SlideShare a Scribd company logo

Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies

D
Daniel Oh

Podman, Buildah, and CRI-O are new open source projects that address early concerns with Docker like requiring a daemon, secret handling issues, and root/privileged concerns. Podman is a daemonless container engine that provides a Docker-compatible command line. Buildah is a tool for building OCI container images without needing a daemon. CRI-O implements the Kubernetes Container Runtime Interface for running containers securely in production clusters without daemons.

1 of 42
Downloaded 108 times
The Latest in Linux Containers Technology Podman, Buildah and Quarkus Daniel Oh Open Source Summit Japan 2019 1
About Me danieloh30 Daniel Oh @danieloh30doh@redhat.com ● Principal Technical Product Marketing Manager at Red Hat ○ Cloud Native App Development ○ Agile & DevOps practices ● CNCF Ambassador ● Java Developer ● Opensource.com Moderator ● Public Speaker & Writer
Container tools landscape is changing. Why? INTRODUCTION 3 Since Open Container Initiative (OCI) there are several new projects What needs do these projects address? What are these projects and when should I use them? What speciïŹc security concern does each address? @danieloh30
Early concerns with Docker INTRODUCTION 4 Since the early days enterprise users of Docker had concerns ● Build requires a “big fat” daemon on every host ● Regression for integration with container platforms Kubernetes/OpenShift ● Build has secret handling issues ● Root/privileged concerns at runtime ● Root/privileged concerns with daemon ● Build requires a running container @danieloh30
INTRODUCTION 5 ● Docker, Red Hat et al. June 2015 ● Two speciïŹcations ○ Image format ■ How to package an OCI Image with sufïŹcient information to launch the application on the target platform ○ Runtime ■ How to launch a â€œïŹlesystem bundle” that is unpacked on disk ● Version 1.0 of each released July 19th 2017 ● Distribution spec started in April, 2018. @danieloh30
6 CONTAINERSARELINUX Containers are Linux
CONTAINERS ARE LINUX 7 LXC Initial release Aug ‘08 OpenShift online May ‘11 Container innovation continues 
. Docker initial Mar ‘13 OpenShift Enterprise 3.0 Jun ‘15 OCI CNCF Initial release, Buildah Jun ‘17 Moby Apr ‘17 Sep ‘17 Kubernetes Mid ‘14 Buildah 1.0 Podman New logo May ‘18 buildah.io podman.io Sep ‘18 Buildah Skopeo Podman RHEL May ‘19 Nov ‘15 Mar ‘16 @danieloh30
CONTAINERS ARE LINUX How did Docker change containers? Docker Daemon Image Layers Docker CLI Docker daemon image container registry Base Distro Image App. Package Dependencies App. Package Dependencies Application CLI kernel 8 @danieloh30
9 SKOPEO Skopeo. The ïŹrst break away.
SKOPEO IMAGE COPY WITH SKOPEO ● Built for interfacing with Docker registry ● CLI for images and image registries ● Rejected by upstream Docker ¯_(ツ)_/¯ ● Allows remote inspection of image metadata - no downloading ● Can copy from one storage to another SKOPEO Image Repository Image Registry Host /var/lib/containers or /var/lib/docker SECURITY FEATURES Share securely No daemon Inspect remote images No pulling potentially malicious images Non-root copy. Bridge between registries. 10 @danieloh30
11 PODMAN Podman. The daemonless client for developers and beyond.
PODMAN The new container CLI ● @ podman.io ● Client only tool, based on the Docker CLI. (same+) ● No daemon! ● Storage for ○ Images - containers/image ○ Containers - containers/storage ● Runtime - runc ● Shares state with CRI-O and with Buildah! PODMAN Images Image Registry Containers Kernel SECURITY FEATURES Run and develop securely No daemon Run without root Isolate with user namespaces Audit who runs what 12 @danieloh30
PODMAN Developer’s experience ● Provides a familiar command line experience compatible with the Docker CLI ● Great for running, building, and sharing containers outside of Kubernetes/OpenShift ● Build and run containers as non-root (enhanced user namespaces) ● Can be wired into existing infrastructure where the docker daemon/cli are used today ● Use existing DockerïŹles ● Simple command line interface, no client-server architecture ● Docker compatible health checks @danieloh30
14 PODMANDEMO Podman Demo
PODMAN But there’s more : podman pod Pods are a group of one or more containers sharing the same network, pid and ipc namespaces. create Create a new empty pod exists Check if a pod exists in local storage inspect Displays a pod configuration kill Send the specified signal or SIGKILL to containers in pod pause Pause one or more pods ps List pods restart Restart one or more pods rm Remove one or more pods start Start one or more pods stats Display a live stream of resource usage statistics for the containers in one or more pods stop Stop one or more pods top Display the running processes of containers in a pod unpause Unpause one or more pods @danieloh30
16 BUILDAH Buildah. The secure container builder.
BUILDAH 17 Source Repo Image Repo Build Test Review/ Appr Deliver Deploy 3rd Party $ podman build $ docker build Developer Workstation/Laptop Container Platform DataCenter OCI Compliant CI/CD LIFECYCLE git The separation of concerns @danieloh30
BUILDAH 18 Why use Buildah? ● Now buildah.io ● Builds OCI compliant images ● No daemon - no “docker socket” ● Does not require a running container ● Can use the host’s user’s secrets. ● Single layer, from scratch images are made easy and it ensures limited manifest. ● If needed you can still maintain DockerïŹle based workïŹ‚ow Base RHEL OS Update Layer Java Runtime Layer Application Layer Java runtime and dependencies, and Application From scratch, single layer From base, multi-layer SECURITY FEATURES Build securely No daemon Shrink the attack surface Fine-grained control of the layers Run builds isolated Better secret management @danieloh30
19 BUILDAHDEMO Buildah Demo
What does Buildah do? BUILDAH 20 buildah from - Build up a container root ïŹlesystem from an image or scratch. buildah conïŹg - Adjust defaults in the image’s conïŹguration blob. buildah run - Run a command in the container’s ïŹlesystem using runc. NOT like docker run. Like DockerïŹle RUN. buildah mount - Mount the container’s root ïŹlesystem on the host. buildah commit - Commit container’s changes to a new image. @danieloh30
What does Buildah do? BUILDAH 21 buildah push - Push images to registries (Quay etc.) or a local dockerd instance buildah build-using-dockerfile (a.k.a. buildah bud) - Build images using a Dockerfile for instructions buildah unmount - Oh, it also unmounts container filesystems Provide a library API that’s used by the CLI Share libraries and on-disk storage with CRI-O @danieloh30
22 CRI-O CRI-O. The OCI runtime abstraction for Kubernetes
CRI-O OCI AND CRI-O ● A Kubernetes thing ● Now part of CNCF! (April 8th) ● OCI daemon ● Implements Kubelet Container Runtime Interface (CRI) CRI-O Container Host Container Container Container Kubernetes READONLY SECURITY FEATURES Run securely in a production cluster No daemon Read-only containers Enable fewer capabilities User namespaces FIPS mode support 23 @danieloh30
24 WHEREDOIGOFROMHERE? Which app will be the best for the Linux Containers?
@danieloh30 @QuarkusIO Supersonic Subatomic Java A Kubernetes Native Java stack tailored for GraalVM & OpenJDK HotSpot, crafted from the best of breed Java libraries and standards
@danieloh30 @QuarkusIO
@danieloh30 @QuarkusIO A stack to write Java apps Cloud Native, Microservices, Serverless
28 BUILDAHDEMO Quarkus Demo
@danieloh30 @QuarkusIO A cohesive platform for optimized developer joy: ● Based on standards, but not limited ● UniïŹed conïŹguration ● Zero conïŹg, live reload in the blink of an eye ● Streamlined code for the 80% common usages, ïŹ‚exible for the 20% ● No hassle native executable generation BeneïŹt No. 1: Developer Joy
@danieloh30 @QuarkusIO BeneïŹt No. 2: Supersonic Subatomic Java Memory (RSS) in Megabytes Quarkus + GraalVM 13 MB Quarkus + OpenJDK 74 MB Traditional Cloud-Native Stack 74 MB REST
@danieloh30 @QuarkusIO BeneïŹt No. 2: Supersonic Subatomic Java Memory (RSS) in Megabytes REST + CRUD Quarkus + GraalVM 35 MB Quarkus + OpenJDK 130 MB Traditional Cloud-Native Stack 218 MB
@danieloh30 @QuarkusIO BeneïŹt No. 2: Supersonic Subatomic Java Boot + First Response Time (in seconds) Quarkus + GraalVM 0.014 Seconds REST REST + CRUD Quarkus + OpenJDK 0.75 Seconds Quarkus + GraalVM 0.055 Seconds Quarkus + OpenJDK 2.5 Seconds Traditional Cloud-Native Stack 9.5 Seconds Traditional Cloud-Native Stack 4.3 Seconds
@danieloh30 @QuarkusIO BeneïŹt No. 3: UniïŹes Imperative and Reactive ● Combine both Reactive and imperative development in the same application ● Inject the EventBus or the Vertx context ● Use the technology that ïŹts your use-case @Inject SayService say; @GET @Produces(MediaType.TEXT_PLAIN) public String hello() { return say.hello(); } @Inject @Stream(”kafka”) Publisher<String> reactiveSay; @GET @Produces(MediaType.SERVER_SENT_EVENTS) public Publisher<String> stream() { return reactiveSay; }
@danieloh30 @QuarkusIO BeneïŹt No. 4: Best of Breed Frameworks & Standards Eclipse Vert.x Hibernate RESTEasy Apache Camel Eclipse MicroProïŹle Netty Kubernetes OpenShift Jaeger Prometheus Apache Kafka InïŹnispan
35 WHEREDOIGOFROMHERE? Where do I ïŹnd these projects in Red Hat products?
WHERE CAN I FIND THESE AWESOME PROJECTS IN RED HAT PRODUCTS? WHERE? RED HAT PRODUCTS 36 SECURING THE PLATFORMS Red Hat chose to move away from Docker to Podman, Buildah and CRI-O in order to provide a more secure environment for containers on both OpenShift Container Platform and RHEL SMART LIGHT CONTAINERS TOOL The container-tools package installs Podman, Buildah and Skopeo together. Users can use these in root or user namespace. CONTINUOUS BUILDING, SECURE RUNTIME Red Hat OCP has been using Skopeo for efïŹciency for a number of years. OCP 4 moves to using Buildah by default for building container images. CRI-O is the default container runtime. Use Podman for helping to debug pods and containers. @danieloh30
37 OPENSOURCEWINS Open source wins. Questions inspire community innovations.
OPEN SOURCE WINS ● Why do we have to pull down a container just to inspect it? ● Could we decouple kubernetes from the container runtime? ● Is it possible to build containers on a cluster without having to install and run a daemon? ● How will we design, use, debug containers on the cluster if we don’t have client tools because we don’t have Docker? 38 @danieloh30
OPEN SOURCE WINS Getting Started ● Download Podman today ○ Package name podman ● It won’t clash with your existing Docker ● If you feel more adventurous download Buildah too ○ Package name buildah ● Or all with : container-tools ● Lots of demos and tutorials are available ● Contribute to the projects! (Next page) 39 @danieloh30
CONFIDENTIAL Designator Where can I learn more? Where to ïŹnd more information 40 Buildah https://github.com/containers/buildah https://buildah.io/ Podman https://github.com/containers/libpod https://podman.io/ Skopeo https://github.com/containers/skopeo Other useful links https://github.com/opencontainers/runc https://developers.redhat.com/blog/2019/02/21/podman-and-buildah-for-docker-users https://www.katacoda.com/courses/containers-without-docker @danieloh30
@danieloh30 @QuarkusIO https://quarkus.io @QuarkusIO https://quarkusio.zulipchat.com
linkedin.com/company/red-hat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHat linkedin.com/in/williamhenry twitter.com/ipbabble 42 Red Hat is the world’s leading provider of enterprise open source software solutions. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. Thank you THANKYOU
Ad

Recommended

The world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDaysThe world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
The world of Containers with Podman, Buildah, Skopeo by Seema - CCDays
CodeOps Technologies LLP
 
Podman Overview and internals.pdf
Podman Overview and internals.pdfPodman Overview and internals.pdf
Podman Overview and internals.pdf
Saim Safder
 
Podman rootless containers
Podman rootless containersPodman rootless containers
Podman rootless containers
Giuseppe Scrivano
 
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDPDockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
DockerCon 2017 - Cilium - Network and Application Security with BPF and XDP
Thomas Graf
 
Docker, LinuX Container
Docker, LinuX ContainerDocker, LinuX Container
Docker, LinuX Container
Araf Karsh Hamid
 
Devops Porto - CI/CD at Gitlab
Devops Porto - CI/CD at GitlabDevops Porto - CI/CD at Gitlab
Devops Porto - CI/CD at Gitlab
Filipa Lacerda
 
Docker 101 - Nov 2016
Docker 101 - Nov 2016Docker 101 - Nov 2016
Docker 101 - Nov 2016
Docker, Inc.
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
Luong Vo
 
Rootless Containers
Rootless ContainersRootless Containers
Rootless Containers
Akihiro Suda
 
What is Docker
What is DockerWhat is Docker
What is Docker
Pavel Klimiankou
 
eBPF - Observability In Deep
eBPF - Observability In DeepeBPF - Observability In Deep
eBPF - Observability In Deep
Mydbops
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals Training
Piotr Perzyna
 
presentation on Docker
presentation on Dockerpresentation on Docker
presentation on Docker
Virendra Ruhela
 
Gitlab ci-cd
Gitlab ci-cdGitlab ci-cd
Gitlab ci-cd
Dan MAGIER
 
Agilité / DevOps / Continuous Integration / Continuous Delivery - Présentatio...
Agilité / DevOps / Continuous Integration / Continuous Delivery - Présentatio...Agilité / DevOps / Continuous Integration / Continuous Delivery - Présentatio...
Agilité / DevOps / Continuous Integration / Continuous Delivery - Présentatio...
Michel-Marie Maudet
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
Instruqt
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes Workshop
Bob Killen
 
Git Tutorial I
Git Tutorial IGit Tutorial I
Git Tutorial I
Jim Yeh
 
Containerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container RuntimeContainerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container Runtime
Phil Estes
 
CI/CD
CI/CDCI/CD
CI/CD
AmitDhodi
 
GitHub Basics - Derek Bable
GitHub Basics - Derek BableGitHub Basics - Derek Bable
GitHub Basics - Derek Bable
"FENG "GEORGE"" YU
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Peng Xiao
 
DevOps Meetup ansible
DevOps Meetup ansibleDevOps Meetup ansible
DevOps Meetup ansible
sriram_rajan
 
CICD with Jenkins
CICD with JenkinsCICD with Jenkins
CICD with Jenkins
Vietnam Open Infrastructure User Group
 
[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?
Akihiro Suda
 
OpenShift Container Platform 4.12 Release Notes
OpenShift Container Platform 4.12 Release NotesOpenShift Container Platform 4.12 Release Notes
OpenShift Container Platform 4.12 Release Notes
GerryJamisola1
 
Docker Container Introduction
Docker Container IntroductionDocker Container Introduction
Docker Container Introduction
Innfinision Cloud and BigData Solutions
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
Phuc Nguyen
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Ambassador Labs
 
Developer workflow with docker
Developer workflow with dockerDeveloper workflow with docker
Developer workflow with docker
Lalatendu Mohanty
 
Ad

More Related Content

What's hot (20)

Rootless Containers
Rootless ContainersRootless Containers
Rootless Containers
Akihiro Suda
 
What is Docker
What is DockerWhat is Docker
What is Docker
Pavel Klimiankou
 
eBPF - Observability In Deep
eBPF - Observability In DeepeBPF - Observability In Deep
eBPF - Observability In Deep
Mydbops
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals Training
Piotr Perzyna
 
presentation on Docker
presentation on Dockerpresentation on Docker
presentation on Docker
Virendra Ruhela
 
Gitlab ci-cd
Gitlab ci-cdGitlab ci-cd
Gitlab ci-cd
Dan MAGIER
 
Agilité / DevOps / Continuous Integration / Continuous Delivery - Présentatio...
Agilité / DevOps / Continuous Integration / Continuous Delivery - Présentatio...Agilité / DevOps / Continuous Integration / Continuous Delivery - Présentatio...
Agilité / DevOps / Continuous Integration / Continuous Delivery - Présentatio...
Michel-Marie Maudet
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
Instruqt
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes Workshop
Bob Killen
 
Git Tutorial I
Git Tutorial IGit Tutorial I
Git Tutorial I
Jim Yeh
 
Containerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container RuntimeContainerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container Runtime
Phil Estes
 
CI/CD
CI/CDCI/CD
CI/CD
AmitDhodi
 
GitHub Basics - Derek Bable
GitHub Basics - Derek BableGitHub Basics - Derek Bable
GitHub Basics - Derek Bable
"FENG "GEORGE"" YU
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Peng Xiao
 
DevOps Meetup ansible
DevOps Meetup ansibleDevOps Meetup ansible
DevOps Meetup ansible
sriram_rajan
 
CICD with Jenkins
CICD with JenkinsCICD with Jenkins
CICD with Jenkins
Vietnam Open Infrastructure User Group
 
[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?
Akihiro Suda
 
OpenShift Container Platform 4.12 Release Notes
OpenShift Container Platform 4.12 Release NotesOpenShift Container Platform 4.12 Release Notes
OpenShift Container Platform 4.12 Release Notes
GerryJamisola1
 
Docker Container Introduction
Docker Container IntroductionDocker Container Introduction
Docker Container Introduction
Innfinision Cloud and BigData Solutions
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
Phuc Nguyen
 
Rootless Containers
Rootless ContainersRootless Containers
Rootless Containers
Akihiro Suda
 
What is Docker
What is DockerWhat is Docker
What is Docker
Pavel Klimiankou
 
eBPF - Observability In Deep
eBPF - Observability In DeepeBPF - Observability In Deep
eBPF - Observability In Deep
Mydbops
 
K8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals TrainingK8s in 3h - Kubernetes Fundamentals Training
K8s in 3h - Kubernetes Fundamentals Training
Piotr Perzyna
 
presentation on Docker
presentation on Dockerpresentation on Docker
presentation on Docker
Virendra Ruhela
 
Gitlab ci-cd
Gitlab ci-cdGitlab ci-cd
Gitlab ci-cd
Dan MAGIER
 
Agilité / DevOps / Continuous Integration / Continuous Delivery - Présentatio...
Agilité / DevOps / Continuous Integration / Continuous Delivery - Présentatio...Agilité / DevOps / Continuous Integration / Continuous Delivery - Présentatio...
Agilité / DevOps / Continuous Integration / Continuous Delivery - Présentatio...
Michel-Marie Maudet
 
Introduction to docker
Introduction to dockerIntroduction to docker
Introduction to docker
Instruqt
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes Workshop
Bob Killen
 
Git Tutorial I
Git Tutorial IGit Tutorial I
Git Tutorial I
Jim Yeh
 
Containerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container RuntimeContainerd Internals: Building a Core Container Runtime
Containerd Internals: Building a Core Container Runtime
Phil Estes
 
CI/CD
CI/CDCI/CD
CI/CD
AmitDhodi
 
GitHub Basics - Derek Bable
GitHub Basics - Derek BableGitHub Basics - Derek Bable
GitHub Basics - Derek Bable
"FENG "GEORGE"" YU
 
Docker Introduction
Docker IntroductionDocker Introduction
Docker Introduction
Peng Xiao
 
DevOps Meetup ansible
DevOps Meetup ansibleDevOps Meetup ansible
DevOps Meetup ansible
sriram_rajan
 
CICD with Jenkins
CICD with JenkinsCICD with Jenkins
CICD with Jenkins
Vietnam Open Infrastructure User Group
 
[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?[Container Plumbing Days 2023] Why was nerdctl made?
[Container Plumbing Days 2023] Why was nerdctl made?
Akihiro Suda
 
OpenShift Container Platform 4.12 Release Notes
OpenShift Container Platform 4.12 Release NotesOpenShift Container Platform 4.12 Release Notes
OpenShift Container Platform 4.12 Release Notes
GerryJamisola1
 
Docker Container Introduction
Docker Container IntroductionDocker Container Introduction
Docker Container Introduction
Innfinision Cloud and BigData Solutions
 
Docker introduction
Docker introductionDocker introduction
Docker introduction
Phuc Nguyen
 

Similar to Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies (20)

Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Ambassador Labs
 
Developer workflow with docker
Developer workflow with dockerDeveloper workflow with docker
Developer workflow with docker
Lalatendu Mohanty
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
Ambassador Labs
 
OpenShift Commons - Adopting Podman, Skopeo and Buildah for Building and Mana...
OpenShift Commons - Adopting Podman, Skopeo and Buildah for Building and Mana...OpenShift Commons - Adopting Podman, Skopeo and Buildah for Building and Mana...
OpenShift Commons - Adopting Podman, Skopeo and Buildah for Building and Mana...
Mihai Criveti
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Radulescu Adina-Valentina
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with Docker
Andrey Hristov
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with Docker
Andrey Hristov
 
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ....docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
ICON UK EVENTS Limited
 
docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...
Matteo Bisi
 
Containers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech TalkContainers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech Talk
Red Hat Developers
 
.docker : how to deploy Digital Experience in a container drinking a cup of c...
.docker : how to deploy Digital Experience in a container drinking a cup of c....docker : how to deploy Digital Experience in a container drinking a cup of c...
.docker : how to deploy Digital Experience in a container drinking a cup of c...
Andrea Fontana
 
Docker for dev
Docker for devDocker for dev
Docker for dev
Erik Talboom
 
Run automated tests in Docker
Run automated tests in DockerRun automated tests in Docker
Run automated tests in Docker
Oleksandr Metelytsia
 
DCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development PipelineDCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development Pipeline
Docker, Inc.
 
Docker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionDocker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine Evolution
Phil Estes
 
DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline
Docker, Inc.
 
Docker on Power Systems
Docker on Power SystemsDocker on Power Systems
Docker on Power Systems
Cesar Maciel
 
Docker handons-workshop-for-charity
Docker handons-workshop-for-charityDocker handons-workshop-for-charity
Docker handons-workshop-for-charity
Yusuf Hadiwinata Sutandar
 
Docker primer and tips
Docker primer and tipsDocker primer and tips
Docker primer and tips
Samuel Chow
 
Docker Birtday #5
Docker Birtday #5Docker Birtday #5
Docker Birtday #5
Mehmet Ali Aydın
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Ambassador Labs
 
Developer workflow with docker
Developer workflow with dockerDeveloper workflow with docker
Developer workflow with docker
Lalatendu Mohanty
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
Ambassador Labs
 
OpenShift Commons - Adopting Podman, Skopeo and Buildah for Building and Mana...
OpenShift Commons - Adopting Podman, Skopeo and Buildah for Building and Mana...OpenShift Commons - Adopting Podman, Skopeo and Buildah for Building and Mana...
OpenShift Commons - Adopting Podman, Skopeo and Buildah for Building and Mana...
Mihai Criveti
 
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Docker Timisoara: Dockercon19 recap slides, 23 may 2019
Radulescu Adina-Valentina
 
Accelerate your development with Docker
Accelerate your development with DockerAccelerate your development with Docker
Accelerate your development with Docker
Andrey Hristov
 
Accelerate your software development with Docker
Accelerate your software development with DockerAccelerate your software development with Docker
Accelerate your software development with Docker
Andrey Hristov
 
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ....docker : How to deploy Digital Experience in a container, drinking a cup of ...
.docker : How to deploy Digital Experience in a container, drinking a cup of ...
ICON UK EVENTS Limited
 
docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...docker : how to deploy Digital Experience in a container drinking a cup of co...
docker : how to deploy Digital Experience in a container drinking a cup of co...
Matteo Bisi
 
Containers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech TalkContainers without docker | DevNation Tech Talk
Containers without docker | DevNation Tech Talk
Red Hat Developers
 
.docker : how to deploy Digital Experience in a container drinking a cup of c...
.docker : how to deploy Digital Experience in a container drinking a cup of c....docker : how to deploy Digital Experience in a container drinking a cup of c...
.docker : how to deploy Digital Experience in a container drinking a cup of c...
Andrea Fontana
 
Docker for dev
Docker for devDocker for dev
Docker for dev
Erik Talboom
 
Run automated tests in Docker
Run automated tests in DockerRun automated tests in Docker
Run automated tests in Docker
Oleksandr Metelytsia
 
DCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development PipelineDCEU 18: Building Your Development Pipeline
DCEU 18: Building Your Development Pipeline
Docker, Inc.
 
Docker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine EvolutionDocker London Meetup: Docker Engine Evolution
Docker London Meetup: Docker Engine Evolution
Phil Estes
 
DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline
Docker, Inc.
 
Docker on Power Systems
Docker on Power SystemsDocker on Power Systems
Docker on Power Systems
Cesar Maciel
 
Docker handons-workshop-for-charity
Docker handons-workshop-for-charityDocker handons-workshop-for-charity
Docker handons-workshop-for-charity
Yusuf Hadiwinata Sutandar
 
Docker primer and tips
Docker primer and tipsDocker primer and tips
Docker primer and tips
Samuel Chow
 
Docker Birtday #5
Docker Birtday #5Docker Birtday #5
Docker Birtday #5
Mehmet Ali Aydın
 
Ad

More from Daniel Oh (11)

[DevConf.US 2019]Quarkus Brings Serverless to Java Developers
[DevConf.US 2019]Quarkus Brings Serverless to Java Developers[DevConf.US 2019]Quarkus Brings Serverless to Java Developers
[DevConf.US 2019]Quarkus Brings Serverless to Java Developers
Daniel Oh
 
Quarkus on Knative at Red Hat Summit 2019
Quarkus on Knative at Red Hat Summit 2019Quarkus on Knative at Red Hat Summit 2019
Quarkus on Knative at Red Hat Summit 2019
Daniel Oh
 
Knative makes Developers Incredible on Serverless
Knative makes Developers Incredible on ServerlessKnative makes Developers Incredible on Serverless
Knative makes Developers Incredible on Serverless
Daniel Oh
 
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Daniel Oh
 
[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise Applications[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise Applications
Daniel Oh
 
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
Daniel Oh
 
[OSSummitEU2017]Ten Llayers of Linux Container Security
[OSSummitEU2017]Ten Llayers of Linux Container Security[OSSummitEU2017]Ten Llayers of Linux Container Security
[OSSummitEU2017]Ten Llayers of Linux Container Security
Daniel Oh
 
Transform Digital Business with DevOps
Transform Digital Business with DevOpsTransform Digital Business with DevOps
Transform Digital Business with DevOps
Daniel Oh
 
Automate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOpsAutomate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOps
Daniel Oh
 
Red Hhat Summit 2017 : Love Containers, Love Devops, Love Openshift, Where's ...
Red Hhat Summit 2017 : Love Containers, Love Devops, Love Openshift, Where's ...Red Hhat Summit 2017 : Love Containers, Love Devops, Love Openshift, Where's ...
Red Hhat Summit 2017 : Love Containers, Love Devops, Love Openshift, Where's ...
Daniel Oh
 
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
Daniel Oh
 
[DevConf.US 2019]Quarkus Brings Serverless to Java Developers
[DevConf.US 2019]Quarkus Brings Serverless to Java Developers[DevConf.US 2019]Quarkus Brings Serverless to Java Developers
[DevConf.US 2019]Quarkus Brings Serverless to Java Developers
Daniel Oh
 
Quarkus on Knative at Red Hat Summit 2019
Quarkus on Knative at Red Hat Summit 2019Quarkus on Knative at Red Hat Summit 2019
Quarkus on Knative at Red Hat Summit 2019
Daniel Oh
 
Knative makes Developers Incredible on Serverless
Knative makes Developers Incredible on ServerlessKnative makes Developers Incredible on Serverless
Knative makes Developers Incredible on Serverless
Daniel Oh
 
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Microservice 4.0 Journey - From Spring NetFlix OSS to Istio Service Mesh and ...
Daniel Oh
 
[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise Applications[RHFSeoul2017]6 Steps to Transform Enterprise Applications
[RHFSeoul2017]6 Steps to Transform Enterprise Applications
Daniel Oh
 
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
Daniel Oh
 
[OSSummitEU2017]Ten Llayers of Linux Container Security
[OSSummitEU2017]Ten Llayers of Linux Container Security[OSSummitEU2017]Ten Llayers of Linux Container Security
[OSSummitEU2017]Ten Llayers of Linux Container Security
Daniel Oh
 
Transform Digital Business with DevOps
Transform Digital Business with DevOpsTransform Digital Business with DevOps
Transform Digital Business with DevOps
Daniel Oh
 
Automate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOpsAutomate App Container Delivery with CI/CD and DevOps
Automate App Container Delivery with CI/CD and DevOps
Daniel Oh
 
Red Hhat Summit 2017 : Love Containers, Love Devops, Love Openshift, Where's ...
Red Hhat Summit 2017 : Love Containers, Love Devops, Love Openshift, Where's ...Red Hhat Summit 2017 : Love Containers, Love Devops, Love Openshift, Where's ...
Red Hhat Summit 2017 : Love Containers, Love Devops, Love Openshift, Where's ...
Daniel Oh
 
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
ApacheCon Europe 2016 : CONTAINERS IN ACTION - Transform Application Delivery...
Daniel Oh
 
Ad

Recently uploaded (20)

What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
Andre Hora
 
Download Wondershare Filmora Crack [2025] With Latest
Download Wondershare Filmora Crack [2025] With LatestDownload Wondershare Filmora Crack [2025] With Latest
Download Wondershare Filmora Crack [2025] With Latest
tahirabibi60507
 
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
Egor Kaleynik
 
Expand your AI adoption with AgentExchange
Expand your AI adoption with AgentExchangeExpand your AI adoption with AgentExchange
Expand your AI adoption with AgentExchange
Fexle Services Pvt. Ltd.
 
Adobe Master Collection CC Crack Advance Version 2025
Adobe Master Collection CC Crack Advance Version 2025Adobe Master Collection CC Crack Advance Version 2025
Adobe Master Collection CC Crack Advance Version 2025
kashifyounis067
 
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Eric D. Schabell
 
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AIScaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
danshalev
 
Secure Test Infrastructure: The Backbone of Trustworthy Software Development
Secure Test Infrastructure: The Backbone of Trustworthy Software DevelopmentSecure Test Infrastructure: The Backbone of Trustworthy Software Development
Secure Test Infrastructure: The Backbone of Trustworthy Software Development
Shubham Joshi
 
Exploring Code Comprehension in Scientific Programming: Preliminary Insight...
Exploring Code Comprehension in Scientific Programming: Preliminary Insight...Exploring Code Comprehension in Scientific Programming: Preliminary Insight...
Exploring Code Comprehension in Scientific Programming: Preliminary Insight...
University of Hawai‘i at Mānoa
 
Explaining GitHub Actions Failures with Large Language Models Challenges, In...
Explaining GitHub Actions Failures with Large Language Models Challenges, In...Explaining GitHub Actions Failures with Large Language Models Challenges, In...
Explaining GitHub Actions Failures with Large Language Models Challenges, In...
ssuserb14185
 
Designing AI-Powered APIs on Azure: Best Practices& Considerations
Designing AI-Powered APIs on Azure: Best Practices& ConsiderationsDesigning AI-Powered APIs on Azure: Best Practices& Considerations
Designing AI-Powered APIs on Azure: Best Practices& Considerations
Dinusha Kumarasiri
 
Not So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java WebinarNot So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java Webinar
Tier1 app
 
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdfMicrosoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
TechSoup
 
Download YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full ActivatedDownload YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full Activated
saniamalik72555
 
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
steaveroggers
 
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Andre Hora
 
Revolutionizing Residential Wi-Fi PPT.pptx
Revolutionizing Residential Wi-Fi PPT.pptxRevolutionizing Residential Wi-Fi PPT.pptx
Revolutionizing Residential Wi-Fi PPT.pptx
nidhisingh691197
 
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Lionel Briand
 
Douwan Crack 2025 new verson+ License code
Douwan Crack 2025 new verson+ License codeDouwan Crack 2025 new verson+ License code
Douwan Crack 2025 new verson+ License code
aneelaramzan63
 
WinRAR Crack for Windows (100% Working 2025)
WinRAR Crack for Windows (100% Working 2025)WinRAR Crack for Windows (100% Working 2025)
WinRAR Crack for Windows (100% Working 2025)
sh607827
 
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
What Do Contribution Guidelines Say About Software Testing? (MSR 2025)
Andre Hora
 
Download Wondershare Filmora Crack [2025] With Latest
Download Wondershare Filmora Crack [2025] With LatestDownload Wondershare Filmora Crack [2025] With Latest
Download Wondershare Filmora Crack [2025] With Latest
tahirabibi60507
 
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
How Valletta helped healthcare SaaS to transform QA and compliance to grow wi...
Egor Kaleynik
 
Expand your AI adoption with AgentExchange
Expand your AI adoption with AgentExchangeExpand your AI adoption with AgentExchange
Expand your AI adoption with AgentExchange
Fexle Services Pvt. Ltd.
 
Adobe Master Collection CC Crack Advance Version 2025
Adobe Master Collection CC Crack Advance Version 2025Adobe Master Collection CC Crack Advance Version 2025
Adobe Master Collection CC Crack Advance Version 2025
kashifyounis067
 
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Mastering Fluent Bit: Ultimate Guide to Integrating Telemetry Pipelines with ...
Eric D. Schabell
 
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AIScaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
danshalev
 
Secure Test Infrastructure: The Backbone of Trustworthy Software Development
Secure Test Infrastructure: The Backbone of Trustworthy Software DevelopmentSecure Test Infrastructure: The Backbone of Trustworthy Software Development
Secure Test Infrastructure: The Backbone of Trustworthy Software Development
Shubham Joshi
 
Exploring Code Comprehension in Scientific Programming: Preliminary Insight...
Exploring Code Comprehension in Scientific Programming: Preliminary Insight...Exploring Code Comprehension in Scientific Programming: Preliminary Insight...
Exploring Code Comprehension in Scientific Programming: Preliminary Insight...
University of Hawai‘i at Mānoa
 
Explaining GitHub Actions Failures with Large Language Models Challenges, In...
Explaining GitHub Actions Failures with Large Language Models Challenges, In...Explaining GitHub Actions Failures with Large Language Models Challenges, In...
Explaining GitHub Actions Failures with Large Language Models Challenges, In...
ssuserb14185
 
Designing AI-Powered APIs on Azure: Best Practices& Considerations
Designing AI-Powered APIs on Azure: Best Practices& ConsiderationsDesigning AI-Powered APIs on Azure: Best Practices& Considerations
Designing AI-Powered APIs on Azure: Best Practices& Considerations
Dinusha Kumarasiri
 
Not So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java WebinarNot So Common Memory Leaks in Java Webinar
Not So Common Memory Leaks in Java Webinar
Tier1 app
 
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdfMicrosoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
TechSoup
 
Download YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full ActivatedDownload YouTube By Click 2025 Free Full Activated
Download YouTube By Click 2025 Free Full Activated
saniamalik72555
 
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
steaveroggers
 
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Exceptional Behaviors: How Frequently Are They Tested? (AST 2025)
Andre Hora
 
Revolutionizing Residential Wi-Fi PPT.pptx
Revolutionizing Residential Wi-Fi PPT.pptxRevolutionizing Residential Wi-Fi PPT.pptx
Revolutionizing Residential Wi-Fi PPT.pptx
nidhisingh691197
 
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Lionel Briand
 
Douwan Crack 2025 new verson+ License code
Douwan Crack 2025 new verson+ License codeDouwan Crack 2025 new verson+ License code
Douwan Crack 2025 new verson+ License code
aneelaramzan63
 
WinRAR Crack for Windows (100% Working 2025)
WinRAR Crack for Windows (100% Working 2025)WinRAR Crack for Windows (100% Working 2025)
WinRAR Crack for Windows (100% Working 2025)
sh607827
 

Podman, Buildah, and Quarkus - The Latest in Linux Containers Technologies

  • 1. The Latest in Linux Containers Technology Podman, Buildah and Quarkus Daniel Oh Open Source Summit Japan 2019 1
  • 2. About Me danieloh30 Daniel Oh @[email protected] ● Principal Technical Product Marketing Manager at Red Hat ○ Cloud Native App Development ○ Agile & DevOps practices ● CNCF Ambassador ● Java Developer ● Opensource.com Moderator ● Public Speaker & Writer
  • 3. Container tools landscape is changing. Why? INTRODUCTION 3 Since Open Container Initiative (OCI) there are several new projects What needs do these projects address? What are these projects and when should I use them? What speciïŹc security concern does each address? @danieloh30
  • 4. Early concerns with Docker INTRODUCTION 4 Since the early days enterprise users of Docker had concerns ● Build requires a “big fat” daemon on every host ● Regression for integration with container platforms Kubernetes/OpenShift ● Build has secret handling issues ● Root/privileged concerns at runtime ● Root/privileged concerns with daemon ● Build requires a running container @danieloh30
  • 5. INTRODUCTION 5 ● Docker, Red Hat et al. June 2015 ● Two speciïŹcations ○ Image format ■ How to package an OCI Image with sufïŹcient information to launch the application on the target platform ○ Runtime ■ How to launch a â€œïŹlesystem bundle” that is unpacked on disk ● Version 1.0 of each released July 19th 2017 ● Distribution spec started in April, 2018. @danieloh30
  • 7. CONTAINERS ARE LINUX 7 LXC Initial release Aug ‘08 OpenShift online May ‘11 Container innovation continues 
. Docker initial Mar ‘13 OpenShift Enterprise 3.0 Jun ‘15 OCI CNCF Initial release, Buildah Jun ‘17 Moby Apr ‘17 Sep ‘17 Kubernetes Mid ‘14 Buildah 1.0 Podman New logo May ‘18 buildah.io podman.io Sep ‘18 Buildah Skopeo Podman RHEL May ‘19 Nov ‘15 Mar ‘16 @danieloh30
  • 8. CONTAINERS ARE LINUX How did Docker change containers? Docker Daemon Image Layers Docker CLI Docker daemon image container registry Base Distro Image App. Package Dependencies App. Package Dependencies Application CLI kernel 8 @danieloh30
  • 10. SKOPEO IMAGE COPY WITH SKOPEO ● Built for interfacing with Docker registry ● CLI for images and image registries ● Rejected by upstream Docker ÂŻ_(ツ)_/ÂŻ ● Allows remote inspection of image metadata - no downloading ● Can copy from one storage to another SKOPEO Image Repository Image Registry Host /var/lib/containers or /var/lib/docker SECURITY FEATURES Share securely No daemon Inspect remote images No pulling potentially malicious images Non-root copy. Bridge between registries. 10 @danieloh30
  • 12. PODMAN The new container CLI ● @ podman.io ● Client only tool, based on the Docker CLI. (same+) ● No daemon! ● Storage for ○ Images - containers/image ○ Containers - containers/storage ● Runtime - runc ● Shares state with CRI-O and with Buildah! PODMAN Images Image Registry Containers Kernel SECURITY FEATURES Run and develop securely No daemon Run without root Isolate with user namespaces Audit who runs what 12 @danieloh30
  • 13. PODMAN Developer’s experience ● Provides a familiar command line experience compatible with the Docker CLI ● Great for running, building, and sharing containers outside of Kubernetes/OpenShift ● Build and run containers as non-root (enhanced user namespaces) ● Can be wired into existing infrastructure where the docker daemon/cli are used today ● Use existing DockerïŹles ● Simple command line interface, no client-server architecture ● Docker compatible health checks @danieloh30
  • 15. PODMAN But there’s more : podman pod Pods are a group of one or more containers sharing the same network, pid and ipc namespaces. create Create a new empty pod exists Check if a pod exists in local storage inspect Displays a pod configuration kill Send the specified signal or SIGKILL to containers in pod pause Pause one or more pods ps List pods restart Restart one or more pods rm Remove one or more pods start Start one or more pods stats Display a live stream of resource usage statistics for the containers in one or more pods stop Stop one or more pods top Display the running processes of containers in a pod unpause Unpause one or more pods @danieloh30
  • 17. BUILDAH 17 Source Repo Image Repo Build Test Review/ Appr Deliver Deploy 3rd Party $ podman build $ docker build Developer Workstation/Laptop Container Platform DataCenter OCI Compliant CI/CD LIFECYCLE git The separation of concerns @danieloh30
  • 18. BUILDAH 18 Why use Buildah? ● Now buildah.io ● Builds OCI compliant images ● No daemon - no “docker socket” ● Does not require a running container ● Can use the host’s user’s secrets. ● Single layer, from scratch images are made easy and it ensures limited manifest. ● If needed you can still maintain DockerïŹle based workïŹ‚ow Base RHEL OS Update Layer Java Runtime Layer Application Layer Java runtime and dependencies, and Application From scratch, single layer From base, multi-layer SECURITY FEATURES Build securely No daemon Shrink the attack surface Fine-grained control of the layers Run builds isolated Better secret management @danieloh30
  • 20. What does Buildah do? BUILDAH 20 buildah from - Build up a container root ïŹlesystem from an image or scratch. buildah conïŹg - Adjust defaults in the image’s conïŹguration blob. buildah run - Run a command in the container’s ïŹlesystem using runc. NOT like docker run. Like DockerïŹle RUN. buildah mount - Mount the container’s root ïŹlesystem on the host. buildah commit - Commit container’s changes to a new image. @danieloh30
  • 21. What does Buildah do? BUILDAH 21 buildah push - Push images to registries (Quay etc.) or a local dockerd instance buildah build-using-dockerfile (a.k.a. buildah bud) - Build images using a Dockerfile for instructions buildah unmount - Oh, it also unmounts container filesystems Provide a library API that’s used by the CLI Share libraries and on-disk storage with CRI-O @danieloh30
  • 23. CRI-O OCI AND CRI-O ● A Kubernetes thing ● Now part of CNCF! (April 8th) ● OCI daemon ● Implements Kubelet Container Runtime Interface (CRI) CRI-O Container Host Container Container Container Kubernetes READONLY SECURITY FEATURES Run securely in a production cluster No daemon Read-only containers Enable fewer capabilities User namespaces FIPS mode support 23 @danieloh30
  • 24. 24 WHEREDOIGOFROMHERE? Which app will be the best for the Linux Containers?
  • 25. @danieloh30 @QuarkusIO Supersonic Subatomic Java A Kubernetes Native Java stack tailored for GraalVM & OpenJDK HotSpot, crafted from the best of breed Java libraries and standards
  • 27. @danieloh30 @QuarkusIO A stack to write Java apps Cloud Native, Microservices, Serverless
  • 29. @danieloh30 @QuarkusIO A cohesive platform for optimized developer joy: ● Based on standards, but not limited ● UniïŹed conïŹguration ● Zero conïŹg, live reload in the blink of an eye ● Streamlined code for the 80% common usages, ïŹ‚exible for the 20% ● No hassle native executable generation BeneïŹt No. 1: Developer Joy
  • 30. @danieloh30 @QuarkusIO BeneïŹt No. 2: Supersonic Subatomic Java Memory (RSS) in Megabytes Quarkus + GraalVM 13 MB Quarkus + OpenJDK 74 MB Traditional Cloud-Native Stack 74 MB REST
  • 31. @danieloh30 @QuarkusIO BeneïŹt No. 2: Supersonic Subatomic Java Memory (RSS) in Megabytes REST + CRUD Quarkus + GraalVM 35 MB Quarkus + OpenJDK 130 MB Traditional Cloud-Native Stack 218 MB
  • 32. @danieloh30 @QuarkusIO BeneïŹt No. 2: Supersonic Subatomic Java Boot + First Response Time (in seconds) Quarkus + GraalVM 0.014 Seconds REST REST + CRUD Quarkus + OpenJDK 0.75 Seconds Quarkus + GraalVM 0.055 Seconds Quarkus + OpenJDK 2.5 Seconds Traditional Cloud-Native Stack 9.5 Seconds Traditional Cloud-Native Stack 4.3 Seconds
  • 33. @danieloh30 @QuarkusIO BeneïŹt No. 3: UniïŹes Imperative and Reactive ● Combine both Reactive and imperative development in the same application ● Inject the EventBus or the Vertx context ● Use the technology that ïŹts your use-case @Inject SayService say; @GET @Produces(MediaType.TEXT_PLAIN) public String hello() { return say.hello(); } @Inject @Stream(”kafka”) Publisher<String> reactiveSay; @GET @Produces(MediaType.SERVER_SENT_EVENTS) public Publisher<String> stream() { return reactiveSay; }
  • 34. @danieloh30 @QuarkusIO BeneïŹt No. 4: Best of Breed Frameworks & Standards Eclipse Vert.x Hibernate RESTEasy Apache Camel Eclipse MicroProïŹle Netty Kubernetes OpenShift Jaeger Prometheus Apache Kafka InïŹnispan
  • 35. 35 WHEREDOIGOFROMHERE? Where do I ïŹnd these projects in Red Hat products?
  • 36. WHERE CAN I FIND THESE AWESOME PROJECTS IN RED HAT PRODUCTS? WHERE? RED HAT PRODUCTS 36 SECURING THE PLATFORMS Red Hat chose to move away from Docker to Podman, Buildah and CRI-O in order to provide a more secure environment for containers on both OpenShift Container Platform and RHEL SMART LIGHT CONTAINERS TOOL The container-tools package installs Podman, Buildah and Skopeo together. Users can use these in root or user namespace. CONTINUOUS BUILDING, SECURE RUNTIME Red Hat OCP has been using Skopeo for efïŹciency for a number of years. OCP 4 moves to using Buildah by default for building container images. CRI-O is the default container runtime. Use Podman for helping to debug pods and containers. @danieloh30
  • 38. OPEN SOURCE WINS ● Why do we have to pull down a container just to inspect it? ● Could we decouple kubernetes from the container runtime? ● Is it possible to build containers on a cluster without having to install and run a daemon? ● How will we design, use, debug containers on the cluster if we don’t have client tools because we don’t have Docker? 38 @danieloh30
  • 39. OPEN SOURCE WINS Getting Started ● Download Podman today ○ Package name podman ● It won’t clash with your existing Docker ● If you feel more adventurous download Buildah too ○ Package name buildah ● Or all with : container-tools ● Lots of demos and tutorials are available ● Contribute to the projects! (Next page) 39 @danieloh30
  • 40. CONFIDENTIAL Designator Where can I learn more? Where to ïŹnd more information 40 Buildah https://github.com/containers/buildah https://buildah.io/ Podman https://github.com/containers/libpod https://podman.io/ Skopeo https://github.com/containers/skopeo Other useful links https://github.com/opencontainers/runc https://developers.redhat.com/blog/2019/02/21/podman-and-buildah-for-docker-users https://www.katacoda.com/courses/containers-without-docker @danieloh30
  • 42. linkedin.com/company/red-hat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHat linkedin.com/in/williamhenry twitter.com/ipbabble 42 Red Hat is the world’s leading provider of enterprise open source software solutions. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. Thank you THANKYOU