Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Since last we met: Opening Note
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Josh Wood
May 09, 2016
Technology
1
97
Since last we met: Opening Note
CoreOS Fest San Francisco, 111 Minna Gallery:
http://www.meetup.com/coreos/events/230147579/
Josh Wood
May 09, 2016
Tweet
Share
More Decks by Josh Wood
See All by Josh Wood
OpenShift and Kubernetes
joshix
0
200
SRE Principle and Operator Practice
joshix
0
850
Operator Hub and your Kubernetes Cluster
joshix
0
510
Operators are about automation
joshix
0
150
Automating Stateful Applications with Kubernetes Operators
joshix
0
190
Developing Apps on OpenShift
joshix
0
68
Intro to building Kubernetes Operators
joshix
1
130
Kubernetes Operators for App Developers
joshix
0
78
Kubernetes Operators
joshix
0
130
Other Decks in Technology
See All in Technology
データの整合性を保ちたいだけなんだ
shoheimitani
8
3.1k
予期せぬコストの急増を障害のように扱う――「コスト版ポストモーテム」の導入とその後の改善
muziyoshiz
1
2k
20260208_第66回 コンピュータビジョン勉強会
keiichiito1978
0
150
制約が導く迷わない設計 〜 信頼性と運用性を両立するマイナンバー管理システムの実践 〜
bwkw
3
960
日本の85%が使う公共SaaSは、どう育ったのか
taketakekaho
1
230
AIと新時代を切り拓く。これからのSREとメルカリIBISの挑戦
0gm
0
2.4k
Bedrock PolicyでAmazon Bedrock Guardrails利用を強制してみた
yuu551
0
240
We Built for Predictability; The Workloads Didn’t Care
stahnma
0
140
AIエージェントを開発しよう!-AgentCore活用の勘所-
yukiogawa
0
170
Claude_CodeでSEOを最適化する_AI_Ops_Community_Vol.2__マーケティングx_AIはここまで進化した.pdf
riku_423
2
590
マーケットプレイス版Oracle WebCenter Content For OCI
oracle4engineer
PRO
5
1.6k
配列に見る bash と zsh の違い
kazzpapa3
3
160
Featured
See All Featured
Sam Torres - BigQuery for SEOs
techseoconnect
PRO
0
190
B2B Lead Gen: Tactics, Traps & Triumph
marketingsoph
0
55
Rails Girls Zürich Keynote
gr2m
96
14k
HDC tutorial
michielstock
1
380
Getting science done with accelerated Python computing platforms
jacobtomlinson
2
120
From π to Pie charts
rasagy
0
120
職位にかかわらず全員がリーダーシップを発揮するチーム作り / Building a team where everyone can demonstrate leadership regardless of position
madoxten
57
50k
Kristin Tynski - Automating Marketing Tasks With AI
techseoconnect
PRO
0
140
Making Projects Easy
brettharned
120
6.6k
The Spectacular Lies of Maps
axbom
PRO
1
520
Fashionably flexible responsive web design (full day workshop)
malarkey
408
66k
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
konakalab
0
350
Transcript
Since last we met... Josh Wood | @joshixisjosh9 |
[email protected]
DocOps, CoreOS
MISSION Secure the Internet
MISSION Secure {the infrastructure that powers} the Internet
STRATEGY Accelerate with Open Source
SUCCESS 1000s Have Contributed to CoreOS Projects
All of You We Look Forward to Working with You
Coreos & Event Staff From New York, Berlin, and San
Francisco
NEW TECHNOLOGY Updates and Announcements
ETCD v3.0 BETA Efficient and Scalable
Punishing Functional Tests
Punishing Functional Tests
Punishing Functional Tests
gRPC Based API ~4x Faster vs JSON HTTP/2 Improves Efficiency
New Storage Engine Scales to GB of Data Consistent Performance
Continuous Snapshots
etcd v3 will support Kubernetes as it scales to 5.000
nodes and beyond
BETA AVAILABLE TODAY github.com/coreos/etcd
QUAYCTL BitTorrent Container Image Pulls
Image Layers foo-filesystem.tar.gz bar-filesystem.tar.gz meh-filesystem.tar.gz Image metadata Image binary data
{ {“id”: “foo”}, {“id”: “bar”, “meta”: “data”}, {“id”: “meh”, “meta”: “data”}, }
Pulling Layers $ rkt fetch docker://quay.io/ex/app:v1.0 Fetch layer1: 51.4 MB/51.4
MB Fetch layer4: 97 B/97 B Fetch layer5: 2.7 MB/3.2 MB … ~120MB in Total
Squashed Image Layers { {“id”: “meh”, “meta”: “data”}, } meh
Image metadata Image binary data foo bar
Pulling Squashed Layers $ rkt fetch docker://quay.io/ex/app:v1.0 Fetch layer1: 81.2
MB/81.2 MB …
SIZE SAVINGS Many ~50% Smaller
BitTorrent with quayctl $ quayctl rkt torrent pull \ quay.io/coreos/clair
AVAILABLE TODAY github.com/coreos/quayctl
JWTPROXY Service to Service Authentication
JWTPROXY Service to Service Authentication Micro Service Micro Service
SECURITY SCANNING
CVE-2015-0235 GHOST
None
None
None
bt tracker
jwtproxy Use HTTP auth headers Negotiate load balancers Compatible with
TLS infrastructure
JWTPROXY AVAILABLE TODAY github.com/coreos/jwtproxy
CVE-2015-0235 66 % of analyzed images on Quay.io
Security Scanning In Quay Enterprise
AVAILABLE TODAY quay.io/plans
OPEN CONTAINER INITIATIVE A Global Shipping Standard
OCI Image Format Spec Maintainers from Across Industry Best of
Docker Image and appc Image Registry Support in the Coming Months
OCI IMAGE v0.1.0 github.com/opencontainers/image-spec
rkt 1.0: February 2016 github.com/coreos/rkt • Modern security best practices
• Modular, composable with well-known tools • ACI, Docker; OCI support as available • Current: v1.5 • Alternate Kubernetes container engine, “rktnetes”
LET'S KEEP BUILDING For Production, Scale, and Security
Thank you! Until we meet again... @joshixisjosh9 |
[email protected]
DocOps,
CoreOS
joshix
shoheimitani
muziyoshiz
keiichiito1978
bwkw
taketakekaho
0gm
yuu551
stahnma
yukiogawa
riku_423
oracle4engineer
kazzpapa3
techseoconnect
marketingsoph
gr2m
michielstock
jacobtomlinson
rasagy
madoxten
brettharned
axbom
malarkey
konakalab
![Since last we met... Josh Wood | @joshixisjosh9 | [email protected]](https://files.speakerdeck.com/presentations/ffc05bf635114417868ff11dab3e1c67/slide_0.jpg){kind=link}
![Thank you! Until we meet again... @joshixisjosh9 | [email protected] DocOps,](https://files.speakerdeck.com/presentations/ffc05bf635114417868ff11dab3e1c67/slide_42.jpg){kind=link}