Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Since last we met: Opening Note
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Josh Wood
May 09, 2016
Technology
98
1
Share
Since last we met: Opening Note
CoreOS Fest San Francisco, 111 Minna Gallery:
http://www.meetup.com/coreos/events/230147579/
Josh Wood
May 09, 2016
More Decks by Josh Wood
See All by Josh Wood
OpenShift and Kubernetes
joshix
0
210
SRE Principle and Operator Practice
joshix
0
890
Operator Hub and your Kubernetes Cluster
joshix
0
520
Operators are about automation
joshix
0
160
Automating Stateful Applications with Kubernetes Operators
joshix
0
190
Developing Apps on OpenShift
joshix
0
76
Intro to building Kubernetes Operators
joshix
1
130
Kubernetes Operators for App Developers
joshix
0
87
Kubernetes Operators
joshix
0
140
Other Decks in Technology
See All in Technology
EMから幅を広げるために最近挑戦していること / Recent challenges I'm undertaking to expand my horizons beyond EM
hiro_torii
1
180
ServiceNow Knowledge 26 の歩き方
manarobot
0
340
20260428_Product Management Summit_tadokoroyoshiro
tadokoro_yoshiro
15
18k
AI와 협업하는 조직으로의 여정
arawn
0
590
2026年春のAgentCoreアプデ 細かいやつ全部まとめ
minorun365
3
140
AI時代に越境し、 組織を変えるQAスキルの正体 / QA Skills for Transforming an Organization
mii3king
5
3.7k
Agent の「自由」と「安全」〜未来に向けて今できること〜
katayan
0
330
[Oracle TechNight#99] 生成AI時代のAI/ML入門 ~ AIとオラクルデータベースの関係 (前半)
oracle4engineer
PRO
2
220
大学職員のための生成AI最前線 :最前線を、AIガバナンスとして読み直すためのTips
gmoriki
2
3.5k
AndroidアプリとCopilot Studioの統合
nakasho
0
200
アクセシビリティはすべての人のもの
tomokusaba
0
250
世界の中心でApp Runnerを叫ぶ FINAL
tsukuboshi
0
230
Featured
See All Featured
Evolving SEO for Evolving Search Engines
ryanjones
0
190
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3.3k
Designing for Timeless Needs
cassininazir
0
210
Taking LLMs out of the black box: A practical guide to human-in-the-loop distillation
inesmontani
PRO
3
2.2k
The Illustrated Guide to Node.js - THAT Conference 2024
reverentgeek
1
340
sira's awesome portfolio website redesign presentation
elsirapls
0
230
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
47
8.1k
Redefining SEO in the New Era of Traffic Generation
szymonslowik
1
290
Jess Joyce - The Pitfalls of Following Frameworks
techseoconnect
PRO
1
140
Hiding What from Whom? A Critical Review of the History of Programming languages for Music
tomoyanonymous
2
790
More Than Pixels: Becoming A User Experience Designer
marktimemedia
3
390
Done Done
chrislema
186
16k
Transcript
Since last we met... Josh Wood | @joshixisjosh9 |
[email protected]
DocOps, CoreOS
MISSION Secure the Internet
MISSION Secure {the infrastructure that powers} the Internet
STRATEGY Accelerate with Open Source
SUCCESS 1000s Have Contributed to CoreOS Projects
All of You We Look Forward to Working with You
Coreos & Event Staff From New York, Berlin, and San
Francisco
NEW TECHNOLOGY Updates and Announcements
ETCD v3.0 BETA Efficient and Scalable
Punishing Functional Tests
Punishing Functional Tests
Punishing Functional Tests
gRPC Based API ~4x Faster vs JSON HTTP/2 Improves Efficiency
New Storage Engine Scales to GB of Data Consistent Performance
Continuous Snapshots
etcd v3 will support Kubernetes as it scales to 5.000
nodes and beyond
BETA AVAILABLE TODAY github.com/coreos/etcd
QUAYCTL BitTorrent Container Image Pulls
Image Layers foo-filesystem.tar.gz bar-filesystem.tar.gz meh-filesystem.tar.gz Image metadata Image binary data
{ {“id”: “foo”}, {“id”: “bar”, “meta”: “data”}, {“id”: “meh”, “meta”: “data”}, }
Pulling Layers $ rkt fetch docker://quay.io/ex/app:v1.0 Fetch layer1: 51.4 MB/51.4
MB Fetch layer4: 97 B/97 B Fetch layer5: 2.7 MB/3.2 MB … ~120MB in Total
Squashed Image Layers { {“id”: “meh”, “meta”: “data”}, } meh
Image metadata Image binary data foo bar
Pulling Squashed Layers $ rkt fetch docker://quay.io/ex/app:v1.0 Fetch layer1: 81.2
MB/81.2 MB …
SIZE SAVINGS Many ~50% Smaller
BitTorrent with quayctl $ quayctl rkt torrent pull \ quay.io/coreos/clair
AVAILABLE TODAY github.com/coreos/quayctl
JWTPROXY Service to Service Authentication
JWTPROXY Service to Service Authentication Micro Service Micro Service
SECURITY SCANNING
CVE-2015-0235 GHOST
None
None
None
bt tracker
jwtproxy Use HTTP auth headers Negotiate load balancers Compatible with
TLS infrastructure
JWTPROXY AVAILABLE TODAY github.com/coreos/jwtproxy
CVE-2015-0235 66 % of analyzed images on Quay.io
Security Scanning In Quay Enterprise
AVAILABLE TODAY quay.io/plans
OPEN CONTAINER INITIATIVE A Global Shipping Standard
OCI Image Format Spec Maintainers from Across Industry Best of
Docker Image and appc Image Registry Support in the Coming Months
OCI IMAGE v0.1.0 github.com/opencontainers/image-spec
rkt 1.0: February 2016 github.com/coreos/rkt • Modern security best practices
• Modular, composable with well-known tools • ACI, Docker; OCI support as available • Current: v1.5 • Alternate Kubernetes container engine, “rktnetes”
LET'S KEEP BUILDING For Production, Scale, and Security
Thank you! Until we meet again... @joshixisjosh9 |
[email protected]
DocOps,
CoreOS
joshix
.jpg){kind=avatar}
hiro_torii
manarobot
tadokoro_yoshiro
arawn
minorun365
mii3king
katayan
oracle4engineer
gmoriki
nakasho
tomokusaba
tsukuboshi
ryanjones
tammyeverts
cassininazir
inesmontani
reverentgeek
elsirapls
eileencodes
szymonslowik
techseoconnect
tomoyanonymous
marktimemedia
chrislema
![Since last we met... Josh Wood | @joshixisjosh9 | [email protected]](https://files.speakerdeck.com/presentations/ffc05bf635114417868ff11dab3e1c67/slide_0.jpg){kind=link}
![Thank you! Until we meet again... @joshixisjosh9 | [email protected] DocOps,](https://files.speakerdeck.com/presentations/ffc05bf635114417868ff11dab3e1c67/slide_42.jpg){kind=link}