Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Container Standards & Kubernetes

Ian Lewis
April 14, 2017
Technology
0
680

Container Standards & Kubernetes

Standards for containers has been seen as a fraught and confusing topic. In this talk I hope to dispel some of the confusion and highlight the progress being made on standards. Attendees will learn about what container standards are out there, and how they fit together. They will come away why containers are important for the future of the container ecosystem. I will discuss container standards and why they are important. I will introduce the Open Containers Initiative (OCI), what it is, and what it hopes to accomplish. I will also discuss cri-o, a tool that provides integration between OCI compliant container runtimes and Kubernetes, and how to use it in your clusters.

Ian Lewis

April 14, 2017
Tweet

More Decks by Ian Lewis

See All by Ian Lewis
Kubernetes Security Best Practices
ianlewis
39
26k
The Enemy Within: Running untrusted code in Kubernetes
ianlewis
0
1.1k
The Enemy Within: Running untrusted code with gVisor
ianlewis
4
790
KubeCon EU Runtime Track Recap
ianlewis
3
1.4k
コンテナによるNoOpsオートメーション
ianlewis
2
130
Google Kubernetes Engine 概要 & アップデート @ GCPUG Kansai Summit Day 2018
ianlewis
2
760
Extending Kubernetes with Custom Resources and Operator Frameworks
ianlewis
10
3.4k
Kubernetesのセキュリティのベストプラクティス
ianlewis
12
16k
Scheduling and Resource Management in Kubernetes
ianlewis
2
1.3k

Other Decks in Technology

See All in Technology
仲間から嫌われがちだった私が、アジャイルに出会い、仲間から慕われるようになるまでの道のり / I was often disliked by my peers, but then I met Agile, How I came to be admired by my peers
pauli
0
400
Now we're all Cloud Natives, what's next?
ahrkrak
2
120
Jetpack Glanceではじめる Material 3のColor
mochico
0
550
KubernetesにおけるSBOMを利用した脆弱性管理/Vulnerability_Management_with_SBOM_in_Kubernetes
takumakume
0
290
PHPからはじめるコンピュータア ーキテクチャ / PHP Meets Silicon: A Fun Dive into Computer Structures
tomzoh
3
180
PhpStorm最新情報
AIとnew UI、便利プラグイン #phpcon_okinawa
yusuke
0
150
LINE 平台與開發生態系介紹
line_developers_tw
PRO
0
230
dojo230914
mitsuakitohei
1
190
Microsoft Azure Well-Architected Framework でセキュアに
masakamayama
1
160
2023 CSS
nishiharatsubasa
3
2.3k
DroidKaigi 2023
keiji
0
320
Postmanで始めるAI・機械学習プラットフォームHugging Face
nagix
1
170

Featured

See All Featured
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
49
15k
Optimizing for Happiness
mojombo
368
67k
Building Effective Engineering Teams - LeadDev
addyosmani
20
920
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
41
11k
Learning to Love Humans: Emotional Interface Design
aarron
265
38k
Statistics for Hackers
jakevdp
787
210k
Robots, Beer and Maslow
schacon
154
7.6k
A Philosophy of Restraint
colly
195
15k
The Web Native Designer (August 2011)
paulrobertlloyd
78
2.6k
From Idea to $5000 a Month in 5 Months
shpigford
376
45k
Being A Developer After 40
akosma
52
580k
Six Lessons from altMBA
skipperchong
17
2.6k

Transcript

  1. Container Standards &
    Kubernetes
    IanMLewis@

    View Slide

  2. Component A Component B

    View Slide

  3. Component A Component B
    API

    View Slide

  4. View Slide

  5. Key Takeaways

    Docker (Docker CE, containerd, whatever) != containers

    Containers are just another tech. They need standards.

    With clusters, containers are (mostly) irrelevant.

    View Slide

  6. View Slide

  7. OS API
    int * array = malloc(10 * sizeof(int));
    if (array == NULL) {
    fprintf(stderr, "malloc failed\n");
    return(-1);
    }

    View Slide

  8. 100 MB
    1 Core
    eth0
    500 MB
    2 Core
    eth0
    eth1
    50 MB
    1 Core
    eth0
    eth1
    eth2

    View Slide

  9. eth0
    eth1
    eth2
    100 MB
    1 Core
    500 MB
    2 Core
    eth0
    eth1
    50 MB
    1 Core
    Process 1
    Process 2
    Process 3 Process 4
    Process 5

    View Slide

  10. View Slide

  11. Use Cases

    Build tools

    Image registries

    Testing/Security tools

    CI/CD tools

    Container orchestrators

    View Slide

  12. View Slide

  13. OCI

    runtime-spec

    image-spec

    View Slide

  14. runtime-spec

    How to run a container from a “filesystem bundle”

    runc ...basically

    View Slide

  15. image-spec

    File format for container images

    How to unpack into a “filesystem bundle”

    View Slide

  16. image-spec

    File format for container images

    How to unpack into a “filesystem bundle”

    View Slide

  17. Clusters

    Cluster level APIs for containers

    Allow you to deploy containers across many machines

    View Slide

  18. View Slide

  19. Container Runtime Interface

    Interface between container runtimes and Kubernetes

    Developed so runtimes could easily integrate with
    Kubernetes

    View Slide

  20. View Slide

  21. Kubelet
    ocid
    Container
    Container
    Container
    。。。

    View Slide

  22. Kubelet
    ocid
    Container
    Container
    Container
    。。。
    CRI OCI

    View Slide

  23. Kubelet
    rkt
    Container
    Container
    Container
    。。。
    CRI

    View Slide

  24. Kubelet
    containerd
    Container
    Container
    Container
    。。。
    CRI

    View Slide

  25. Kubelet
    ocid
    Container
    Container
    Container
    。。。
    CRI OCI

    View Slide

  26. Clusters

    Cluster level APIs for containers

    APIs don’t change depending on the runtime

    View Slide

  27. API
    Container
    Cluster

    View Slide

  28. Benefits

    Interoperability

    View Slide

  29. Thanks!

    View Slide