next generation tools for container technology
play

Next Generation Tools for container technology Dan Walsh @rhatdan - PowerPoint PPT Presentation

Oct 23, 2023 •485 likes •1.36k views

Next Generation Tools for container technology Dan Walsh @rhatdan Please Stand Please read out loud all text in RED I Promise To say Container Registries Rather than Docker registries I Promise To say Container Images Rather than

  1. Next Generation Tools for container technology Dan Walsh @rhatdan

  2. Please Stand

  3. Please read out loud all text in RED

  4. I Promise

  5. To say Container Registries Rather than Docker registries

  6. I Promise

  7. To say Container Images Rather than Docker images

  8. I Promise

  9. To say Containers Rather than Docker Containers

  10. Sit Down

  13. What do you need to run a container Standard Definition of what makes up a container image. ● OCI Image Bundle Definition ○

  14. Introducing Skopeo https://github.com/containers/skopeo #nobigfatdaemons

  15. Skopeo ● $ skopeo inspect docker://docker.io/fedora ● $ skopeo copy docker://busybox:1-glibc atomic:myns/unsigned:streaming $ skopeo copy docker://busybox:latest dir:existingemptydirectory $ skopeo copy docker://busybox:latest oci:busybox_ocilayout:latest ● $ skopeo delete docker://localhost:5000/imagename:latest #nobigfatdaemons

  16. What do you need to run a container` Standard Definition of what makes up a container image. ● OCI Image Bundle Definition ○ Mechanism to pull images from a container registry to the host ● github.com/containers/image ○

  17. What do you need to run a container Standard Definition of what makes up a container image. ● OCI Image Bundle Definition ○ Mechanism to pull images from a container registry to the host ● github.com/containers/image ○ ● Ability to explode images onto COW file systems on disk github.com/containers/storage ○

  18. What do you need to run a container Standard Definition of what makes up a container image. ● OCI Image Bundle Definition ○ Mechanism to pull images from a container registry to the host ● github.com/containers/image ○ ● Ability to explode images onto COW file systems on disk github.com/containers/storage ○ Standard mechanism for running a container ● ○ OCI Runtime Spec (1.0) runc default implementation of OCI Runtime Spec (Same tool Docker uses to run containers) ○

  19. #nobigfatdaemons

  20. #nobigfatdaemons

  21. What does OpenShift/Kubernetes need run a container? CRI - Container Runtime Interface #nobigfatdaemons

  22. What does OpenShift/Kubernetes need run a container? CRI - Container Runtime Interface Kubernetes tells CRI to run Container Image: #nobigfatdaemons

  23. What does OpenShift/Kubernetes need run a container? CRI - Container Runtime Interface Kubernetes tells CRI to run Container Image: ● CRI needs to pull image from Container Registry #nobigfatdaemons

  24. What does OpenShift/Kubernetes need run a container? CRI - Container Runtime Interface Kubernetes tells CRI to run Container Image: ● CRI needs to pull image from Container Registry ● CRI Needs to store image on COW File system #nobigfatdaemons

  25. What does OpenShift/Kubernetes need run a container? CRI - Container Runtime Interface Kubernetes tells CRI to run Container Image: ● CRI needs to pull image from Container Registry ● CRI Needs to store image on COW File system ● CRI Needs to execute OCI Runtime #nobigfatdaemons

  26. Introducing CRI-O #nobigfatdaemons

  27. Introducing CRI-O CRI-O - OCI-based implementation of Kubernetes Container Runtime Interface Scope tied to kubernetes CRI ● ● Only supported user is kubernetes Uses standard components as building blocks ● “Nothing more, Nothing Less” #nobigfatdaemons

  28. #nobigfatdaemons

  29. #nobigfatdaemons

  30. #nobigfatdaemons

  31. S W A R M #nobigfatdaemons

  32. S W A R M #nobigfatdaemons

  33. M O B Y #nobigfatdaemons

  34. M O B Y #nobigfatdaemons

  35. M O B Y #nobigfatdaemons

  36. #nobigfatdaemons

  37. Overview of additional components oci-runtime-tools library is used to generate OCI configs for containers ● #nobigfatdaemons

  38. Overview of additional components oci-runtime-tools library is used to generate OCI configs for containers ● CNI is used for setting up networking ● ○ Tested with Flannel, Weave and openshift-sdn #nobigfatdaemons

  39. Overview of additional components oci-runtime-tools library is used to generate OCI configs for containers ● CNI is used for setting up networking ● ○ Tested with Flannel, Weave and openshift-sdn conmon is a utility for: ● Monitoring ○ Logging ○ Handling tty ○ Serving attach clients ○ Detecting and reporting OOM ○ #nobigfatdaemons

  40. Pod architecture (runc) conmon conmon conmon Infra Container Container A Container B (runc) (runc) Pod (ipc, net, pid namespaces, cgroups) #nobigfatdaemons

  41. Pod architecture (Kata Containers) conmon conmon kata-shim kata-shim Container A Container B (kata-runtime) (kata-runtime) Virtual Machine (ipc, net, pid namespaces, cgroups) #nobigfatdaemons Pod (net namespace, cgroups)

  42. Architecture #nobigfatdaemons

  43. Status All e2e, cri-tools, integration, 9 test suites, (>500) tests passing. ● No PRs merged without passing all the tests ○ #nobigfatdaemons

  44. Status All e2e, cri-tools, integration, 9 test suites, (>500) tests passing. ● No PRs merged without passing all the tests. ○ ● 1.0.7 (kube 1.7.x) supported. (December 2017) #nobigfatdaemons

  45. Status All e2e, cri-tools, integration, 9 test suites, (>500) tests passing. ● No PRs merged without passing all the tests. ○ ● 1.0.7 (kube 1.7.x) supported. (December 2017) 1.9.12 (kube 1.9.x) released. ● CRI-O fully supported in OpenShift 3.9 along with docker. ○ #nobigfatdaemons

  46. Status All e2e, cri-tools, integration, 9 test suites, (>500) tests passing. ● No PRs merged without passing all the tests. ○ ● 1.0.7 (kube 1.7.x) supported. (December 2017) 1.9.12 (kube 1.9.x) released. ● CRI-O fully supported in OpenShift 3.9 along with docker. ○ ● 1.10.6 (kube 1.10.x) released. #nobigfatdaemons

  47. Status All e2e, cri-tools, integration, 9 test suites, (>500) tests passing. ● No PRs merged without passing all the tests. ○ ● 1.0.7 (kube 1.7.x) supported. (December 2017) 1.9.12 (kube 1.9.x) released. ● CRI-O fully supported in OpenShift 3.9 along with docker. ○ ● 1.10.6 (kube 1.10.x) released. 1.11.2 (Kube 1.11.x) released ● #nobigfatdaemons

  48. Status All e2e, cri-tools, integration, 9 test suites, (>500) tests passing. ● No PRs merged without passing all the tests. ○ ● 1.0.7 (kube 1.7.x) supported. (December 2017) 1.9.12 (kube 1.9.x) released. ● CRI-O fully supported in OpenShift 3.9 along with docker. ○ ● 1.10.6 (kube 1.10.x) released. 1.11.2 (Kube 1.11.x) released ● 1.12.1 (Kube 1.12.x) released ● Goal for Openshift 4.0 is to fully support CRI-O by default. ● #nobigfatdaemons

  49. Status CRI-O is now powering nodes on OpenShift Online. #nobigfatdaemons

  50. " CRI-O just works for them, so they haven’t had much to say" #nobigfatdaemons

  51. Making running containers in production boring #nobigfatdaemons

  52. What else does OpenShift need? Ability to build container images ● Ability to push container images to container registries ● #nobigfatdaemons

  53. #nobigfatdaemons

  54. Introducing Buildah https://github.com/containers/buildah #nobigfatdaemons

  55. #nobigfatdaemons https://github.com/containers/buildah

  56. #nobigfatdaemons

  57. Coreutils for building containers. Simple interface #nobigfatdaemons

  58. Coreutils for building containers. Simple interface # ctr=$(buildah from fedora) #nobigfatdaemons

  59. Coreutils for building containers. Simple interface # ctr=$(buildah from fedora) # mnt=$(buildah mount $ctr) #nobigfatdaemons

  60. #nobigfatdaemons

  61. Coreutils for building containers. Simple interface # ctr=$(buildah from fedora) # mnt=$(buildah mount $ctr) # cp -R src $mnt #nobigfatdaemons

  62. Coreutils for building containers. Simple interface # ctr=$(buildah from fedora) # mnt=$(buildah mount $ctr) # cp -R src $mnt # dnf install --installroot=$mnt httpd #nobigfatdaemons

  63. Coreutils for building containers. Simple interface # ctr=$(buildah from fedora) # mnt=$(buildah mount $ctr) # cp -R src $mnt # dnf install --installroot=$mnt httpd # make install DESTDIR=$mnt #nobigfatdaemons

  64. Coreutils for building containers. Simple interface # ctr=$(buildah from fedora) # mnt=$(buildah mount $ctr) # cp -R src $mnt # dnf install --installroot=$mnt httpd # make install DESTDIR=$mnt # buildah config --entrypoint=/usr/sbin/test.sh --env foo=bar $ctr #nobigfatdaemons

  65. Coreutils for building containers. Simple interface # ctr=$(buildah from fedora) # mnt=$(buildah mount $ctr) # cp -R src $mnt # dnf install --installroot=$mnt httpd # make install DESTDIR=$mnt # buildah config --entrypoint=/usr/sbin/test.sh --env foo=bar $ctr # buildah commit $ctr myhttpd #nobigfatdaemons

  66. Coreutils for building containers. Simple interface # ctr=$(buildah from fedora) # mnt=$(buildah mount $ctr) # cp -R src $mnt # dnf install --installroot=$mnt httpd # make install DESTDIR=$mnt # buildah config --entrypoint=/usr/sbin/test.sh --env foo=bar $ctr # buildah commit $ctr myhttpd # buildah push myhttpd docker://rhatdan/myhttpd #nobigfatdaemons

  67. Dan Wait! #nobigfatdaemons

Recommend

Container Model Suite of Tools QPI Meeting Bradenton, Fl Keith Hofseth Institute for Water

Container Model Suite of Tools QPI Meeting Bradenton, Fl Keith Hofseth Institute for Water

Container Model Suite of Tools QPI Meeting Bradenton, Fl Keith Hofseth Institute for Water Resources February 1 2012 BUILDING STRONG! Container Modeling Suite of Tools Objective: Provide Corps planners with a set of desktop tools to

625 views • 33 slides
Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene

Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene

Introduction Container Library Container Tools FUSE Container File System Evaluation Container Library and FUSE Container File System Softwarepraktikum f ur Fortgeschrittene Michael Kuhn Parallele und Verteilte Systeme Institut f ur

353 views • 22 slides
Enhancing Technology for New Generation of Power Tools & Outdoor Equipment William A.

Enhancing Technology for New Generation of Power Tools & Outdoor Equipment William A.

Fast-Charging as an Enhancing Technology for New Generation of Power Tools & Outdoor Equipment William A. Rigdon, PhD July 11, 2019 Stanley Black & Decker (SB&D) 1843 STANLEY is Founded 60,000+ Employees in 50 Countries 500,000+

872 views • 45 slides
DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x

DISASTER RELIEF CENTER 2x Accommodation Container 2x Sanitary Container 1x Galley Container 1x Medical Container 1x Feed Water Container 1x Water Treatment Container 2x Generator Container 1x

569 views • 8 slides
Bare Metal Container National Institute of Advanced Industrial Science and Technology(AIST)

Bare Metal Container National Institute of Advanced Industrial Science and Technology(AIST)

Bare Metal Container National Institute of Advanced Industrial Science and Technology(AIST) Kuniyasu Suzaki 1 Contents Background of BMC Drawbacks of container, general kernel, and accounting. What is BMC? Current

837 views • 34 slides
BPF as a revolutionary technology for the container landscape Daniel Borkmann, Cilium.io

BPF as a revolutionary technology for the container landscape Daniel Borkmann, Cilium.io

BPF as a revolutionary technology for the container landscape Daniel Borkmann, Cilium.io FOSDEM20 Landscape: continuously decreasing lifetime Source: sysdig 19 container usage report Landscape: continuously increasing density Source:

762 views • 39 slides
Nulecule: Packaging, Distributing and Deploying Multi-Container Applications the Cloud Way

Nulecule: Packaging, Distributing and Deploying Multi-Container Applications the Cloud Way

Nulecule: Packaging, Distributing and Deploying Multi-Container Applications the Cloud Way ContainerCon North America 2016 Charlie Drage Container Tools / Project Atomic @ Red Hat cdrage @ http://projectatomic.io Wait, whats Project

304 views • 28 slides
Elmer Alternative Pre-processing tools ElmerTeam CSC IT Center for Science Mesh generation

Elmer Alternative Pre-processing tools ElmerTeam CSC IT Center for Science Mesh generation

Elmer Alternative Pre-processing tools ElmerTeam CSC IT Center for Science Mesh generation capabilities of Elmer suite ElmerGrid: native generation of simple structured meshes ElmerGUI: plugins for tetgen and netgen No geometry generation

355 views • 18 slides
moja global moja global Next generation Next generation tools for measuring emissions tools for

moja global moja global Next generation Next generation tools for measuring emissions tools for

moja global moja global Next generation Next generation tools for measuring emissions tools for measuring emissions from the land from the land sector sector Climate change is one of the biggest challenges of this century info@moja.global

643 views • 29 slides
Nulecule Packaging, Distributing & Deploying Container Applications the Cloud Way 2016 -

Nulecule Packaging, Distributing & Deploying Container Applications the Cloud Way 2016 -

Nulecule Packaging, Distributing & Deploying Container Applications the Cloud Way 2016 - Ghent, Belgium Brian Exelbierd vpavlin@localhost $ su - bexelbie Container Tools Engineer @ Red Hat bexelbie@localhost $

880 views • 37 slides
Flexible Bulk Container MK-14-10 FBC Packaging technology for transportation, (intermediate)

Flexible Bulk Container MK-14-10 FBC Packaging technology for transportation, (intermediate)

Flexible Bulk Container MK-14-10 FBC Packaging technology for transportation, (intermediate) storage & transshipment of dry bulk cargo 3 types of FBC (dimensions & specifications) Industrial and chemical products Agricultural

589 views • 19 slides
Container Deposits The story so far, and why doesn t everyone do this? Container Deposit

Container Deposits The story so far, and why doesn t everyone do this? Container Deposit

Plastic Bags Ban and Container Deposits The story so far, and why doesn t everyone do this? Container Deposit Legislation Remember 1975? Source: Adelaide Now Adelaide Oval Cricket test 1973 Football Grand Final 1973Adelaide Cans

658 views • 18 slides
Context Generation from Formal Specifications for C Analysis Tools Michele Alberti 1 Julien

Context Generation from Formal Specifications for C Analysis Tools Michele Alberti 1 Julien

Context Generation from Formal Specifications for C Analysis Tools Michele Alberti 1 Julien Signoles 2 1 TrustInSoft 2 CEA LIST, Software Reliability and Security Laboratory LOPSTR 2017, Namur, Belgium 1 Code Analysis Tools Effective enough

575 views • 35 slides
A Series Of Unfortunate Container Events Netflixs container platform lessons learned About the

A Series Of Unfortunate Container Events Netflixs container platform lessons learned About the

A Series Of Unfortunate Container Events Netflixs container platform lessons learned About the speakers and team Follow along - @sargun @tomaszbak_ca @fabiokung @aspyker @amit_joshee @anwleung 2 Netflixs container management platform

808 views • 44 slides
Abstract Generation Advanced VLSI Design CMPE 641 Abstract Generation Place and route tools do

Abstract Generation Advanced VLSI Design CMPE 641 Abstract Generation Place and route tools do

Abstract Generation Advanced VLSI Design CMPE 641 Abstract Generation Place and route tools do not require the full cell layout Another view of the standard cells called the abstract view needs to generated The abstract view provides

537 views • 6 slides
Abstract Generation Advanced VLSI Design CMPE 414 Abstract Generation Place and route tools do

Abstract Generation Advanced VLSI Design CMPE 414 Abstract Generation Place and route tools do

Abstract Generation Advanced VLSI Design CMPE 414 Abstract Generation Place and route tools do not require the full cell layout Another view of the standard cells called the abstract view needs to generated The abstract view provides

90 views • 8 slides
GPU-Based Scene Generation for Flight Simulation Tim Woodard Chief Technology Officer Diamond

GPU-Based Scene Generation for Flight Simulation Tim Woodard Chief Technology Officer Diamond

GPU-Based Scene Generation for Flight Simulation Tim Woodard Chief Technology Officer Diamond Visionics www.dvcsim.com GPU Technology Conference 2015 Deferred Commitment Traditional Scene Generation 3 Database Generation Image

470 views • 23 slides
Container combinatorics: Monads and more Tarmo Uustalu, Tallinn University of Technology SYCO 1,

Container combinatorics: Monads and more Tarmo Uustalu, Tallinn University of Technology SYCO 1,

Container combinatorics: Monads and more Tarmo Uustalu, Tallinn University of Technology SYCO 1, Birmingham, 2021 September 2018 Containers? Containers (Abbott, Altenkirch, Ghani; cf polynomials, Gambino, Hyland, Kock) are an elegant

492 views • 27 slides
Introduction to Interactive Tools A Three Layer Framework for SilvacoTCAD Automation Tools

Introduction to Interactive Tools A Three Layer Framework for SilvacoTCAD Automation Tools

Introduction to Interactive Tools A Three Layer Framework for SilvacoTCAD Automation Tools Automation Tools Database Sensitivity Worksheet RSM Generation Manager Analysis Editor An Automated system for high throughput simulation based

439 views • 18 slides
IEA EBC Annex 60 New Generation Computational Tools for Building and Community Energy

IEA EBC Annex 60 New Generation Computational Tools for Building and Community Energy

IEA EBC Annex 60 New Generation Computational Tools for Building and Community Energy Systems based on the Modelica and Functional Mockup Interface Standards Co-operating agents: Michael Wetter , LBNL, Berkeley, CA

458 views • 25 slides
tools NC programme preparation using CAM solutions. CAM systems for NC program generation for

tools NC programme preparation using CAM solutions. CAM systems for NC program generation for

Course is focused on fundamental possibilities of automatization of machine tools NC programme preparation using CAM solutions. CAM systems for NC program generation for milling operations. CAM system structure and new CNC technologies.

687 views • 50 slides
Status of the Next-Generation Supercomputer Project YOKOKAWA, Mitsuo Next-Generation

Status of the Next-Generation Supercomputer Project YOKOKAWA, Mitsuo Next-Generation

Status of the Next-Generation Supercomputer Project YOKOKAWA, Mitsuo Next-Generation Supercomputer R&D Center RIKEN International Workshop on Peta-Scale Computing Programming Environment, Languages and Tools (WPSE2009) March 25-26, 2009

374 views • 9 slides
CERN IT Technical Forum Agenda > An introduction to the new generation of software tools from

CERN IT Technical Forum Agenda > An introduction to the new generation of software tools from

Evaluating program correctness and performance with new software tools from Intel Andrzej Nowak, CERN openlab March 18 th 2011 CERN IT Technical Forum Agenda > An introduction to the new generation of software tools from Intel > Intel

661 views • 54 slides
Objectives Random Bit Generation Pseudorandom Bit Generation Statistical Tests

Objectives Random Bit Generation Pseudorandom Bit Generation Statistical Tests

Pseudorandomness Debdeep Mukhopadhyay Assistant Professor Department of Computer Science and Engineering Indian Institute of Technology Kharagpur INDIA -721302 Objectives Random Bit Generation Pseudorandom Bit Generation

379 views • 17 slides

More recommend