Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Since last we met: Opening Note
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Josh Wood
May 09, 2016
Technology
1
97
Since last we met: Opening Note
CoreOS Fest San Francisco, 111 Minna Gallery:
http://www.meetup.com/coreos/events/230147579/
Josh Wood
May 09, 2016
Tweet
Share
More Decks by Josh Wood
See All by Josh Wood
OpenShift and Kubernetes
joshix
0
210
SRE Principle and Operator Practice
joshix
0
860
Operator Hub and your Kubernetes Cluster
joshix
0
510
Operators are about automation
joshix
0
160
Automating Stateful Applications with Kubernetes Operators
joshix
0
190
Developing Apps on OpenShift
joshix
0
72
Intro to building Kubernetes Operators
joshix
1
130
Kubernetes Operators for App Developers
joshix
0
81
Kubernetes Operators
joshix
0
130
Other Decks in Technology
See All in Technology
AI時代のSaaSとETL
shoe116
1
170
頼れる Agentic AI を支える Datadog のオブザーバビリティ / Powering Reliable Agentic AI with Datadog Observability
aoto
PRO
0
180
AWS DevOps Agent vs SRE俺 / AWS DevOps Agent vs me, the SRE
sms_tech
3
880
Tebiki Engineering Team Deck
tebiki
0
27k
OpenClaw を Amazon Lightsail で動かす理由
uechishingo
0
130
AI時代の「本当の」ハイブリッドクラウド — エージェントが実現した、あの頃の夢
ebibibi
0
130
JAWS Days 2026 楽しく学ぼう! 認証認可 入門/20260307-jaws-days-novice-lane-auth
opelab
11
2.3k
[JAWSDAYS2026][D8]その起票、愛が足りてますか?AWSサポートを味方につける、技術的「ラブレター」の書き方
hirosys_
3
190
マルチアカウント環境でSecurity Hubの運用!導入の苦労とポイント / JAWS DAYS 2026
genda
0
780
GCASアップデート(202601-202603)
techniczna
0
190
僕、S3 シンプルって名前だけど全然シンプルじゃありません よろしくお願いします
yama3133
1
220
ReactのdangerouslySetInnerHTMLは“dangerously”だから危険 / Security.any #09 卒業したいセキュリティLT
flatt_security
0
160
Featured
See All Featured
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
GraphQLの誤解/rethinking-graphql
sonatard
75
11k
Making the Leap to Tech Lead
cromwellryan
135
9.8k
Producing Creativity
orderedlist
PRO
348
40k
Crafting Experiences
bethany
1
88
How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.
livdayseo
0
85
New Earth Scene 8
popppiees
1
1.7k
How to make the Groovebox
asonas
2
2k
Measuring Dark Social's Impact On Conversion and Attribution
stephenakadiri
1
160
The Cult of Friendly URLs
andyhume
79
6.8k
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
150
We Analyzed 250 Million AI Search Results: Here's What I Found
joshbly
1
980
Transcript
Since last we met... Josh Wood | @joshixisjosh9 |
[email protected]
DocOps, CoreOS
MISSION Secure the Internet
MISSION Secure {the infrastructure that powers} the Internet
STRATEGY Accelerate with Open Source
SUCCESS 1000s Have Contributed to CoreOS Projects
All of You We Look Forward to Working with You
Coreos & Event Staff From New York, Berlin, and San
Francisco
NEW TECHNOLOGY Updates and Announcements
ETCD v3.0 BETA Efficient and Scalable
Punishing Functional Tests
Punishing Functional Tests
Punishing Functional Tests
gRPC Based API ~4x Faster vs JSON HTTP/2 Improves Efficiency
New Storage Engine Scales to GB of Data Consistent Performance
Continuous Snapshots
etcd v3 will support Kubernetes as it scales to 5.000
nodes and beyond
BETA AVAILABLE TODAY github.com/coreos/etcd
QUAYCTL BitTorrent Container Image Pulls
Image Layers foo-filesystem.tar.gz bar-filesystem.tar.gz meh-filesystem.tar.gz Image metadata Image binary data
{ {“id”: “foo”}, {“id”: “bar”, “meta”: “data”}, {“id”: “meh”, “meta”: “data”}, }
Pulling Layers $ rkt fetch docker://quay.io/ex/app:v1.0 Fetch layer1: 51.4 MB/51.4
MB Fetch layer4: 97 B/97 B Fetch layer5: 2.7 MB/3.2 MB … ~120MB in Total
Squashed Image Layers { {“id”: “meh”, “meta”: “data”}, } meh
Image metadata Image binary data foo bar
Pulling Squashed Layers $ rkt fetch docker://quay.io/ex/app:v1.0 Fetch layer1: 81.2
MB/81.2 MB …
SIZE SAVINGS Many ~50% Smaller
BitTorrent with quayctl $ quayctl rkt torrent pull \ quay.io/coreos/clair
AVAILABLE TODAY github.com/coreos/quayctl
JWTPROXY Service to Service Authentication
JWTPROXY Service to Service Authentication Micro Service Micro Service
SECURITY SCANNING
CVE-2015-0235 GHOST
None
None
None
bt tracker
jwtproxy Use HTTP auth headers Negotiate load balancers Compatible with
TLS infrastructure
JWTPROXY AVAILABLE TODAY github.com/coreos/jwtproxy
CVE-2015-0235 66 % of analyzed images on Quay.io
Security Scanning In Quay Enterprise
AVAILABLE TODAY quay.io/plans
OPEN CONTAINER INITIATIVE A Global Shipping Standard
OCI Image Format Spec Maintainers from Across Industry Best of
Docker Image and appc Image Registry Support in the Coming Months
OCI IMAGE v0.1.0 github.com/opencontainers/image-spec
rkt 1.0: February 2016 github.com/coreos/rkt • Modern security best practices
• Modular, composable with well-known tools • ACI, Docker; OCI support as available • Current: v1.5 • Alternate Kubernetes container engine, “rktnetes”
LET'S KEEP BUILDING For Production, Scale, and Security
Thank you! Until we meet again... @joshixisjosh9 |
[email protected]
DocOps,
CoreOS
SiteGround - Reliable hosting with speed, security, and support you can count on.
joshix
shoe116
aoto
sms_tech
tebiki
uechishingo
ebibibi
opelab
hirosys_
genda
techniczna
yama3133
flatt_security
caitiem20
sonatard
cromwellryan
orderedlist
bethany
livdayseo
popppiees
asonas
stephenakadiri
andyhume
sabderemane
joshbly
![Since last we met... Josh Wood | @joshixisjosh9 | [email protected]](https://files.speakerdeck.com/presentations/ffc05bf635114417868ff11dab3e1c67/slide_0.jpg){kind=link}
![Thank you! Until we meet again... @joshixisjosh9 | [email protected] DocOps,](https://files.speakerdeck.com/presentations/ffc05bf635114417868ff11dab3e1c67/slide_42.jpg){kind=link}