Enviar búsqueda
Cargar
Shrinking the container_zurich_july_2018
•
0 recomendaciones
•
50 vistas
E
Ewan Slater
Seguir
My talk to the Zurich Docker meetup (25/07/18) on microcontainers, smith and crashcart
Leer menos
Leer más
Tecnología
Denunciar
Compartir
Denunciar
Compartir
1 de 83
Descargar ahora
Descargar para leer sin conexión
Recomendados
Java and Serverless - A Match Made In Heaven, Part 1
Java and Serverless - A Match Made In Heaven, Part 1
Curity
Open source applied - Real world use cases (Presented at Open Source 101)
Open source applied - Real world use cases (Presented at Open Source 101)
Rogue Wave Software
Oracle - Continuous Delivery NYC meetup, June 07, 2018
Oracle - Continuous Delivery NYC meetup, June 07, 2018
Oracle Developers
Microservices at Scale with Istio
Microservices at Scale with Istio
Jesse Butler
JDD2014: Enforcing architecture patterns with static code analysis - Pablo Ba...
JDD2014: Enforcing architecture patterns with static code analysis - Pablo Ba...
PROIDEA
Tecnologias Oracle em Docker Containers On-premise e na Nuvem
Tecnologias Oracle em Docker Containers On-premise e na Nuvem
Bruno Borges
Melhore o Desenvolvimento do Time com DevOps na Nuvem
Melhore o Desenvolvimento do Time com DevOps na Nuvem
Bruno Borges
Microservices + Oracle: A Bright Future
Microservices + Oracle: A Bright Future
Kelly Goetsch
Recomendados
Java and Serverless - A Match Made In Heaven, Part 1
Java and Serverless - A Match Made In Heaven, Part 1
Curity
Open source applied - Real world use cases (Presented at Open Source 101)
Open source applied - Real world use cases (Presented at Open Source 101)
Rogue Wave Software
Oracle - Continuous Delivery NYC meetup, June 07, 2018
Oracle - Continuous Delivery NYC meetup, June 07, 2018
Oracle Developers
Microservices at Scale with Istio
Microservices at Scale with Istio
Jesse Butler
JDD2014: Enforcing architecture patterns with static code analysis - Pablo Ba...
JDD2014: Enforcing architecture patterns with static code analysis - Pablo Ba...
PROIDEA
Tecnologias Oracle em Docker Containers On-premise e na Nuvem
Tecnologias Oracle em Docker Containers On-premise e na Nuvem
Bruno Borges
Melhore o Desenvolvimento do Time com DevOps na Nuvem
Melhore o Desenvolvimento do Time com DevOps na Nuvem
Bruno Borges
Microservices + Oracle: A Bright Future
Microservices + Oracle: A Bright Future
Kelly Goetsch
Java EE Arquillian Testing with Docker & The Cloud
Java EE Arquillian Testing with Docker & The Cloud
Bruno Borges
Oracle Ravello Presentation 7Dec16 v1
Oracle Ravello Presentation 7Dec16 v1
Kurt Liu
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
Rakuten Group, Inc.
The Lie of a Benevolent Dictator; the Truth of a Working Democratic Meritocracy
The Lie of a Benevolent Dictator; the Truth of a Working Democratic Meritocracy
Randy Bias
Delivering Mobile Apps to the Field with Oracle
Delivering Mobile Apps to the Field with Oracle
Simon Haslam
2017 State Enterprise Multi Cloud Webinar
2017 State Enterprise Multi Cloud Webinar
Cloudify Community
Cache-Aside Cloud Design Pattern
Cache-Aside Cloud Design Pattern
Siva Rama Krishna Chunduru
Enterprise Ready OpenStack, Wiekus Beukes, Oracle
Enterprise Ready OpenStack, Wiekus Beukes, Oracle
Sriram Subramanian
Building and Deploying Cloud Native Applications
Building and Deploying Cloud Native Applications
Manish Kapur
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Shaun Smith
Lightweight Java in the Cloud
Lightweight Java in the Cloud
Bruno Borges
Container Native Development Tools - Talk by Mickey Boxell
Container Native Development Tools - Talk by Mickey Boxell
Oracle Developers
Sitecore development approach evolution – destination helix
Sitecore development approach evolution – destination helix
Peter Nazarov
Lightweight Java in the Cloud
Lightweight Java in the Cloud
Shaun Smith
Oracle OCI APIs and SDK
Oracle OCI APIs and SDK
Phil Wilkins
Oracle Ravello
Oracle Ravello
Andrey Akulov
Building Cloud Native Applications with Oracle Autonomous Database.
Building Cloud Native Applications with Oracle Autonomous Database.
Oracle Developers
Cloud Native Architecture Patterns Tutorial
Cloud Native Architecture Patterns Tutorial
Matt Stine
GDPR- The Buck Stops Here
GDPR- The Buck Stops Here
Kellyn Pot'Vin-Gorman
Supercharge your Code to get optimal Database Performance
Supercharge your Code to get optimal Database Performance
gvenzl
Serverless Kotlin
Serverless Kotlin
David Delabassee
Functions and DevOps
Functions and DevOps
Shaun Smith
Más contenido relacionado
La actualidad más candente
Java EE Arquillian Testing with Docker & The Cloud
Java EE Arquillian Testing with Docker & The Cloud
Bruno Borges
Oracle Ravello Presentation 7Dec16 v1
Oracle Ravello Presentation 7Dec16 v1
Kurt Liu
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
Rakuten Group, Inc.
The Lie of a Benevolent Dictator; the Truth of a Working Democratic Meritocracy
The Lie of a Benevolent Dictator; the Truth of a Working Democratic Meritocracy
Randy Bias
Delivering Mobile Apps to the Field with Oracle
Delivering Mobile Apps to the Field with Oracle
Simon Haslam
2017 State Enterprise Multi Cloud Webinar
2017 State Enterprise Multi Cloud Webinar
Cloudify Community
Cache-Aside Cloud Design Pattern
Cache-Aside Cloud Design Pattern
Siva Rama Krishna Chunduru
Enterprise Ready OpenStack, Wiekus Beukes, Oracle
Enterprise Ready OpenStack, Wiekus Beukes, Oracle
Sriram Subramanian
Building and Deploying Cloud Native Applications
Building and Deploying Cloud Native Applications
Manish Kapur
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Shaun Smith
Lightweight Java in the Cloud
Lightweight Java in the Cloud
Bruno Borges
Container Native Development Tools - Talk by Mickey Boxell
Container Native Development Tools - Talk by Mickey Boxell
Oracle Developers
Sitecore development approach evolution – destination helix
Sitecore development approach evolution – destination helix
Peter Nazarov
Lightweight Java in the Cloud
Lightweight Java in the Cloud
Shaun Smith
Oracle OCI APIs and SDK
Oracle OCI APIs and SDK
Phil Wilkins
Oracle Ravello
Oracle Ravello
Andrey Akulov
Building Cloud Native Applications with Oracle Autonomous Database.
Building Cloud Native Applications with Oracle Autonomous Database.
Oracle Developers
Cloud Native Architecture Patterns Tutorial
Cloud Native Architecture Patterns Tutorial
Matt Stine
GDPR- The Buck Stops Here
GDPR- The Buck Stops Here
Kellyn Pot'Vin-Gorman
Supercharge your Code to get optimal Database Performance
Supercharge your Code to get optimal Database Performance
gvenzl
La actualidad más candente
(20)
Java EE Arquillian Testing with Docker & The Cloud
Java EE Arquillian Testing with Docker & The Cloud
Oracle Ravello Presentation 7Dec16 v1
Oracle Ravello Presentation 7Dec16 v1
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
[Rakuten TechConf2014] [C-5] Ichiba Architecture on ExaLogic
The Lie of a Benevolent Dictator; the Truth of a Working Democratic Meritocracy
The Lie of a Benevolent Dictator; the Truth of a Working Democratic Meritocracy
Delivering Mobile Apps to the Field with Oracle
Delivering Mobile Apps to the Field with Oracle
2017 State Enterprise Multi Cloud Webinar
2017 State Enterprise Multi Cloud Webinar
Cache-Aside Cloud Design Pattern
Cache-Aside Cloud Design Pattern
Enterprise Ready OpenStack, Wiekus Beukes, Oracle
Enterprise Ready OpenStack, Wiekus Beukes, Oracle
Building and Deploying Cloud Native Applications
Building and Deploying Cloud Native Applications
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Polyglot! A Lightweight Cloud Platform for Java SE, Node, and More
Lightweight Java in the Cloud
Lightweight Java in the Cloud
Container Native Development Tools - Talk by Mickey Boxell
Container Native Development Tools - Talk by Mickey Boxell
Sitecore development approach evolution – destination helix
Sitecore development approach evolution – destination helix
Lightweight Java in the Cloud
Lightweight Java in the Cloud
Oracle OCI APIs and SDK
Oracle OCI APIs and SDK
Oracle Ravello
Oracle Ravello
Building Cloud Native Applications with Oracle Autonomous Database.
Building Cloud Native Applications with Oracle Autonomous Database.
Cloud Native Architecture Patterns Tutorial
Cloud Native Architecture Patterns Tutorial
GDPR- The Buck Stops Here
GDPR- The Buck Stops Here
Supercharge your Code to get optimal Database Performance
Supercharge your Code to get optimal Database Performance
Similar a Shrinking the container_zurich_july_2018
Serverless Kotlin
Serverless Kotlin
David Delabassee
Functions and DevOps
Functions and DevOps
Shaun Smith
Oracle Modern AppDev Approach to Cloud & Container Native App
Oracle Modern AppDev Approach to Cloud & Container Native App
Paulo Alberto Simoes ∴
DevOps Supercharged with Docker on Exadata
DevOps Supercharged with Docker on Exadata
MarketingArrowECS_CZ
Diagnose Your Microservices
Diagnose Your Microservices
Marcus Hirt
Serverless patterns
Serverless patterns
Jesse Butler
Solaris 11.4 launch
Solaris 11.4 launch
Scott Lynn
Using MySQL Containers
Using MySQL Containers
Matt Lord
Multi Stage Docker Build
Multi Stage Docker Build
Prasenjit Sarkar
Delivering Mobile Apps to the Field with Oracle JET
Delivering Mobile Apps to the Field with Oracle JET
Simon Haslam
Randstad Docker meetup - Serverless
Randstad Docker meetup - Serverless
David Delabassee
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Data
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Data
Getting value from IoT, Integration and Data Analytics
AMIS Oracle OpenWorld & CodeOne Review - Pillar 1 - Data (5 november 2018)
AMIS Oracle OpenWorld & CodeOne Review - Pillar 1 - Data (5 november 2018)
Lucas Jellema
Microcontainers and Tools for Hardcore Container Debugging
Microcontainers and Tools for Hardcore Container Debugging
Oracle Developers
Autonomous Data Warehouse
Autonomous Data Warehouse
MarketingArrowECS_CZ
Csa container-security-in-aws-dw
Csa container-security-in-aws-dw
Cloud Security Alliance, UK chapter
Persistent storage with containers By Kaslin Fields
Persistent storage with containers By Kaslin Fields
Oracle Developers
ADW Topic.pdf
ADW Topic.pdf
MrSatheshAbrahamLeoC
Microservices and Container
Microservices and Container
Wolfgang Weigend
Why citizen developers should be your new best friend - Oracle APEX
Why citizen developers should be your new best friend - Oracle APEX
DavidPeake15
Similar a Shrinking the container_zurich_july_2018
(20)
Serverless Kotlin
Serverless Kotlin
Functions and DevOps
Functions and DevOps
Oracle Modern AppDev Approach to Cloud & Container Native App
Oracle Modern AppDev Approach to Cloud & Container Native App
DevOps Supercharged with Docker on Exadata
DevOps Supercharged with Docker on Exadata
Diagnose Your Microservices
Diagnose Your Microservices
Serverless patterns
Serverless patterns
Solaris 11.4 launch
Solaris 11.4 launch
Using MySQL Containers
Using MySQL Containers
Multi Stage Docker Build
Multi Stage Docker Build
Delivering Mobile Apps to the Field with Oracle JET
Delivering Mobile Apps to the Field with Oracle JET
Randstad Docker meetup - Serverless
Randstad Docker meetup - Serverless
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Data
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Data
AMIS Oracle OpenWorld & CodeOne Review - Pillar 1 - Data (5 november 2018)
AMIS Oracle OpenWorld & CodeOne Review - Pillar 1 - Data (5 november 2018)
Microcontainers and Tools for Hardcore Container Debugging
Microcontainers and Tools for Hardcore Container Debugging
Autonomous Data Warehouse
Autonomous Data Warehouse
Csa container-security-in-aws-dw
Csa container-security-in-aws-dw
Persistent storage with containers By Kaslin Fields
Persistent storage with containers By Kaslin Fields
ADW Topic.pdf
ADW Topic.pdf
Microservices and Container
Microservices and Container
Why citizen developers should be your new best friend - Oracle APEX
Why citizen developers should be your new best friend - Oracle APEX
Último
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Zilliz
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
apidays
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Rustici Software
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
apidays
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
The Digital Insurer
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
Martijn de Jong
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Andrey Devyatkin
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
rafiqahmad00786416
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
MadyBayot
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
The Digital Insurer
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
jfdjdjcjdnsjd
Último
(20)
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
presentation ICT roal in 21st century education
presentation ICT roal in 21st century education
Shrinking the container_zurich_july_2018
1.
2.
Shrinking the Container @ewanslater
3.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle. 3
4.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Take - aways • Make smaller things • Only pack what you need • Use the smallest container 4
5.
6.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | 7
7.
8.
9.
10.
11.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Software 12
12.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Responsibility 13
13.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | 14
14.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | When I wrote FORTRAN… 15 £140
15.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | When I wrote FORTRAN… 16 £140 £40
16.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | When I wrote FORTRAN… 17 £140 £40 £100
17.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | The less you care about, The Happier you are 18
18.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Enterprise Software • Multiple responsibilities • Difficult to deploy • Difficult to scale 19
19.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Lack of Agility • “too big too fail” “too difficult to change” – Technical risk – Political risk • “it would take us two years to deploy hello world” – Public sector customer Finland 20
20.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | 21
21.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | 22
22.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | All the Little Things • Want better apps? • Make smaller things • Have them know as little as possible about each other 24 Talk by Sandi Metz https://youtu.be/8bZh5LMaSmE
23.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Make smaller things* * Things == Objects || Services || Applications 25
24.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Small things* are easy to change * Things == Objects || Services || Applications 26
25.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | 27 Monoliths Microservices
26.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Microservices • Do one thing well • Loosely coupled • Choreography > Orchestration • Business capabilities not tech layers 28
27.
28.
29.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Infrastructure 36
30.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | 39
31.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Diminished Responsibility Server • Hardware • OS • Multiple services and applications VM • OS • Single service or application (typically) Container • Single service or application 43
32.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | A Case Study 44
33.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | SaaS Startup • Monolithic Rails app • Running on VMs • Inflexible scaling (whole app only) • Measure inflexibility in $ • Need to – Improve Scalability – Improve Utilisation – Lower Costs 45
34.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Splitting the Monolith • Refactor app • Set of Microservices • Image per Microservice • Choreography 46
35.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Result • Fine – grained scalability • Event – driven • Improved utilisation • Lower costs 47
36.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Houston, we have an opportunity… 48
37.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | …and a challenge… 49
38.
39.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | “Docker makes building containers a breeze. Just put a standard Dockerfile into your folder, run the docker ‘build’ command, and shazam! Your container image is built! The downside of this simplicity is that it’s easy to build huge containers full of things you don’t need—including potential security holes.” - Sandeep Dinesh, Google Developer Advocate (see https://goo.gl/76GPcd) 51
40.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Containers @ Oracle 52
41.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Operational Differences • Immutability • Rebuild / Redeploy vs Patching • Build toolchain vs Config Management tools 53
42.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Worst Practices • Developers without operational awareness • Multiple applications per container • Container Bloat • Handling of security vulnerabilities 54
43.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Security Matters • Privilege escalation – Whole Linux user space bigger attack surface – Compromise app expose other vectors • Vulnerability management – Can’t patch a running container – What does the app really need to run? – What do I really need to patch? 55
44.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Size Matters • Large images – Often > 1GB in size – FROM Debian – Alpine can help, but brings it’s own problems • Bloat – "You wanted a banana but what you got was a gorilla holding the banana and the entire jungle" – Joe Armstrong 57
45.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Enter Microcontainers 58
46.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | A Microcontainer • Contains only – Single executable – Dependencies (of the executable) • Runs with a read only root filesystem • Files are all owned and read by a single user 59
47.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Result • Small image • Fast, easy distribution • Smaller attack surface • Certainty over vulnerabilities 60
48.
49.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | 62
50.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | containers lean
51.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Builder Pattern • Development Dockerfile – Creates “fat” development image • Production Dockerfile – Creates “lean” production image • Build script to extract and copy • Difficult to maintain • Messy 64
52.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Multi Stage Builds • Single Dockerfile • Create successive images – (can use different bases) • Copy from imagen to imagen+1 • Single, final image 65 Since Docker 17.05
53.
54.
55.
56.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | If I had a hammer… • Single layer • Automatic Dependency Resolution • Enables best practice: – Single user – Idempotent builds – More secure images • No overlayfs 69
57.
58.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Smith • Open Source – Apache License 2.0 – Universal Permissive License • Command line tool for – Building Microcontainer images • yum repos • rpm files – Shrinking existing containers • Standard image in Microcontainer image out 71 http://github.com/oracle/smith
59.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Process • If shrinking – Download image in OCI format – Or point to URL • Define a smith.yaml file • Run smith • Upload in OCI format to Docker repo 72
60.
61.
62.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | How it works: Packages new OCI image Creates single layer Loads library search paths and recursively copies dependencies Copies out files from paths in smith.yaml Unpacks layers 75
63.
64.
65.
66.
67.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | For best results • Build a Big Fat Image • Hammer it with Smith • Easier & quicker than Multi Stage Build – YMMV 80 (unless you have a self contained binary)
68.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | What if…? 81
69.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Don’t… • Run sshd • Login with ssh • Embed debug tools • Docker exec to get prompt 82
70.
71.
72.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Challenges • Can’t just mount a directory into the container on the fly – Restart - may be difficult to recreate conditions • Most tools expect to be in their own directory • Paths • Library conflicts 85
73.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Requirements • Debug tools happy with alternate location • Static library dependencies avoid conflict with container libraries • Focus on solving problem, not hacking container. 86
74.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Crashcart • Open Source – Apache License 2.0 – Universal Permissive License • Simple command line tool • “Sideloads” an image with Linux binaries (debug tools) into an existing container 87 http://github.com/oracle/crashcart
75.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Crashcart • Attach to pid of container • Mounts crashcart image • Run binaries from crashcart image • Detach & unmount 88
76.
Whatever works best
for you
77.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Get involved • Fork Smith and Crashcart on GitHub • Try the labs for Smith and Crashcart • Get in touch via Slack • Contribute 90
78.
79.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Take - aways • Make smaller things • Only pack what you need • Use the smallest container • Benefits – Simplicity – Agility – Security 92
80.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | 93 ewan.slater@oracle.com @ewanslater https://plus.google.com/+EwanSlater
81.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | Questions? 94
82.
Copyright © 2018,
Oracle and/or its affiliates. All rights reserved. | 95
Descargar ahora