Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Since last we met: Opening Note
Search
Josh Wood
May 09, 2016
Technology
1
81
Since last we met: Opening Note
CoreOS Fest San Francisco, 111 Minna Gallery:
http://www.meetup.com/coreos/events/230147579/
Josh Wood
May 09, 2016
Tweet
Share
More Decks by Josh Wood
See All by Josh Wood
OpenShift and Kubernetes
joshix
0
140
SRE Principle and Operator Practice
joshix
0
600
Operator Hub and your Kubernetes Cluster
joshix
0
420
Operators are about automation
joshix
0
140
Automating Stateful Applications with Kubernetes Operators
joshix
0
160
Developing Apps on OpenShift
joshix
0
54
Intro to building Kubernetes Operators
joshix
1
110
Kubernetes Operators for App Developers
joshix
0
63
Kubernetes Operators
joshix
0
110
Other Decks in Technology
See All in Technology
Figma Dev Modeで進化するデザインとエンジニアリングの協働 / figma-with-engineering
cyberagentdevelopers
PRO
1
430
サイバーエージェントにおける生成AIのリスキリング施策の取り組み / cyber-ai-reskilling
cyberagentdevelopers
PRO
2
200
スプリントゴールにチームの状態も設定する背景とその効果 / Team state in sprint goals why and impact
kakehashi
2
100
ユーザーの購買行動モデリングとその分析 / dsc-purchase-analysis
cyberagentdevelopers
PRO
2
100
AWS CDKでデータリストアの運用、どのように設計する?~Aurora・EFSの実践事例を紹介~/aws-cdk-data-restore-aurora-efs
mhrtech
4
660
リンクアンドモチベーション ソフトウェアエンジニア向け紹介資料 / Introduction to Link and Motivation for Software Engineers
lmi
4
290k
バクラクにおける可観測性向上の取り組み
yuu26
3
420
初心者に Vue.js を 教えるには
tsukuha
5
390
ガバメントクラウド単独利用方式におけるIaC活用
techniczna
3
270
最速最小からはじめるデータプロダクト / Data Product MVP
amaotone
5
740
「 SharePoint 難しい」ってよく聞くけど、そんなに言うなら8歳の息子に試してもらった
taichinakamura
1
630
プロダクトエンジニアが活躍する環境を作りたくて 事業責任者になった話 ~プロダクトエンジニアの行き着く先~
gimupop
1
480
Featured
See All Featured
Why You Should Never Use an ORM
jnunemaker
PRO
53
9k
Code Reviewing Like a Champion
maltzj
519
39k
Product Roadmaps are Hard
iamctodd
PRO
48
10k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
250
21k
The Straight Up "How To Draw Better" Workshop
denniskardys
232
140k
Mobile First: as difficult as doing things right
swwweet
222
8.9k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
25
1.8k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
126
18k
Learning to Love Humans: Emotional Interface Design
aarron
272
40k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
4
290
How to Think Like a Performance Engineer
csswizardry
19
1.1k
Transcript
Since last we met... Josh Wood | @joshixisjosh9 |
[email protected]
DocOps, CoreOS
MISSION Secure the Internet
MISSION Secure {the infrastructure that powers} the Internet
STRATEGY Accelerate with Open Source
SUCCESS 1000s Have Contributed to CoreOS Projects
All of You We Look Forward to Working with You
Coreos & Event Staff From New York, Berlin, and San
Francisco
NEW TECHNOLOGY Updates and Announcements
ETCD v3.0 BETA Efficient and Scalable
Punishing Functional Tests
Punishing Functional Tests
Punishing Functional Tests
gRPC Based API ~4x Faster vs JSON HTTP/2 Improves Efficiency
New Storage Engine Scales to GB of Data Consistent Performance
Continuous Snapshots
etcd v3 will support Kubernetes as it scales to 5.000
nodes and beyond
BETA AVAILABLE TODAY github.com/coreos/etcd
QUAYCTL BitTorrent Container Image Pulls
Image Layers foo-filesystem.tar.gz bar-filesystem.tar.gz meh-filesystem.tar.gz Image metadata Image binary data
{ {“id”: “foo”}, {“id”: “bar”, “meta”: “data”}, {“id”: “meh”, “meta”: “data”}, }
Pulling Layers $ rkt fetch docker://quay.io/ex/app:v1.0 Fetch layer1: 51.4 MB/51.4
MB Fetch layer4: 97 B/97 B Fetch layer5: 2.7 MB/3.2 MB … ~120MB in Total
Squashed Image Layers { {“id”: “meh”, “meta”: “data”}, } meh
Image metadata Image binary data foo bar
Pulling Squashed Layers $ rkt fetch docker://quay.io/ex/app:v1.0 Fetch layer1: 81.2
MB/81.2 MB …
SIZE SAVINGS Many ~50% Smaller
BitTorrent with quayctl $ quayctl rkt torrent pull \ quay.io/coreos/clair
AVAILABLE TODAY github.com/coreos/quayctl
JWTPROXY Service to Service Authentication
JWTPROXY Service to Service Authentication Micro Service Micro Service
SECURITY SCANNING
CVE-2015-0235 GHOST
None
None
None
bt tracker
jwtproxy Use HTTP auth headers Negotiate load balancers Compatible with
TLS infrastructure
JWTPROXY AVAILABLE TODAY github.com/coreos/jwtproxy
CVE-2015-0235 66 % of analyzed images on Quay.io
Security Scanning In Quay Enterprise
AVAILABLE TODAY quay.io/plans
OPEN CONTAINER INITIATIVE A Global Shipping Standard
OCI Image Format Spec Maintainers from Across Industry Best of
Docker Image and appc Image Registry Support in the Coming Months
OCI IMAGE v0.1.0 github.com/opencontainers/image-spec
rkt 1.0: February 2016 github.com/coreos/rkt • Modern security best practices
• Modular, composable with well-known tools • ACI, Docker; OCI support as available • Current: v1.5 • Alternate Kubernetes container engine, “rktnetes”
LET'S KEEP BUILDING For Production, Scale, and Security
Thank you! Until we meet again... @joshixisjosh9 |
[email protected]
DocOps,
CoreOS