fd7d9a3ce71ca7cc2d0c0?s=48 d_date
3
790
8983704dd55e6dbd15b012f744b86927?s=48 adachi
0
280
Cf642b7a99e07f86e6e7ec7a3bb94d87?s=48 uemura
1
310
F9d1e7c494103e9ad73723d4496334f9?s=48 mattdclarke
0
160
384e4d8bab8ac2a5e6f64dab1300c491?s=48 nagano
0
450
Db8a7eb9cf22f26cedce8295a53c8d7c?s=48 kawazu
0
360
Ae276805027a01983503c3edafbdb6b2?s=48 martysuzuki
5
580
9f2edd3fb2cc8feb20221138ca91d9fc?s=48 kuriko
0
270
270b0c7883545117a9a618dc7ca7cc83?s=48 xrdnk
0
660
7eca3e06edc3c69004aaf57de51900c2?s=48 ajstarks
3
5.7k

Featured

See All Featured
3d4519fd34b76fb265fc0237f3792bd4?s=48 danielanewman
210
20k
E195ae45320d9202eaa01c9f1d31a416?s=48 marktimemedia
15
800
7fa6101cd43067653cf4ac6c7ca54305?s=48 akmur
255
20k
433acaea1012b25d97ae66da9b998dad?s=48 malarkey
122
16k
A9704266587836f7e784235e5073b93e?s=48 jmmastey
21
5.2k
96270e4c3e5e9806cf7245475c00b275?s=48 addyosmani
1352
200k
C4de88ea47538e4594750e3861a341c8?s=48 brettharned
97
4k
E6c6e133e74c3b83f04d2861deaa1c20?s=48 searls
208
39k
C620790ae5bf5b50c245b2e0ef95f338?s=48 deanohume
294
28k
1519587b1a0febb658c36c94f6272b0d?s=48 roundedbygravity
85
8.3k
1177e050db6bafe62885362edf6e3537?s=48 lauravandoore
19
2.6k
E43f8dfd01057f8304f5f8fb9a294d7d?s=48 jeffersonlam
336
17k

Transcript

  1. github.com/GoogleContainerTools/jib Build containers faster with Jib A container image builder

    for Java applications

  2. Our Team Cloud Tools for Java Appu Goundan @loosebazooka Qingyang

    “Q” Chen @coollog

  3. github.com/GoogleContainerTools/jib Containers “Write once, run anywhere”

  4. github.com/GoogleContainerTools/jib Building a Java container

  5. github.com/GoogleContainerTools/jib Me Java Developer Building website for pet clinic Wants

    to containerize the backend Wants container on registry ilovejava.io/petclinic-app

  6. github.com/GoogleContainerTools/jib

  7. So I read some tutorials

  8. github.com/GoogleContainerTools/jib FROM ubuntu:14.04 RUN apt-get update && apt-get install -y

    python-software-properties software-properties-common RUN add-apt-repository ppa:webupd8team/java RUN echo "oracle-java8-installer shared/accepted-oracle-license-v1-1 boolean true" | debconf-set-selections RUN apt-get update && apt-get install -y oracle-java8-installer maven ADD . /usr/local/petclinic RUN cd /usr/local/petclinic && mvn install CMD ["/usr/bin/java" , "-cp", "/usr/local/petclinic/target/petclinic-1.0.jar" , "petclinic.WebServer" ]

  9. So I read some more tutorials

  10. github.com/GoogleContainerTools/jib FROM openjdk:8 COPY target/petclinic-*.jar /app.jar ENTRYPOINT java -jar /app.jar

  11. github.com/GoogleContainerTools/jib Problem: openjdk:8 is 284MB FROM openjdk:8 COPY target/petclinic-*.jar /app.jar

    ENTRYPOINT java -jar /app.jar

  12. Some more searching

  13. github.com/GoogleContainerTools/jib FROM openjdk:8-jre-alpine COPY target/petclinic-*.jar /app.jar ENTRYPOINT java -jar /app.jar

    82 MB

  14. github.com/GoogleContainerTools/jib docs.docker.com/develop/develop-images/dockerfile_best-practices

  15. github.com/GoogleContainerTools/jib ** !target/petclinic-*.jar .dockerignore

  16. Some more tutorials later

  17. github.com/GoogleContainerTools/jib FROM openjdk:8-jre-alpine COPY target/dependencies /app/dependencies COPY target/classes /app/classes ENTRYPOINT

    java -cp /app/dependencies/*:/app/classes petclinic.WebServer $ mvn dependencies:copy-dependencies to target/dependencies/

  18. github.com/GoogleContainerTools/jib ... <build> <plugins> <plugin> <groupId>com.spotify</groupId> <artifactId>docker-maven-plugin </artifactId> <version>1.0.0</version> <configuration>

    <imageName>ilovejava.io/petclinic-app </imageName> <baseImage>gcr.io/distroless/java </baseImage> <entryPoint>["java", "-jar", "/${project.build.finalName}.jar" ]</entryPoint> <resources> <resource> <targetPath>/</targetPath> <directory>${project.build.directory} </directory> <include>${project.build.finalName}.jar </include> </resource> </resources> </configuration> </plugin> </plugins> </build> ...

  19. github.com/GoogleContainerTools/jib What did we do? 1. Write first Dockerfile 2.

    Reduce image size 3. Don’t run installs 4. Use better base image 5. Write .dockerignore 6. Improve incremental speed 7. Switch to use a Maven plugin Order of layers to optimize for cache hits Use of multi-stage builds Understanding Docker cache mechanism and quirks Download and install Docker Have elevated privileges to run Docker daemon saturnism.me/talk/docker-tips-and-tricks

  20. github.com/GoogleContainerTools/jib Containerizing with Docker Project JAR docker Docker Daemon Container

    Image Dockerfile build send build push Registry

  21. github.com/GoogleContainerTools/jib I’m a Java developer, I don’t want to have

    to care about Dockerfiles Some Java Developer Somewhere

  22. github.com/GoogleContainerTools/jib Containerizing, simplified Project Container image build on registry

  23. github.com/GoogleContainerTools/jib Containerizing, simplified PetClinic project ilovejava.io/petclinic-app build

  24. github.com/GoogleContainerTools/jib 1. Apply the plugin. 1. Apply the plugin. 2.

    mvn jib:build Steps: (or gradle jib)

  25. github.com/GoogleContainerTools/jib Demo $ git clone https://github.com/spring-projects/spring-petclinic && cd spring-petclinic $

    ./mvnw compile com.google.cloud.tools:jib-maven-plugin:0.9.7:build \ -Dimage=gcr.io/my-project/petclinic

  26. github.com/GoogleContainerTools/jib Project ilovejava.io/petclinic-app build Docker daemon build Docker context generate

    Advanced Configuration JVM flags OCI image format credentials program arguments

  27. github.com/GoogleContainerTools/jib A “compiler” for containers

  28. github.com/GoogleContainerTools/jib Dockerfile “script” FROM base container image Run commands to

    install dependencies COPY application files over Configure the entrypoint Run the container Produces some layers Produces some layers

  29. github.com/GoogleContainerTools/jib Compile Containerize

  30. github.com/GoogleContainerTools/jib Code Executable Compile

  31. github.com/GoogleContainerTools/jib Code Executable Compile Java Container Containerize

  32. github.com/GoogleContainerTools/jib Code Executable Compile Java Container Containerize Containers are the

    executables of the cloud.

  33. github.com/GoogleContainerTools/jib Java JAR jar

  34. github.com/GoogleContainerTools/jib Java JAR jar Java Container Jib

  35. How Jib Works

  36. github.com/GoogleContainerTools/jib Pure Java Speed What benefits do we get from

    Jib Reproducibility

  37. github.com/GoogleContainerTools/jib Pure Java

  38. github.com/GoogleContainerTools/jib A container image is a directory of files

  39. github.com/GoogleContainerTools/jib Docker Image Format Tarballs that compose into a single

    filesystem Tarball A Tarball B Tarball C /bin /usr /tmp /var /jdk /app.jar

  40. github.com/GoogleContainerTools/jib Docker Image Format Tarballs that compose into a single

    filesystem And a container configuration Tarball A Tarball B Tarball C /bin /usr /tmp /var /jdk /app.jar Environment variables, entrypoint, etc. Container configuration

  41. github.com/GoogleContainerTools/jib { "architecture" : "amd64", "os": "linux", "config": { "Env":

    [], "Entrypoint" : [ "java", "-cp", "/app/libs/*:/app/resources/:/app/classes/" , "com.test.HelloWorld" ] }, "rootfs": { "type": "layers", "diff_ids" : [ "sha256:46e7865bff73b5a0c610bf9f20c91dfafa2518ace8703faaffff551a4773b947" , "sha256:6189abe095d53c1c9f2bfc8f50128ee876b9a5d10f9eda1564e5f5357d6ffe61" , "sha256:e8292403028e724f0c7686ede4cd89180faa85aeb63cd0e7d560e8a459d83afe" , "sha256:ff7666ffd3d45500f4af71f091a603413acb04d028ba03a6698f63819d246cb5" , "sha256:db22fdca5c6344265d841ec106e683fb39914f356fb1d8e69accb466a396dc62" , "sha256:9aa41c013edd2a6311dcdd4d26129b01b3ba0b08c8adb51759c63501a69d27f5" ] } } checksums

  42. github.com/GoogleContainerTools/jib Docker Image Format Tarballs that compose into a single

    filesystem And a container configuration And a manifest Tarball A Tarball B Tarball C /bin /usr /tmp /var /jdk /app.jar Tarballs A, B, C, and the configuration Manifest Environment variables, entrypoint, etc. Container configuration

  43. github.com/GoogleContainerTools/jib { "schemaVersion" : 2, "mediaType": "application/vnd.docker.distribution.manifest.v2+json" , "config": {

    "mediaType": "application/vnd.docker.container.image.v1+json" , "digest": "sha256:181b9f9c20bb2f7f485ffd038140551a758507d6255d46f4f62b3e504948fb86" , "size": 635 }, "layers": [ { "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip" , "digest": "sha256:eb05f3dbdb543cc610527248690575bacbbcebabe6ecf665b189cf18b541e3ca" , "size": 7695857 }, { "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip" , "digest": "sha256:ba7c544469e514f1a9a4dec59ab640540d50992b288adbb34a1a63c45bf19a24" , "size": 622796 }, { "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip" , "digest": "sha256:15705ab016593987662839b40f5a22fd1032996c90808d4a1371eb46974017d5" , ... ] } Unique identifiers

  44. github.com/GoogleContainerTools/jib distroless application layers application layers Jib image github.com/GoogleContainerTools/distroless

  45. github.com/GoogleContainerTools/jib Speed

  46. github.com/GoogleContainerTools/jib Docker registry Set of layers, container configurations, and manifests

    build 100MB layer 50MB layer registry send

  47. github.com/GoogleContainerTools/jib Docker registry Set of layers, container configurations, and manifests

    build 100MB layer 50MB layer registry cached send

  48. github.com/GoogleContainerTools/jib Docker registry Set of layers, container configurations, and manifests

    build 100MB layer 40MB layer registry 9MB layer 1MB layer

  49. github.com/GoogleContainerTools/jib 1MB layer Docker registry Set of layers, container configurations,

    and manifests build 100MB layer 40MB layer registry 9MB layer send

  50. github.com/GoogleContainerTools/jib Jib does an optimized build like FROM gcr.io/distroless/java COPY

    target/dependencies /app/dependencies COPY target/resources /app/resources COPY target/classes /app/classes ENTRYPOINT java -cp /app/dependencies/*:/app/resources:/app/classes my.app.Main

  51. github.com/GoogleContainerTools/jib Jib vs Docker

  52. github.com/GoogleContainerTools/jib Jib vs Docker

  53. github.com/GoogleContainerTools/jib Reproducibility

  54. github.com/GoogleContainerTools/jib Why reproducible ? Version Control Reduce variation between prod

    and dev

  55. github.com/GoogleContainerTools/jib How? Wipe metadata that vary between builds Timestamps Users

    Groups

  56. github.com/GoogleContainerTools/jib Possibilities for a container “compiler”

  57. github.com/GoogleContainerTools/jib Possibilities for a container “compiler” Smart inferences Container optimizations

    Even faster builds Smaller images Tools for running the container Run and debug on Kubernetes

  58. github.com/GoogleContainerTools/jib Demo $ gcloud container clusters create jib-demo

  59. github.com/GoogleContainerTools/jib Project kubernetes-dev:debug

  60. github.com/GoogleContainerTools/jib The Future More containerization tools and Java library for

    building container images Release Maven/Gradle plugin for run and debug on Kubernetes (with Skaffold) Be able to write code and have it run automatically in a distributed container cluster ...

  61. github.com/GoogleContainerTools/jib github.com/GoogleContainerTools/distroless saturnism.me/talk/docker-tips-and-tricks