Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Since last we met: Opening Note
Search
Josh Wood
May 09, 2016
Technology
1
94
Since last we met: Opening Note
CoreOS Fest San Francisco, 111 Minna Gallery:
http://www.meetup.com/coreos/events/230147579/
Josh Wood
May 09, 2016
Tweet
Share
More Decks by Josh Wood
See All by Josh Wood
OpenShift and Kubernetes
joshix
0
190
SRE Principle and Operator Practice
joshix
0
750
Operator Hub and your Kubernetes Cluster
joshix
0
480
Operators are about automation
joshix
0
150
Automating Stateful Applications with Kubernetes Operators
joshix
0
180
Developing Apps on OpenShift
joshix
0
62
Intro to building Kubernetes Operators
joshix
1
120
Kubernetes Operators for App Developers
joshix
0
74
Kubernetes Operators
joshix
0
120
Other Decks in Technology
See All in Technology
サンドボックス技術でAI利活用を促進する
koh_naga
0
150
データアナリストからアナリティクスエンジニアになった話
hiyokko_data
2
340
役割は変わっても、変わらないもの 〜スクラムマスターからEMへの転身で学んだ信頼構築の本質〜 / How to build trust
shinop
0
160
衝突して強くなる! BLUE GIANTと アジャイルチームの共通点とは ― いきいきと活気に満ちたグルーヴあるチームを作るコツ ― / BLUE GIANT and Agile Teams
naitosatoshi
0
290
実践データベース設計 ①データベース設計概論
recruitengineers
PRO
4
2k
RSCの時代にReactとフレームワークの境界を探る
uhyo
9
2.2k
Webアクセシビリティ入門
recruitengineers
PRO
3
1.5k
「魔法少女まどか☆マギカ Magia Exedra」のグローバル展開を支える、開発チームと翻訳チームの「意識しない協創」を実現するローカライズシステム
gree_tech
PRO
0
450
コスト削減の基本の「キ」~ コスト消費3大リソースへの対策 ~
smt7174
2
320
Kubernetes における cgroup driver のしくみ: runwasi の bugfix より
z63d
2
120
『FailNet~やらかし共有SNS~』エレベーターピッチ
yokomachi
1
200
AIのグローバルトレンド2025 #scrummikawa / global ai trend
kyonmm
PRO
1
160
Featured
See All Featured
The Straight Up "How To Draw Better" Workshop
denniskardys
236
140k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
49
3k
Scaling GitHub
holman
463
140k
RailsConf 2023
tenderlove
30
1.2k
Fireside Chat
paigeccino
39
3.6k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
185
54k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
161
15k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
4k
Rails Girls Zürich Keynote
gr2m
95
14k
What’s in a name? Adding method to the madness
productmarketing
PRO
23
3.6k
Bash Introduction
62gerente
614
210k
Being A Developer After 40
akosma
90
590k
Transcript
Since last we met... Josh Wood | @joshixisjosh9 |
[email protected]
DocOps, CoreOS
MISSION Secure the Internet
MISSION Secure {the infrastructure that powers} the Internet
STRATEGY Accelerate with Open Source
SUCCESS 1000s Have Contributed to CoreOS Projects
All of You We Look Forward to Working with You
Coreos & Event Staff From New York, Berlin, and San
Francisco
NEW TECHNOLOGY Updates and Announcements
ETCD v3.0 BETA Efficient and Scalable
Punishing Functional Tests
Punishing Functional Tests
Punishing Functional Tests
gRPC Based API ~4x Faster vs JSON HTTP/2 Improves Efficiency
New Storage Engine Scales to GB of Data Consistent Performance
Continuous Snapshots
etcd v3 will support Kubernetes as it scales to 5.000
nodes and beyond
BETA AVAILABLE TODAY github.com/coreos/etcd
QUAYCTL BitTorrent Container Image Pulls
Image Layers foo-filesystem.tar.gz bar-filesystem.tar.gz meh-filesystem.tar.gz Image metadata Image binary data
{ {“id”: “foo”}, {“id”: “bar”, “meta”: “data”}, {“id”: “meh”, “meta”: “data”}, }
Pulling Layers $ rkt fetch docker://quay.io/ex/app:v1.0 Fetch layer1: 51.4 MB/51.4
MB Fetch layer4: 97 B/97 B Fetch layer5: 2.7 MB/3.2 MB … ~120MB in Total
Squashed Image Layers { {“id”: “meh”, “meta”: “data”}, } meh
Image metadata Image binary data foo bar
Pulling Squashed Layers $ rkt fetch docker://quay.io/ex/app:v1.0 Fetch layer1: 81.2
MB/81.2 MB …
SIZE SAVINGS Many ~50% Smaller
BitTorrent with quayctl $ quayctl rkt torrent pull \ quay.io/coreos/clair
AVAILABLE TODAY github.com/coreos/quayctl
JWTPROXY Service to Service Authentication
JWTPROXY Service to Service Authentication Micro Service Micro Service
SECURITY SCANNING
CVE-2015-0235 GHOST
None
None
None
bt tracker
jwtproxy Use HTTP auth headers Negotiate load balancers Compatible with
TLS infrastructure
JWTPROXY AVAILABLE TODAY github.com/coreos/jwtproxy
CVE-2015-0235 66 % of analyzed images on Quay.io
Security Scanning In Quay Enterprise
AVAILABLE TODAY quay.io/plans
OPEN CONTAINER INITIATIVE A Global Shipping Standard
OCI Image Format Spec Maintainers from Across Industry Best of
Docker Image and appc Image Registry Support in the Coming Months
OCI IMAGE v0.1.0 github.com/opencontainers/image-spec
rkt 1.0: February 2016 github.com/coreos/rkt • Modern security best practices
• Modular, composable with well-known tools • ACI, Docker; OCI support as available • Current: v1.5 • Alternate Kubernetes container engine, “rktnetes”
LET'S KEEP BUILDING For Production, Scale, and Security
Thank you! Until we meet again... @joshixisjosh9 |
[email protected]
DocOps,
CoreOS