Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Since last we met: Opening Note
Search
Josh Wood
May 09, 2016
Technology
1
94
Since last we met: Opening Note
CoreOS Fest San Francisco, 111 Minna Gallery:
http://www.meetup.com/coreos/events/230147579/
Josh Wood
May 09, 2016
Tweet
Share
More Decks by Josh Wood
See All by Josh Wood
OpenShift and Kubernetes
joshix
0
190
SRE Principle and Operator Practice
joshix
0
760
Operator Hub and your Kubernetes Cluster
joshix
0
480
Operators are about automation
joshix
0
150
Automating Stateful Applications with Kubernetes Operators
joshix
0
180
Developing Apps on OpenShift
joshix
0
62
Intro to building Kubernetes Operators
joshix
1
120
Kubernetes Operators for App Developers
joshix
0
74
Kubernetes Operators
joshix
0
120
Other Decks in Technology
See All in Technology
バイブスに「型」を!Kent Beckに学ぶ、AI時代のテスト駆動開発
amixedcolor
2
580
RSCの時代にReactとフレームワークの境界を探る
uhyo
10
3.5k
要件定義・デザインフェーズでもAIを活用して、コミュニケーションの密度を高める
kazukihayase
0
120
Platform開発が先行する Platform Engineeringの違和感
kintotechdev
4
580
2025年夏 コーディングエージェントを統べる者
nwiizo
0
180
JTCにおける内製×スクラム開発への挑戦〜内製化率95%達成の舞台裏/JTC's challenge of in-house development with Scrum
aeonpeople
0
250
S3アクセス制御の設計ポイント
tommy0124
3
200
「何となくテストする」を卒業するためにプロダクトが動く仕組みを理解しよう
kawabeaver
0
420
CDK CLIで使ってたあの機能、CDK Toolkit Libraryではどうやるの?
smt7174
4
190
20250912_RPALT_データを集める→とっ散らかる問題_Obsidian紹介
ratsbane666
0
100
AWSで始める実践Dagster入門
kitagawaz
1
680
人工衛星のファームウェアをRustで書く理由
koba789
15
8.2k
Featured
See All Featured
Writing Fast Ruby
sferik
628
62k
How to train your dragon (web standard)
notwaldorf
96
6.2k
Why You Should Never Use an ORM
jnunemaker
PRO
59
9.5k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
The Art of Programming - Codeland 2020
erikaheidi
56
13k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
Gamification - CAS2011
davidbonilla
81
5.4k
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Speed Design
sergeychernyshev
32
1.1k
RailsConf 2023
tenderlove
30
1.2k
Optimising Largest Contentful Paint
csswizardry
37
3.4k
BBQ
matthewcrist
89
9.8k
Transcript
Since last we met... Josh Wood | @joshixisjosh9 |
[email protected]
DocOps, CoreOS
MISSION Secure the Internet
MISSION Secure {the infrastructure that powers} the Internet
STRATEGY Accelerate with Open Source
SUCCESS 1000s Have Contributed to CoreOS Projects
All of You We Look Forward to Working with You
Coreos & Event Staff From New York, Berlin, and San
Francisco
NEW TECHNOLOGY Updates and Announcements
ETCD v3.0 BETA Efficient and Scalable
Punishing Functional Tests
Punishing Functional Tests
Punishing Functional Tests
gRPC Based API ~4x Faster vs JSON HTTP/2 Improves Efficiency
New Storage Engine Scales to GB of Data Consistent Performance
Continuous Snapshots
etcd v3 will support Kubernetes as it scales to 5.000
nodes and beyond
BETA AVAILABLE TODAY github.com/coreos/etcd
QUAYCTL BitTorrent Container Image Pulls
Image Layers foo-filesystem.tar.gz bar-filesystem.tar.gz meh-filesystem.tar.gz Image metadata Image binary data
{ {“id”: “foo”}, {“id”: “bar”, “meta”: “data”}, {“id”: “meh”, “meta”: “data”}, }
Pulling Layers $ rkt fetch docker://quay.io/ex/app:v1.0 Fetch layer1: 51.4 MB/51.4
MB Fetch layer4: 97 B/97 B Fetch layer5: 2.7 MB/3.2 MB … ~120MB in Total
Squashed Image Layers { {“id”: “meh”, “meta”: “data”}, } meh
Image metadata Image binary data foo bar
Pulling Squashed Layers $ rkt fetch docker://quay.io/ex/app:v1.0 Fetch layer1: 81.2
MB/81.2 MB …
SIZE SAVINGS Many ~50% Smaller
BitTorrent with quayctl $ quayctl rkt torrent pull \ quay.io/coreos/clair
AVAILABLE TODAY github.com/coreos/quayctl
JWTPROXY Service to Service Authentication
JWTPROXY Service to Service Authentication Micro Service Micro Service
SECURITY SCANNING
CVE-2015-0235 GHOST
None
None
None
bt tracker
jwtproxy Use HTTP auth headers Negotiate load balancers Compatible with
TLS infrastructure
JWTPROXY AVAILABLE TODAY github.com/coreos/jwtproxy
CVE-2015-0235 66 % of analyzed images on Quay.io
Security Scanning In Quay Enterprise
AVAILABLE TODAY quay.io/plans
OPEN CONTAINER INITIATIVE A Global Shipping Standard
OCI Image Format Spec Maintainers from Across Industry Best of
Docker Image and appc Image Registry Support in the Coming Months
OCI IMAGE v0.1.0 github.com/opencontainers/image-spec
rkt 1.0: February 2016 github.com/coreos/rkt • Modern security best practices
• Modular, composable with well-known tools • ACI, Docker; OCI support as available • Current: v1.5 • Alternate Kubernetes container engine, “rktnetes”
LET'S KEEP BUILDING For Production, Scale, and Security
Thank you! Until we meet again... @joshixisjosh9 |
[email protected]
DocOps,
CoreOS