Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Build containers faster with Jib, a Google image build tool for Java applications

57007fa9a005a5dfb163141c67d46c36?s=47 Q Chen
June 14, 2018
Programming
12
6.8k

Build containers faster with Jib, a Google image build tool for Java applications

Watch the talk: https://www.youtube.com/watch?v=H6gR_Cv4yWI

Originally presented at Velocity San Jose 2018 - https://conferences.oreilly.com/velocity/vl-ca/public/schedule/detail/66707

The project is at https://github.com/GoogleContainerTools/jib

57007fa9a005a5dfb163141c67d46c36?s=128

Q Chen

June 14, 2018
Tweet

More Decks by Q Chen

See All by Q Chen
57007fa9a005a5dfb163141c67d46c36?s=48 coollog
3
560

Other Decks in Programming

See All in Programming
8e844e43f029ec38e206a464cf4587b3?s=48 ttskch
1
600
A73cbd4500c4dbc97ad2fba6ad41ae67?s=48 mozamimy
0
190
E6311847f4fe11546a24eec9e7a403a5?s=48 startjapan
4
480
42a6a049ac8f5265f31858a9509217fb?s=48 uhooi
0
140
Fa37be48a20daa155e300c3c07365039?s=48 wisetlaloc
0
240
4d4d0d12c802b5ada024d4016b827125?s=48 kozo002
2
650
D83b3739651001461f48763639b90b50?s=48 mazipan
0
150
8e8410eb785755ae2cb485f85dbab6e8?s=48 hiroga
0
260
06b10e0c3e87349fa6cc74a63493eb9c?s=48 okmttdhr
2
200
0620564f0125b8b3b7f4fe40c10b8b4e?s=48 tattn
6
600
8ad6e0021df0a67faac106fafd918365?s=48 felixcoutinho
2
130
249b3122eee454c0a818bfe7851418e4?s=48 fromkk
1
340

Featured

See All Featured
3d4519fd34b76fb265fc0237f3792bd4?s=48 danielanewman
3
650
0bce06bd06ee7a2c4f5500f25dcf7f18?s=48 paulrobertlloyd
71
3.7k
1177e050db6bafe62885362edf6e3537?s=48 lauravandoore
442
29k
D47656e20ff5e42f125fc5ea0fd636c6?s=48 tmm1
63
10k
96270e4c3e5e9806cf7245475c00b275?s=48 addyosmani
1347
200k
E4f5d494ebdc9e7cce1aecf3ce3e8bc1?s=48 shpigford
166
19k
9952dfcd5d338f8a8e7175c8a8f65fb5?s=48 wjessup
341
16k
9fa239b3154a0169d99ab7bf1422dd12?s=48 marcelosomers
221
15k
A9704266587836f7e784235e5073b93e?s=48 jmmastey
14
810
2f5463832ccb768ccb4a1ca3607c27ef?s=48 jacobian
258
20k
E837d2996f52008ace055a08fbfff992?s=48 frogandcode
129
20k
11c84dff30266b907714802088852677?s=48 jasonvnalue
83
8.3k

Transcript

  1. github.com/GoogleContainerTools/jib Build containers faster with Jib A container image builder

    for Java applications

  2. Our Team Cloud Tools for Java Appu Goundan @loosebazooka Qingyang

    “Q” Chen @coollog

  3. github.com/GoogleContainerTools/jib Containers “Write once, run anywhere”

  4. github.com/GoogleContainerTools/jib Building a Java container

  5. github.com/GoogleContainerTools/jib Me Java Developer Building website for pet clinic Wants

    to containerize the backend Wants container on registry ilovejava.io/petclinic-app

  6. github.com/GoogleContainerTools/jib

  7. So I read some tutorials

  8. github.com/GoogleContainerTools/jib FROM ubuntu:14.04 RUN apt-get update && apt-get install -y

    python-software-properties software-properties-common RUN add-apt-repository ppa:webupd8team/java RUN echo "oracle-java8-installer shared/accepted-oracle-license-v1-1 boolean true" | debconf-set-selections RUN apt-get update && apt-get install -y oracle-java8-installer maven ADD . /usr/local/petclinic RUN cd /usr/local/petclinic && mvn install CMD ["/usr/bin/java" , "-cp", "/usr/local/petclinic/target/petclinic-1.0.jar" , "petclinic.WebServer" ]

  9. So I read some more tutorials

  10. github.com/GoogleContainerTools/jib FROM openjdk:8 COPY target/petclinic-*.jar /app.jar ENTRYPOINT java -jar /app.jar

  11. github.com/GoogleContainerTools/jib Problem: openjdk:8 is 284MB FROM openjdk:8 COPY target/petclinic-*.jar /app.jar

    ENTRYPOINT java -jar /app.jar

  12. Some more searching

  13. github.com/GoogleContainerTools/jib FROM openjdk:8-jre-alpine COPY target/petclinic-*.jar /app.jar ENTRYPOINT java -jar /app.jar

    82 MB

  14. github.com/GoogleContainerTools/jib docs.docker.com/develop/develop-images/dockerfile_best-practices

  15. github.com/GoogleContainerTools/jib ** !target/petclinic-*.jar .dockerignore

  16. Some more tutorials later

  17. github.com/GoogleContainerTools/jib FROM openjdk:8-jre-alpine COPY target/dependencies /app/dependencies COPY target/classes /app/classes ENTRYPOINT

    java -cp /app/dependencies/*:/app/classes petclinic.WebServer $ mvn dependencies:copy-dependencies to target/dependencies/

  18. github.com/GoogleContainerTools/jib ... <build> <plugins> <plugin> <groupId>com.spotify</groupId> <artifactId>docker-maven-plugin </artifactId> <version>1.0.0</version> <configuration>

    <imageName>ilovejava.io/petclinic-app </imageName> <baseImage>gcr.io/distroless/java </baseImage> <entryPoint>["java", "-jar", "/${project.build.finalName}.jar" ]</entryPoint> <resources> <resource> <targetPath>/</targetPath> <directory>${project.build.directory} </directory> <include>${project.build.finalName}.jar </include> </resource> </resources> </configuration> </plugin> </plugins> </build> ...

  19. github.com/GoogleContainerTools/jib What did we do? 1. Write first Dockerfile 2.

    Reduce image size 3. Don’t run installs 4. Use better base image 5. Write .dockerignore 6. Improve incremental speed 7. Switch to use a Maven plugin Order of layers to optimize for cache hits Use of multi-stage builds Understanding Docker cache mechanism and quirks Download and install Docker Have elevated privileges to run Docker daemon saturnism.me/talk/docker-tips-and-tricks

  20. github.com/GoogleContainerTools/jib Containerizing with Docker Project JAR docker Docker Daemon Container

    Image Dockerfile build send build push Registry

  21. github.com/GoogleContainerTools/jib I’m a Java developer, I don’t want to have

    to care about Dockerfiles Some Java Developer Somewhere

  22. github.com/GoogleContainerTools/jib Containerizing, simplified Project Container image build on registry

  23. github.com/GoogleContainerTools/jib Containerizing, simplified PetClinic project ilovejava.io/petclinic-app build

  24. github.com/GoogleContainerTools/jib 1. Apply the plugin. 1. Apply the plugin. 2.

    mvn jib:build Steps: (or gradle jib)

  25. github.com/GoogleContainerTools/jib Demo $ git clone https://github.com/spring-projects/spring-petclinic && cd spring-petclinic $

    ./mvnw compile com.google.cloud.tools:jib-maven-plugin:0.9.7:build \ -Dimage=gcr.io/my-project/petclinic

  26. github.com/GoogleContainerTools/jib Project ilovejava.io/petclinic-app build Docker daemon build Docker context generate

    Advanced Configuration JVM flags OCI image format credentials program arguments

  27. github.com/GoogleContainerTools/jib A “compiler” for containers

  28. github.com/GoogleContainerTools/jib Dockerfile “script” FROM base container image Run commands to

    install dependencies COPY application files over Configure the entrypoint Run the container Produces some layers Produces some layers

  29. github.com/GoogleContainerTools/jib Compile Containerize

  30. github.com/GoogleContainerTools/jib Code Executable Compile

  31. github.com/GoogleContainerTools/jib Code Executable Compile Java Container Containerize

  32. github.com/GoogleContainerTools/jib Code Executable Compile Java Container Containerize Containers are the

    executables of the cloud.

  33. github.com/GoogleContainerTools/jib Java JAR jar

  34. github.com/GoogleContainerTools/jib Java JAR jar Java Container Jib

  35. How Jib Works

  36. github.com/GoogleContainerTools/jib Pure Java Speed What benefits do we get from

    Jib Reproducibility

  37. github.com/GoogleContainerTools/jib Pure Java

  38. github.com/GoogleContainerTools/jib A container image is a directory of files

  39. github.com/GoogleContainerTools/jib Docker Image Format Tarballs that compose into a single

    filesystem Tarball A Tarball B Tarball C /bin /usr /tmp /var /jdk /app.jar

  40. github.com/GoogleContainerTools/jib Docker Image Format Tarballs that compose into a single

    filesystem And a container configuration Tarball A Tarball B Tarball C /bin /usr /tmp /var /jdk /app.jar Environment variables, entrypoint, etc. Container configuration

  41. github.com/GoogleContainerTools/jib { "architecture" : "amd64", "os": "linux", "config": { "Env":

    [], "Entrypoint" : [ "java", "-cp", "/app/libs/*:/app/resources/:/app/classes/" , "com.test.HelloWorld" ] }, "rootfs": { "type": "layers", "diff_ids" : [ "sha256:46e7865bff73b5a0c610bf9f20c91dfafa2518ace8703faaffff551a4773b947" , "sha256:6189abe095d53c1c9f2bfc8f50128ee876b9a5d10f9eda1564e5f5357d6ffe61" , "sha256:e8292403028e724f0c7686ede4cd89180faa85aeb63cd0e7d560e8a459d83afe" , "sha256:ff7666ffd3d45500f4af71f091a603413acb04d028ba03a6698f63819d246cb5" , "sha256:db22fdca5c6344265d841ec106e683fb39914f356fb1d8e69accb466a396dc62" , "sha256:9aa41c013edd2a6311dcdd4d26129b01b3ba0b08c8adb51759c63501a69d27f5" ] } } checksums

  42. github.com/GoogleContainerTools/jib Docker Image Format Tarballs that compose into a single

    filesystem And a container configuration And a manifest Tarball A Tarball B Tarball C /bin /usr /tmp /var /jdk /app.jar Tarballs A, B, C, and the configuration Manifest Environment variables, entrypoint, etc. Container configuration

  43. github.com/GoogleContainerTools/jib { "schemaVersion" : 2, "mediaType": "application/vnd.docker.distribution.manifest.v2+json" , "config": {

    "mediaType": "application/vnd.docker.container.image.v1+json" , "digest": "sha256:181b9f9c20bb2f7f485ffd038140551a758507d6255d46f4f62b3e504948fb86" , "size": 635 }, "layers": [ { "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip" , "digest": "sha256:eb05f3dbdb543cc610527248690575bacbbcebabe6ecf665b189cf18b541e3ca" , "size": 7695857 }, { "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip" , "digest": "sha256:ba7c544469e514f1a9a4dec59ab640540d50992b288adbb34a1a63c45bf19a24" , "size": 622796 }, { "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip" , "digest": "sha256:15705ab016593987662839b40f5a22fd1032996c90808d4a1371eb46974017d5" , ... ] } Unique identifiers

  44. github.com/GoogleContainerTools/jib distroless application layers application layers Jib image github.com/GoogleContainerTools/distroless

  45. github.com/GoogleContainerTools/jib Speed

  46. github.com/GoogleContainerTools/jib Docker registry Set of layers, container configurations, and manifests

    build 100MB layer 50MB layer registry send

  47. github.com/GoogleContainerTools/jib Docker registry Set of layers, container configurations, and manifests

    build 100MB layer 50MB layer registry cached send

  48. github.com/GoogleContainerTools/jib Docker registry Set of layers, container configurations, and manifests

    build 100MB layer 40MB layer registry 9MB layer 1MB layer

  49. github.com/GoogleContainerTools/jib 1MB layer Docker registry Set of layers, container configurations,

    and manifests build 100MB layer 40MB layer registry 9MB layer send

  50. github.com/GoogleContainerTools/jib Jib does an optimized build like FROM gcr.io/distroless/java COPY

    target/dependencies /app/dependencies COPY target/resources /app/resources COPY target/classes /app/classes ENTRYPOINT java -cp /app/dependencies/*:/app/resources:/app/classes my.app.Main

  51. github.com/GoogleContainerTools/jib Jib vs Docker

  52. github.com/GoogleContainerTools/jib Jib vs Docker

  53. github.com/GoogleContainerTools/jib Reproducibility

  54. github.com/GoogleContainerTools/jib Why reproducible ? Version Control Reduce variation between prod

    and dev

  55. github.com/GoogleContainerTools/jib How? Wipe metadata that vary between builds Timestamps Users

    Groups

  56. github.com/GoogleContainerTools/jib Possibilities for a container “compiler”

  57. github.com/GoogleContainerTools/jib Possibilities for a container “compiler” Smart inferences Container optimizations

    Even faster builds Smaller images Tools for running the container Run and debug on Kubernetes

  58. github.com/GoogleContainerTools/jib Demo $ gcloud container clusters create jib-demo

  59. github.com/GoogleContainerTools/jib Project kubernetes-dev:debug

  60. github.com/GoogleContainerTools/jib The Future More containerization tools and Java library for

    building container images Release Maven/Gradle plugin for run and debug on Kubernetes (with Skaffold) Be able to write code and have it run automatically in a distributed container cluster ...

  61. github.com/GoogleContainerTools/jib github.com/GoogleContainerTools/distroless saturnism.me/talk/docker-tips-and-tricks