Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Build Containers: The Hard Way, the Easy Way an...

Kyle Quest
March 07, 2025
0
140

Build Containers: The Hard Way, the Easy Way and the Other Ways :-)

SCaLE 22x Conference talk: "Many Ways of Building Containers: From Manual to Transparently Built On-Demand Containers" - https://www.socallinuxexpo.org/scale/22x/presentations/many-ways-building-containers-manual-transparently-built-demand-containers

Ever wondered how container images are organized? Are you curious why some containers take forever to load and start while other containers start right away? Did you know that "docker build" is not the only way to build container images? Did you know that you can build containers without Docker? Do you want to learn how to build container images without any container tools?

You'll see what happens when you start a container and the container image is not available locally. Normally container images need to be fully loaded before the container can start its execution. We'll discover what can be done to start running containers before their images are fully loaded.

You'll also see how to create a container image manually using a text editor and the tar utility.

At the end we explore different container tools to build container images locally and in the cloud including the tools that let you build container images on demand when you execute the "docker run" command.

Kyle Quest

March 07, 2025
Tweet

More Decks by Kyle Quest

See All by Kyle Quest
Malicious Compliance Automated: When You Have 4000 Vulnerabilities and only 24 Hours Before Release
kcq
0
16
How to get Slim with SOCI and Star(g)s: Minifying Containers with Lazy Image Loading in ContainerD
kcq
1
210
Improving Developer Experience with Containers: Making it Easy to Understand, Optimize, and Troubleshoot Your Containers
kcq
0
55
Building a Tool to Debug Minimal Container Images in Kubernetes, Docker and ContainerD
kcq
0
400
Simplifying the Journey of Your Containerized Application from Dev to Production
kcq
0
180

Featured

See All Featured
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
160
15k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
28
1.9k
Facilitating Awesome Meetings
lara
53
6.3k
Practical Orchestrator
shlominoach
186
10k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
666
120k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.3k
4 Signs Your Business is Dying
shpigford
183
22k
Optimizing for Happiness
mojombo
377
70k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.7k
Build your cross-platform service in a week with App Engine
jlugia
229
18k
The Art of Programming - Codeland 2020
erikaheidi
53
13k
Git: the NoSQL Database
bkeepers
PRO
429
65k

Transcript

  1. Build Containers: The Hard Way, the Easy Way and the

    Other Ways :-)

  2. KYLE QUEST • Created DockerSlim (aka SlimToolkit/minToolkit) • Good Dockerfiles

    project • Founder/CEO, Autonomous Layer (aka AutonomousPlane) • Founder/CTO, Slim.AI • https://linktr.ee/kcqon

  3. Same Size, Different Load Time! What’s Going On?

  4. Let’s Start the Journey! Let’s Create a Container!

  5. What’s in the Container? OCI Image Spec TLDR

  6. Build Containers By Hand… How Hard Is It? • Create

    the layer archive (tar + gzip) ◦ Generate SHA256 for it ◦ Calculate layer archive file size ◦ Rename layer with SHA256 ◦ Generate uncompressed SHA256 for layer archive to use as DiffID in config • Create the (runtime param) config file (which parts do we really need?) , ◦ Generate SHA256 for it ◦ Calculate config file size ◦ Rename config file with SHA256 • Create the image manifest ◦ Use config file SHA256 and size ◦ Use layer archive SHA256 and size ◦ Generate SHA256 for image manifest ◦ Calculate image manifest file size ◦ rename image manifest file with SHA256 • Create index.json ◦ Use image manifest file SHA256 and size • Create the static oci-layout file

  7. Build Containers By Hand… Can We Cheat?

  8. Enough Doing it the Hard Way… Let’s Use Tools! We’ll

    cover: • Buildpacks • NixPacks • Nixery • Kontain.me • MinToolkit / Mint (aka DockerSlim) - already covered some of it But we’ll skip: • BuildKit - You are using it when you are using Docker (custom frontends deserve their own talk :-)) • Nix - has several ways to build containers (Nix is its own world, HB2E) • ko - Golang only (language specific) • JIB - Java only (language specific) • Kaniko - to do container builds in Kubernetes • Podman/Buildah - Same as Docker, but a bit buggy / less compatible :-)

  9. Building Images with Buildpacks • https://buildpacks.io • Builds application source

    and generates a container • PaaS origins (Heroku), needs a Procfile or special config

  10. Building Images with NixPacks • https://nixpacks.com (made by Railway) •

    App source + Nix packages + Docker = Image • Buildpacks that don’t suck :-) • Also generates a Dockerfile (if you want, but it has Nix)

  11. Building Images with Nixery • https://nixery.dev • Ad-hoc container image

    registry that provides packages from the Nix package manager • Find packages here: https://search.nixos.org/packages

  12. Building Images with Kontain.me • https://github.com/imjasonh/kontain.me/tree/main/cmd/apko • Like Nixery, but

    with Wolfi libc-based apk packages • Used to use Alpine musl-based apk package

  13. How Can We Build Containers That Load Fast?

  14. Lazy Loaded Containers with eStargz

  15. Building Lazy Loaded eStargz Containers

  16. None

  17. Thank You!

  18. Useful References • https://github.com/mintoolkit/mint - Current DockerSlim repo (old is

    for support only) • https://buildpacks.io • https://nixpacks.com • https://nixery.dev • https://lima-vm.io - Nerdctl CLI and Lima VM for Docker/Containerd • https://oci.dag.dev - Explore container image registry data • https://ima.ge.cx - Explore container images online