SlideShare une entreprise Scribd logo

Online Meetup: Why should container system / platform builders care about containerd 1.0?

Docker, Inc.
Docker, Inc.

Docker and the CNCF recently announced the general availability of containerd 1.0, an industry-standard runtime for building container solutions. The containerd 1.0 milestone comes after several months of alpha and beta releases, that allowed the team to implement various performance improvements: creation of a stress testing system, improvements in garbage collection and shim memory usage, etc. In this online meetup, we look at how containerd works, what are the top features and improvements and how can container system builders integrate with containerd.

Technologie
1  sur  30
Télécharger pour lire hors ligne
Tour of containerd Jessica Valarezo, Docker Derek McGowan, Docker December 18th, 2017
Agenda ▪ Introduction to containerd ▪ Top features and improvements ▪ Getting started with containerd + demo ▪ Contributing to containerd
What is it???? kənˈtānər D container-dee
Technical Goals ▪ Clean gRPC-based API + client library ▪ Runtime agility: full OCI support ▪ Stability and performance with tight, well-defined core of container function ▪ Decoupled systems (image, filesystem, runtime) for pluggability, reuse
MetadataStorage Architecture ContainersContent DiffSnapshot Images GRPC API Metrics API Events Runtimes Tasks RuntimesOS
Architecture containerd OS (Storage, FS, Networking) Runtimes (runc, kata) API Client (moby, cri-containerd, etc.)
{ "schemaVersion": 2, "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json", "manifests": [ { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2094, "digest": "sha256:7820f9a86d4ad15a2c4f0c0e5479298df2aa7c2f6871288e2ef8546f3e7b6783", "platform": { "architecture": "ppc64le", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 1922, "digest": "sha256:ae1b0e06e8ade3a11267564a26e750585ba2259c0ecab59ab165ad1af41d1bdd", "platform": { "architecture": "amd64", "os": "linux", "features": [ "sse" ] } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:e4c0df75810b953d6717b8f8f28298d73870e8aa2a0d5e77b8391f16fdfbbbe2", "platform": { "architecture": "s390x", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:07ebe243465ef4a667b78154ae6c3ea46fdb1582936aac3ac899ea311a701b40", "platform": { "architecture": "arm", "os": "linux", "variant": "armv7" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2090, "digest": "sha256:fb2fc0707b86dafa9959fe3d29e66af8787aee4d9a23581714be65db4265ad8a", "platform": { "architecture": "arm64", "os": "linux", "variant": "armv8" } Image Formats Index (Manifest List) linux amd64 linux ppc64le windows amd64 Manifests: Manifest linux arm64 Layers: Image Config: L0 Ln C Digest Layer File 0 Layer File 1 Layer File N L1 Digest Digest Digest Digest Docker and OCI compatible
Content Addressability digest.FromString(“foo”) -> “sha256:2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae” digest.FromString(“foo tampered”) -> “sha256:51f7f1d1f6bebed72b936c8ea257896cb221b91d303c5b5c44073fce33ab8dd8” sha256:2c26b foo digest.FromString(“bar sha256:2c...”) -> “sha256:2e94890c66fbcccca9ad680e1b1c933cc323a5b4bcb14cc8a4bc78bb88d41055” tampered sha256:2e948 bar sha256:2c26b
{ "schemaVersion": 2, "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json", "manifests": [ { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2094, "digest": "sha256:7820f9a86d4ad15a2c4f0c0e5479298df2aa7c2f6871288e2ef8546f3e7b6783", "platform": { "architecture": "ppc64le", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 1922, "digest": "sha256:ae1b0e06e8ade3a11267564a26e750585ba2259c0ecab59ab165ad1af41d1bdd", "platform": { "architecture": "amd64", "os": "linux", "features": [ "sse" ] } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:e4c0df75810b953d6717b8f8f28298d73870e8aa2a0d5e77b8391f16fdfbbbe2", "platform": { "architecture": "s390x", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:07ebe243465ef4a667b78154ae6c3ea46fdb1582936aac3ac899ea311a701b40", "platform": { "architecture": "arm", "os": "linux", "variant": "armv7" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2090, "digest": "sha256:fb2fc0707b86dafa9959fe3d29e66af8787aee4d9a23581714be65db4265ad8a", "platform": { "architecture": "arm64", "os": "linux", "variant": "armv8" } Image Formats Index (Manifest List) linux amd64 linux ppc64le windows amd64 Manifests: Manifest linux arm64 Layers: Image Config: L0 L1 Ln Root Filesystem /usr /bin /dev /etc /home /lib C OCI Runtime Spec process args env cwd … root mounts Docker and OCI compatible OCI Image Spec containerd containerd
Snapshotters How do you build a container root filesystem?
Storage Architecture Snapshotter “layer snapshots” Content Store “content addressed blobs” Metadata Store “references” Runtime spec Rootfs (mounts)
Snapshots type Snapshotter interface { Stat(key string) (Info, error) Mounts(key string) ([]containerd.Mount, error) Prepare(key, parent string) ([]containerd.Mount, error) View(key, parent string) ([]containerd.Mount, error) Commit(name, key string) error Remove(key string) error Walk(fn func(Info) error) error } type Info struct { Name string // name or key of snapshot Parent string Kind Kind } type Kind int const ( KindActive KindView KindCommitted )
Active Committed Prepare(a, P0 ) Commit(P1 , a′) Snapshot Model P0a a′ b P1 P2 Commit(P2 , b) Remove(b) Prepare(b, P1 )
Pulling an Image Data Flow Pull Fetch Content Images Snapshots Unpack Events Remote registry Mounts
Demo
API Client containerd Tasks and Runtime Runtimes Tasks Service Containers Service Meta Runtime Spec Mounts linux containerd-shim containerd-shim containerd-shim containerd-shim wcow hcsshim VM VM VM VM lcow VM VM hcsshim VM VM VM VM VM VM
Starting a Container Images Snapshot Run Prepare Start Events Running Containers Containers Tasks Create
Example: Pull an Image Via ctr client: $ export CONTAINERD_NAMESPACE=example $ ctr pull docker.io/library/redis:alpine $ ctr image ls import ( "context" "github.com/containerd/containerd" "github.com/containerd/containerd/namespaces" ) // connect to our containerd daemon client, err := containerd.New("/run/containerd/containerd.sock") defer client.Close() // set our namespace to “example”: ctx := namespaces.WithNamespace(context.Background(), "example") // pull the alpine-based redis image from DockerHub: image, err := client.Pull(ctx, "docker.io/library/redis:alpine", containerd.WithPullUnpack)
Example: Run a Container Via ctr client: $ export CONTAINERD_NAMESPACE=example $ ctr run -t docker.io/library/redis:alpine redis-server $ ctr c ls // create our container metadata object and runtime config // allocate a new RW root filesystem for container based on the image container, err := client.NewContainer(ctx, "redis-server", containerd.WithNewSnapshot(“redis-rootfs”, image), containerd.WithNewSpec(oci.WithImageConfig(image)), ) defer container.Delete() // create a task from the container task, err := container.NewTask(ctx, containerd.Stdio) defer task.Delete(ctx) // make sure we wait before calling start exitStatusC, err := task.Wait(ctx) // call start on the task // starts the redis-server process in the container if err := task.Start(ctx); err != nil { return err }
Example: Kill a Task Via ctr client: $ export CONTAINERD_NAMESPACE=example $ ctr t kill redis-server $ ctr t ls // make sure we wait before calling start exitStatusC, err := task.Wait(ctx) time.Sleep(3 * time.Second) if err := task.Kill(ctx, syscall.SIGTERM); err != nil { return err } // retrieve the process exit status from the channel status := <-exitStatusC code, exitedAt, err := status.Result() if err != nil { return err } // print out the exit code from the process fmt.Printf("redis-server exited with status: %dn", code)
# HELP container_blkio_io_service_bytes_recursive_bytes The blkio io service bytes recursive # TYPE container_blkio_io_service_bytes_recursive_bytes gauge container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Async"} 1.07159552e+08 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Read"} 0 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Sync"} 81920 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Total"} 1.07241472e+08 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Write"} 1.07241472e+08 # HELP container_blkio_io_serviced_recursive_total The blkio io servied recursive # TYPE container_blkio_io_serviced_recursive_total gauge container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Async"} 892 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Read"} 0 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Sync"} 888 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Total"} 1780 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Write"} 1780 # HELP container_cpu_kernel_nanoseconds The total kernel cpu time # TYPE container_cpu_kernel_nanoseconds gauge container_cpu_kernel_nanoseconds{container_id="foo4",namespace="default"} 2.6e+08 # HELP container_cpu_throttle_periods_total The total cpu throttle periods # TYPE container_cpu_throttle_periods_total gauge container_cpu_throttle_periods_total{container_id="foo4",namespace="default"} 0 # HELP container_cpu_throttled_periods_total The total cpu throttled periods # TYPE container_cpu_throttled_periods_total gauge container_cpu_throttled_periods_total{container_id="foo4",namespace="default"} 0 # HELP container_cpu_throttled_time_nanoseconds The total cpu throttled time # TYPE container_cpu_throttled_time_nanoseconds gauge container_cpu_throttled_time_nanoseconds{container_id="foo4",namespace="default"} 0 # HELP container_cpu_total_nanoseconds The total cpu time # TYPE container_cpu_total_nanoseconds gauge container_cpu_total_nanoseconds{container_id="foo4",namespace="default"} 1.003301578e+09 # HELP container_cpu_user_nanoseconds The total user cpu time # TYPE container_cpu_user_nanoseconds gauge container_cpu_user_nanoseconds{container_id="foo4",namespace="default"} 7e+08 # HELP container_hugetlb_failcnt_total The hugetlb failcnt # TYPE container_hugetlb_failcnt_total gauge container_hugetlb_failcnt_total{container_id="foo4",namespace="default",page="1GB"} 0 container_hugetlb_failcnt_total{container_id="foo4",namespace="default",page="2MB"} 0 # HELP container_hugetlb_max_bytes The hugetlb maximum usage # TYPE container_hugetlb_max_bytes gauge container_hugetlb_max_bytes{container_id="foo4",namespace="default",page="1GB"} 0 container_hugetlb_max_bytes{container_id="foo4",namespace="default",page="2MB"} 0 # HELP container_hugetlb_usage_bytes The hugetlb usage # TYPE container_hugetlb_usage_bytes gauge container_hugetlb_usage_bytes{container_id="foo4",namespace="default",page="1GB"} 0 container_hugetlb_usage_bytes{container_id="foo4",namespace="default",page="2MB"} 0 # HELP container_memory_active_anon_bytes The active_anon amount # TYPE container_memory_active_anon_bytes gauge container_memory_active_anon_bytes{container_id="foo4",namespace="default"} 2.658304e+06 # HELP container_memory_active_file_bytes The active_file amount # TYPE container_memory_active_file_bytes gauge container_memory_active_file_bytes{container_id="foo4",namespace="default"} 7.319552e+06 # HELP container_memory_cache_bytes The cache amount used # TYPE container_memory_cache_bytes gauge container_memory_cache_bytes{container_id="foo4",namespace="default"} 5.0597888e+07 # HELP container_memory_dirty_bytes The dirty amount Metrics
Supported Components Component Status Stabilized Version Links GRPC API Stable 1.0 api/ Metrics API Stable 1.0 Go client API Unstable 1.1 tentative godoc ctr tool Unstable Out of scope -
Support Horizon Release Status Start End of Life 0.0 End of Life Dec 4, 2015 - 0.1 End of Life Mar 21, 2016 - 0.2 End of Life Apr 21, 2016 Dec 5, 2017 1.0 Active Dec 5, 2017 max(Dec 5, 2018, release of 1.1.0) 1.1 Next TBD max(TBD+1 year, release of 1.2.0)
One point Ohhhhhhhhhh!
Stress testing create/start/delete 678 containers in 60.144 seconds (11.273 c/sec) or (0.089 sec/c) failures=0
Garbage Collection Im age
containerd-shim reduction container shim 15320 kB RSS 3644 kB RSS
Use cases - CURRENT - Docker (moby) - Kubernetes (cri-containerd) - LinuxKit - BuildKit - FUTURE/POTENTIAL - IBM Cloud/Bluemix - OpenFaaS - {your project here}
Going further with containerd ▪ Contributing: Bug fixes, adding tests, improving docs, validation https://github.com/containerd/containerd ▪ Using: See the getting started documentation in the docs folder of the repo https://github.com/containerd/containerd/blob/master/docs/getting-started.md ▪ Porting/testing: Other architectures & OSs, stress testing (see bucketbench, containerd-stress): git clone <repo>, make binaries, sudo make install ▪ K8s CRI: incubation project to use containerd as CRI In beta today; e2e tests, validation, contributing
Thank You! Questions? ▪ Jessica Valarezo ▫ https://github.com/jessvalarezo ▫ jessica.valarezo@docker.com ▫ Twitter: @jessvalarezo1

Recommandé

Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor BrownDockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Docker, Inc.
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
Docker, Inc.
 
Windows Server and Docker - The Internals Behind Bringing Docker and Containe...
Windows Server and Docker - The Internals Behind Bringing Docker and Containe...Windows Server and Docker - The Internals Behind Bringing Docker and Containe...
Windows Server and Docker - The Internals Behind Bringing Docker and Containe...
Docker, Inc.
 
Docker for Devs - John Zaccone, IBM
Docker for Devs - John Zaccone, IBMDocker for Devs - John Zaccone, IBM
Docker for Devs - John Zaccone, IBM
Docker, Inc.
 
Docker and stuff
Docker and stuffDocker and stuff
Docker and stuff
Varun Sharma
 
Cloning Running Servers with Docker and CRIU by Ross Boucher
Cloning Running Servers with Docker and CRIU by Ross BoucherCloning Running Servers with Docker and CRIU by Ross Boucher
Cloning Running Servers with Docker and CRIU by Ross Boucher
Docker, Inc.
 
Docker on Windows
Docker on WindowsDocker on Windows
Docker on Windows
Stefan Scherer
 
Docker Meetup 08 03-2016
Docker Meetup 08 03-2016Docker Meetup 08 03-2016
Docker Meetup 08 03-2016
Docker
 

Recommandé

Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor BrownDockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Dockerizing Windows Server Applications by Ender Barillas and Taylor Brown
Docker, Inc.
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
Docker, Inc.
 
Windows Server and Docker - The Internals Behind Bringing Docker and Containe...
Windows Server and Docker - The Internals Behind Bringing Docker and Containe...Windows Server and Docker - The Internals Behind Bringing Docker and Containe...
Windows Server and Docker - The Internals Behind Bringing Docker and Containe...
Docker, Inc.
 
Docker for Devs - John Zaccone, IBM
Docker for Devs - John Zaccone, IBMDocker for Devs - John Zaccone, IBM
Docker for Devs - John Zaccone, IBM
Docker, Inc.
 
Docker and stuff
Docker and stuffDocker and stuff
Docker and stuff
Varun Sharma
 
Cloning Running Servers with Docker and CRIU by Ross Boucher
Cloning Running Servers with Docker and CRIU by Ross BoucherCloning Running Servers with Docker and CRIU by Ross Boucher
Cloning Running Servers with Docker and CRIU by Ross Boucher
Docker, Inc.
 
Docker on Windows
Docker on WindowsDocker on Windows
Docker on Windows
Stefan Scherer
 
Docker Meetup 08 03-2016
Docker Meetup 08 03-2016Docker Meetup 08 03-2016
Docker Meetup 08 03-2016
Docker
 
Docker for Developers - Part 1 by David Gageot
Docker for Developers - Part 1 by David GageotDocker for Developers - Part 1 by David Gageot
Docker for Developers - Part 1 by David Gageot
Docker, Inc.
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
Mike Goelzer
 
Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)
Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)
Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)
Nils De Moor
 
DockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with DockerDockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with Docker
Docker, Inc.
 
DockerCon EU 2015: Shipping Manifests, Bill of Lading and Docker Metadata and...
DockerCon EU 2015: Shipping Manifests, Bill of Lading and Docker Metadata and...DockerCon EU 2015: Shipping Manifests, Bill of Lading and Docker Metadata and...
DockerCon EU 2015: Shipping Manifests, Bill of Lading and Docker Metadata and...
Docker, Inc.
 
Architecting .NET Applications for Docker and Container Based Deployments
Architecting .NET Applications for Docker and Container Based DeploymentsArchitecting .NET Applications for Docker and Container Based Deployments
Architecting .NET Applications for Docker and Container Based Deployments
Ben Hall
 
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth RushgroveThe Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
Docker, Inc.
 
Troubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerTroubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support Engineer
Jeff Anderson
 
Docker Security Deep Dive by Ying Li and David Lawrence
Docker Security Deep Dive by Ying Li and David LawrenceDocker Security Deep Dive by Ying Li and David Lawrence
Docker Security Deep Dive by Ying Li and David Lawrence
Docker, Inc.
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
Aditya Konarde
 
Container orchestration from theory to practice
Container orchestration from theory to practiceContainer orchestration from theory to practice
Container orchestration from theory to practice
Docker, Inc.
 
Docker Container As A Service - March 2016
Docker Container As A Service - March 2016Docker Container As A Service - March 2016
Docker Container As A Service - March 2016
Patrick Chanezon
 
Orchestrating Linux Containers while tolerating failures
Orchestrating Linux Containers while tolerating failuresOrchestrating Linux Containers while tolerating failures
Orchestrating Linux Containers while tolerating failures
Docker, Inc.
 
Docker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&A
Docker, Inc.
 
Docker serverless v1.0
Docker serverless v1.0Docker serverless v1.0
Docker serverless v1.0
Thomas Chacko
 
Docker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep DiveDocker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker, Inc.
 
Docker 101 Checonf 2016
Docker 101 Checonf 2016Docker 101 Checonf 2016
Docker 101 Checonf 2016
Patrick Chanezon
 
Docker, the Future of DevOps
Docker, the Future of DevOpsDocker, the Future of DevOps
Docker, the Future of DevOps
andersjanmyr
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
Docker, Inc.
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slides
Docker, Inc.
 
Architecting Alive Apps
Architecting Alive AppsArchitecting Alive Apps
Architecting Alive Apps
Jorge Ortiz
 
HashiCorp Vault Plugin Infrastructure
HashiCorp Vault Plugin InfrastructureHashiCorp Vault Plugin Infrastructure
HashiCorp Vault Plugin Infrastructure
Nicolas Corrarello
 

Contenu connexe

Tendances

DockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with DockerDockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with Docker
Docker, Inc.
 
DockerCon EU 2015: Shipping Manifests, Bill of Lading and Docker Metadata and...
DockerCon EU 2015: Shipping Manifests, Bill of Lading and Docker Metadata and...DockerCon EU 2015: Shipping Manifests, Bill of Lading and Docker Metadata and...
DockerCon EU 2015: Shipping Manifests, Bill of Lading and Docker Metadata and...
Docker, Inc.
 
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth RushgroveThe Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
Docker, Inc.
 
Orchestrating Linux Containers while tolerating failures
Orchestrating Linux Containers while tolerating failuresOrchestrating Linux Containers while tolerating failures
Orchestrating Linux Containers while tolerating failures
Docker, Inc.
 
Docker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&A
Docker, Inc.
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
Docker, Inc.
 

Tendances (20)

Docker for Developers - Part 1 by David Gageot
Docker for Developers - Part 1 by David GageotDocker for Developers - Part 1 by David Gageot
Docker for Developers - Part 1 by David Gageot
 
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea LuzzardiWhat's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
What's New in Docker 1.12 (June 20, 2016) by Mike Goelzer & Andrea Luzzardi
 
Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)
Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)
Dockercon 16 Wrap-up (Docker for Mac and Win, Docker 1.12, Swarm Mode, etc.)
 
DockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with DockerDockerCon EU 2015: Trading Bitcoin with Docker
DockerCon EU 2015: Trading Bitcoin with Docker
 
DockerCon EU 2015: Shipping Manifests, Bill of Lading and Docker Metadata and...
DockerCon EU 2015: Shipping Manifests, Bill of Lading and Docker Metadata and...DockerCon EU 2015: Shipping Manifests, Bill of Lading and Docker Metadata and...
DockerCon EU 2015: Shipping Manifests, Bill of Lading and Docker Metadata and...
 
Architecting .NET Applications for Docker and Container Based Deployments
Architecting .NET Applications for Docker and Container Based DeploymentsArchitecting .NET Applications for Docker and Container Based Deployments
Architecting .NET Applications for Docker and Container Based Deployments
 
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth RushgroveThe Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
The Dockerfile Explosion and the Need for Higher Level Tools by Gareth Rushgrove
 
Troubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support EngineerTroubleshooting Tips from a Docker Support Engineer
Troubleshooting Tips from a Docker Support Engineer
 
Docker Security Deep Dive by Ying Li and David Lawrence
Docker Security Deep Dive by Ying Li and David LawrenceDocker Security Deep Dive by Ying Li and David Lawrence
Docker Security Deep Dive by Ying Li and David Lawrence
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Container orchestration from theory to practice
Container orchestration from theory to practiceContainer orchestration from theory to practice
Container orchestration from theory to practice
 
Docker Container As A Service - March 2016
Docker Container As A Service - March 2016Docker Container As A Service - March 2016
Docker Container As A Service - March 2016
 
Orchestrating Linux Containers while tolerating failures
Orchestrating Linux Containers while tolerating failuresOrchestrating Linux Containers while tolerating failures
Orchestrating Linux Containers while tolerating failures
 
Docker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&ADocker Online Meetup: Infrakit update and Q&A
Docker Online Meetup: Infrakit update and Q&A
 
Docker serverless v1.0
Docker serverless v1.0Docker serverless v1.0
Docker serverless v1.0
 
Docker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep DiveDocker and Microsoft - Windows Server 2016 Technical Deep Dive
Docker and Microsoft - Windows Server 2016 Technical Deep Dive
 
Docker 101 Checonf 2016
Docker 101 Checonf 2016Docker 101 Checonf 2016
Docker 101 Checonf 2016
 
Docker, the Future of DevOps
Docker, the Future of DevOpsDocker, the Future of DevOps
Docker, the Future of DevOps
 
Taking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and DecideTaking Docker to Production: What You Need to Know and Decide
Taking Docker to Production: What You Need to Know and Decide
 
Docker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slidesDocker Networking : 0 to 60mph slides
Docker Networking : 0 to 60mph slides
 

Similaire à Online Meetup: Why should container system / platform builders care about containerd 1.0?

Architecting Alive Apps
Architecting Alive AppsArchitecting Alive Apps
Architecting Alive Apps
Jorge Ortiz
 
OSCON 2014 - API Ecosystem with Scala, Scalatra, and Swagger at Netflix
OSCON 2014 - API Ecosystem with Scala, Scalatra, and Swagger at NetflixOSCON 2014 - API Ecosystem with Scala, Scalatra, and Swagger at Netflix
OSCON 2014 - API Ecosystem with Scala, Scalatra, and Swagger at Netflix
Manish Pandit
 
服务框架: Thrift & PasteScript
服务框架: Thrift & PasteScript服务框架: Thrift & PasteScript
服务框架: Thrift & PasteScript
Qiangning Hong
 
REST made simple with Java
REST made simple with JavaREST made simple with Java
REST made simple with Java
elliando dias
 
Fun Teaching MongoDB New Tricks
Fun Teaching MongoDB New TricksFun Teaching MongoDB New Tricks
Fun Teaching MongoDB New Tricks
MongoDB
 

Similaire à Online Meetup: Why should container system / platform builders care about containerd 1.0? (20)

Architecting Alive Apps
Architecting Alive AppsArchitecting Alive Apps
Architecting Alive Apps
 
HashiCorp Vault Plugin Infrastructure
HashiCorp Vault Plugin InfrastructureHashiCorp Vault Plugin Infrastructure
HashiCorp Vault Plugin Infrastructure
 
(DEV204) Building High-Performance Native Cloud Apps In C++
(DEV204) Building High-Performance Native Cloud Apps In C++(DEV204) Building High-Performance Native Cloud Apps In C++
(DEV204) Building High-Performance Native Cloud Apps In C++
 
OSCON 2014 - API Ecosystem with Scala, Scalatra, and Swagger at Netflix
OSCON 2014 - API Ecosystem with Scala, Scalatra, and Swagger at NetflixOSCON 2014 - API Ecosystem with Scala, Scalatra, and Swagger at Netflix
OSCON 2014 - API Ecosystem with Scala, Scalatra, and Swagger at Netflix
 
Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018Containerd Project Update: FOSDEM 2018
Containerd Project Update: FOSDEM 2018
 
WSO2 Product Release Webinar: WSO2 Complex Event Processor 4.0
WSO2 Product Release Webinar: WSO2 Complex Event Processor 4.0WSO2 Product Release Webinar: WSO2 Complex Event Processor 4.0
WSO2 Product Release Webinar: WSO2 Complex Event Processor 4.0
 
Pharos
PharosPharos
Pharos
 
Immutable Deployments with AWS CloudFormation and AWS Lambda
Immutable Deployments with AWS CloudFormation and AWS LambdaImmutable Deployments with AWS CloudFormation and AWS Lambda
Immutable Deployments with AWS CloudFormation and AWS Lambda
 
服务框架: Thrift & PasteScript
服务框架: Thrift & PasteScript服务框架: Thrift & PasteScript
服务框架: Thrift & PasteScript
 
Java
JavaJava
Java
 
Node.js - async for the rest of us.
Node.js - async for the rest of us.Node.js - async for the rest of us.
Node.js - async for the rest of us.
 
GDG Devfest 2019 - Build go kit microservices at kubernetes with ease
GDG Devfest 2019 - Build go kit microservices at kubernetes with easeGDG Devfest 2019 - Build go kit microservices at kubernetes with ease
GDG Devfest 2019 - Build go kit microservices at kubernetes with ease
 
Kick your database_to_the_curb_reston_08_27_19
Kick your database_to_the_curb_reston_08_27_19Kick your database_to_the_curb_reston_08_27_19
Kick your database_to_the_curb_reston_08_27_19
 
Codable routing
Codable routingCodable routing
Codable routing
 
REST made simple with Java
REST made simple with JavaREST made simple with Java
REST made simple with Java
 
Fun Teaching MongoDB New Tricks
Fun Teaching MongoDB New TricksFun Teaching MongoDB New Tricks
Fun Teaching MongoDB New Tricks
 
OpenCMIS Part 1
OpenCMIS Part 1OpenCMIS Part 1
OpenCMIS Part 1
 
Codetainer: a Docker-based browser code 'sandbox'
Codetainer: a Docker-based browser code 'sandbox'Codetainer: a Docker-based browser code 'sandbox'
Codetainer: a Docker-based browser code 'sandbox'
 
Durable functions 2.0 (2019-10-10)
Durable functions 2.0 (2019-10-10)Durable functions 2.0 (2019-10-10)
Durable functions 2.0 (2019-10-10)
 
CGI.ppt
CGI.pptCGI.ppt
CGI.ppt
 

Plus de Docker, Inc.

Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
Docker, Inc.
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
Docker, Inc.
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
Docker, Inc.
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
Docker, Inc.
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
Docker, Inc.
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
Docker, Inc.
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
Docker, Inc.
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
Docker, Inc.
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
Docker, Inc.
 

Plus de Docker, Inc. (20)

Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience Containerize Your Game Server for the Best Multiplayer Experience
Containerize Your Game Server for the Best Multiplayer Experience
 
How to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker BuildHow to Improve Your Image Builds Using Advance Docker Build
How to Improve Your Image Builds Using Advance Docker Build
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
Securing Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINXSecuring Your Containerized Applications with NGINX
Securing Your Containerized Applications with NGINX
 
How To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and ComposeHow To Build and Run Node Apps with Docker and Compose
How To Build and Run Node Apps with Docker and Compose
 
Hands-on Helm
Hands-on Helm Hands-on Helm
Hands-on Helm
 
Distributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at SalesforceDistributed Deep Learning with Docker at Salesforce
Distributed Deep Learning with Docker at Salesforce
 
The First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker HubThe First 10M Pulls: Building The Official Curl Image for Docker Hub
The First 10M Pulls: Building The Official Curl Image for Docker Hub
 
Monitoring in a Microservices World
Monitoring in a Microservices WorldMonitoring in a Microservices World
Monitoring in a Microservices World
 
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
COVID-19 in Italy: How Docker is Helping the Biggest Italian IT Company Conti...
 
Predicting Space Weather with Docker
Predicting Space Weather with DockerPredicting Space Weather with Docker
Predicting Space Weather with Docker
 
Become a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio CodeBecome a Docker Power User With Microsoft Visual Studio Code
Become a Docker Power User With Microsoft Visual Studio Code
 
How to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container RegistryHow to Use Mirroring and Caching to Optimize your Container Registry
How to Use Mirroring and Caching to Optimize your Container Registry
 
Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!Monolithic to Microservices + Docker = SDLC on Steroids!
Monolithic to Microservices + Docker = SDLC on Steroids!
 
Kubernetes at Datadog Scale
Kubernetes at Datadog ScaleKubernetes at Datadog Scale
Kubernetes at Datadog Scale
 
Labels, Labels, Labels
Labels, Labels, Labels Labels, Labels, Labels
Labels, Labels, Labels
 
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment ModelUsing Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
Using Docker Hub at Scale to Support Micro Focus' Delivery and Deployment Model
 
Build & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWSBuild & Deploy Multi-Container Applications to AWS
Build & Deploy Multi-Container Applications to AWS
 
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
From Fortran on the Desktop to Kubernetes in the Cloud: A Windows Migration S...
 
Developing with Docker for the Arm Architecture
Developing with Docker for the Arm ArchitectureDeveloping with Docker for the Arm Architecture
Developing with Docker for the Arm Architecture
 

Dernier

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Dernier (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

Online Meetup: Why should container system / platform builders care about containerd 1.0?

  • 1. Tour of containerd Jessica Valarezo, Docker Derek McGowan, Docker December 18th, 2017
  • 2. Agenda ▪ Introduction to containerd ▪ Top features and improvements ▪ Getting started with containerd + demo ▪ Contributing to containerd
  • 4. Technical Goals ▪ Clean gRPC-based API + client library ▪ Runtime agility: full OCI support ▪ Stability and performance with tight, well-defined core of container function ▪ Decoupled systems (image, filesystem, runtime) for pluggability, reuse
  • 5. MetadataStorage Architecture ContainersContent DiffSnapshot Images GRPC API Metrics API Events Runtimes Tasks RuntimesOS
  • 6. Architecture containerd OS (Storage, FS, Networking) Runtimes (runc, kata) API Client (moby, cri-containerd, etc.)
  • 7. { "schemaVersion": 2, "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json", "manifests": [ { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2094, "digest": "sha256:7820f9a86d4ad15a2c4f0c0e5479298df2aa7c2f6871288e2ef8546f3e7b6783", "platform": { "architecture": "ppc64le", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 1922, "digest": "sha256:ae1b0e06e8ade3a11267564a26e750585ba2259c0ecab59ab165ad1af41d1bdd", "platform": { "architecture": "amd64", "os": "linux", "features": [ "sse" ] } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:e4c0df75810b953d6717b8f8f28298d73870e8aa2a0d5e77b8391f16fdfbbbe2", "platform": { "architecture": "s390x", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:07ebe243465ef4a667b78154ae6c3ea46fdb1582936aac3ac899ea311a701b40", "platform": { "architecture": "arm", "os": "linux", "variant": "armv7" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2090, "digest": "sha256:fb2fc0707b86dafa9959fe3d29e66af8787aee4d9a23581714be65db4265ad8a", "platform": { "architecture": "arm64", "os": "linux", "variant": "armv8" } Image Formats Index (Manifest List) linux amd64 linux ppc64le windows amd64 Manifests: Manifest linux arm64 Layers: Image Config: L0 Ln C Digest Layer File 0 Layer File 1 Layer File N L1 Digest Digest Digest Digest Docker and OCI compatible
  • 8. Content Addressability digest.FromString(“foo”) -> “sha256:2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7ae” digest.FromString(“foo tampered”) -> “sha256:51f7f1d1f6bebed72b936c8ea257896cb221b91d303c5b5c44073fce33ab8dd8” sha256:2c26b foo digest.FromString(“bar sha256:2c...”) -> “sha256:2e94890c66fbcccca9ad680e1b1c933cc323a5b4bcb14cc8a4bc78bb88d41055” tampered sha256:2e948 bar sha256:2c26b
  • 9. { "schemaVersion": 2, "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json", "manifests": [ { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2094, "digest": "sha256:7820f9a86d4ad15a2c4f0c0e5479298df2aa7c2f6871288e2ef8546f3e7b6783", "platform": { "architecture": "ppc64le", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 1922, "digest": "sha256:ae1b0e06e8ade3a11267564a26e750585ba2259c0ecab59ab165ad1af41d1bdd", "platform": { "architecture": "amd64", "os": "linux", "features": [ "sse" ] } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:e4c0df75810b953d6717b8f8f28298d73870e8aa2a0d5e77b8391f16fdfbbbe2", "platform": { "architecture": "s390x", "os": "linux" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2084, "digest": "sha256:07ebe243465ef4a667b78154ae6c3ea46fdb1582936aac3ac899ea311a701b40", "platform": { "architecture": "arm", "os": "linux", "variant": "armv7" } }, { "mediaType": "application/vnd.docker.distribution.manifest.v1+json", "size": 2090, "digest": "sha256:fb2fc0707b86dafa9959fe3d29e66af8787aee4d9a23581714be65db4265ad8a", "platform": { "architecture": "arm64", "os": "linux", "variant": "armv8" } Image Formats Index (Manifest List) linux amd64 linux ppc64le windows amd64 Manifests: Manifest linux arm64 Layers: Image Config: L0 L1 Ln Root Filesystem /usr /bin /dev /etc /home /lib C OCI Runtime Spec process args env cwd … root mounts Docker and OCI compatible OCI Image Spec containerd containerd
  • 10. Snapshotters How do you build a container root filesystem?
  • 11. Storage Architecture Snapshotter “layer snapshots” Content Store “content addressed blobs” Metadata Store “references” Runtime spec Rootfs (mounts)
  • 12. Snapshots type Snapshotter interface { Stat(key string) (Info, error) Mounts(key string) ([]containerd.Mount, error) Prepare(key, parent string) ([]containerd.Mount, error) View(key, parent string) ([]containerd.Mount, error) Commit(name, key string) error Remove(key string) error Walk(fn func(Info) error) error } type Info struct { Name string // name or key of snapshot Parent string Kind Kind } type Kind int const ( KindActive KindView KindCommitted )
  • 13. Active Committed Prepare(a, P0 ) Commit(P1 , a′) Snapshot Model P0a a′ b P1 P2 Commit(P2 , b) Remove(b) Prepare(b, P1 )
  • 14. Pulling an Image Data Flow Pull Fetch Content Images Snapshots Unpack Events Remote registry Mounts
  • 15. Demo
  • 16. API Client containerd Tasks and Runtime Runtimes Tasks Service Containers Service Meta Runtime Spec Mounts linux containerd-shim containerd-shim containerd-shim containerd-shim wcow hcsshim VM VM VM VM lcow VM VM hcsshim VM VM VM VM VM VM
  • 17. Starting a Container Images Snapshot Run Prepare Start Events Running Containers Containers Tasks Create
  • 18. Example: Pull an Image Via ctr client: $ export CONTAINERD_NAMESPACE=example $ ctr pull docker.io/library/redis:alpine $ ctr image ls import ( "context" "github.com/containerd/containerd" "github.com/containerd/containerd/namespaces" ) // connect to our containerd daemon client, err := containerd.New("/run/containerd/containerd.sock") defer client.Close() // set our namespace to “example”: ctx := namespaces.WithNamespace(context.Background(), "example") // pull the alpine-based redis image from DockerHub: image, err := client.Pull(ctx, "docker.io/library/redis:alpine", containerd.WithPullUnpack)
  • 19. Example: Run a Container Via ctr client: $ export CONTAINERD_NAMESPACE=example $ ctr run -t docker.io/library/redis:alpine redis-server $ ctr c ls // create our container metadata object and runtime config // allocate a new RW root filesystem for container based on the image container, err := client.NewContainer(ctx, "redis-server", containerd.WithNewSnapshot(“redis-rootfs”, image), containerd.WithNewSpec(oci.WithImageConfig(image)), ) defer container.Delete() // create a task from the container task, err := container.NewTask(ctx, containerd.Stdio) defer task.Delete(ctx) // make sure we wait before calling start exitStatusC, err := task.Wait(ctx) // call start on the task // starts the redis-server process in the container if err := task.Start(ctx); err != nil { return err }
  • 20. Example: Kill a Task Via ctr client: $ export CONTAINERD_NAMESPACE=example $ ctr t kill redis-server $ ctr t ls // make sure we wait before calling start exitStatusC, err := task.Wait(ctx) time.Sleep(3 * time.Second) if err := task.Kill(ctx, syscall.SIGTERM); err != nil { return err } // retrieve the process exit status from the channel status := <-exitStatusC code, exitedAt, err := status.Result() if err != nil { return err } // print out the exit code from the process fmt.Printf("redis-server exited with status: %dn", code)
  • 21. # HELP container_blkio_io_service_bytes_recursive_bytes The blkio io service bytes recursive # TYPE container_blkio_io_service_bytes_recursive_bytes gauge container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Async"} 1.07159552e+08 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Read"} 0 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Sync"} 81920 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Total"} 1.07241472e+08 container_blkio_io_service_bytes_recursive_bytes{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Write"} 1.07241472e+08 # HELP container_blkio_io_serviced_recursive_total The blkio io servied recursive # TYPE container_blkio_io_serviced_recursive_total gauge container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Async"} 892 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Read"} 0 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Sync"} 888 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Total"} 1780 container_blkio_io_serviced_recursive_total{container_id="foo4",device="/dev/nvme0n1",major="259",minor="0",namespace="default",op="Write"} 1780 # HELP container_cpu_kernel_nanoseconds The total kernel cpu time # TYPE container_cpu_kernel_nanoseconds gauge container_cpu_kernel_nanoseconds{container_id="foo4",namespace="default"} 2.6e+08 # HELP container_cpu_throttle_periods_total The total cpu throttle periods # TYPE container_cpu_throttle_periods_total gauge container_cpu_throttle_periods_total{container_id="foo4",namespace="default"} 0 # HELP container_cpu_throttled_periods_total The total cpu throttled periods # TYPE container_cpu_throttled_periods_total gauge container_cpu_throttled_periods_total{container_id="foo4",namespace="default"} 0 # HELP container_cpu_throttled_time_nanoseconds The total cpu throttled time # TYPE container_cpu_throttled_time_nanoseconds gauge container_cpu_throttled_time_nanoseconds{container_id="foo4",namespace="default"} 0 # HELP container_cpu_total_nanoseconds The total cpu time # TYPE container_cpu_total_nanoseconds gauge container_cpu_total_nanoseconds{container_id="foo4",namespace="default"} 1.003301578e+09 # HELP container_cpu_user_nanoseconds The total user cpu time # TYPE container_cpu_user_nanoseconds gauge container_cpu_user_nanoseconds{container_id="foo4",namespace="default"} 7e+08 # HELP container_hugetlb_failcnt_total The hugetlb failcnt # TYPE container_hugetlb_failcnt_total gauge container_hugetlb_failcnt_total{container_id="foo4",namespace="default",page="1GB"} 0 container_hugetlb_failcnt_total{container_id="foo4",namespace="default",page="2MB"} 0 # HELP container_hugetlb_max_bytes The hugetlb maximum usage # TYPE container_hugetlb_max_bytes gauge container_hugetlb_max_bytes{container_id="foo4",namespace="default",page="1GB"} 0 container_hugetlb_max_bytes{container_id="foo4",namespace="default",page="2MB"} 0 # HELP container_hugetlb_usage_bytes The hugetlb usage # TYPE container_hugetlb_usage_bytes gauge container_hugetlb_usage_bytes{container_id="foo4",namespace="default",page="1GB"} 0 container_hugetlb_usage_bytes{container_id="foo4",namespace="default",page="2MB"} 0 # HELP container_memory_active_anon_bytes The active_anon amount # TYPE container_memory_active_anon_bytes gauge container_memory_active_anon_bytes{container_id="foo4",namespace="default"} 2.658304e+06 # HELP container_memory_active_file_bytes The active_file amount # TYPE container_memory_active_file_bytes gauge container_memory_active_file_bytes{container_id="foo4",namespace="default"} 7.319552e+06 # HELP container_memory_cache_bytes The cache amount used # TYPE container_memory_cache_bytes gauge container_memory_cache_bytes{container_id="foo4",namespace="default"} 5.0597888e+07 # HELP container_memory_dirty_bytes The dirty amount Metrics
  • 22. Supported Components Component Status Stabilized Version Links GRPC API Stable 1.0 api/ Metrics API Stable 1.0 Go client API Unstable 1.1 tentative godoc ctr tool Unstable Out of scope -
  • 23. Support Horizon Release Status Start End of Life 0.0 End of Life Dec 4, 2015 - 0.1 End of Life Mar 21, 2016 - 0.2 End of Life Apr 21, 2016 Dec 5, 2017 1.0 Active Dec 5, 2017 max(Dec 5, 2018, release of 1.1.0) 1.1 Next TBD max(TBD+1 year, release of 1.2.0)
  • 25. Stress testing create/start/delete 678 containers in 60.144 seconds (11.273 c/sec) or (0.089 sec/c) failures=0
  • 28. Use cases - CURRENT - Docker (moby) - Kubernetes (cri-containerd) - LinuxKit - BuildKit - FUTURE/POTENTIAL - IBM Cloud/Bluemix - OpenFaaS - {your project here}
  • 29. Going further with containerd ▪ Contributing: Bug fixes, adding tests, improving docs, validation https://github.com/containerd/containerd ▪ Using: See the getting started documentation in the docs folder of the repo https://github.com/containerd/containerd/blob/master/docs/getting-started.md ▪ Porting/testing: Other architectures & OSs, stress testing (see bucketbench, containerd-stress): git clone <repo>, make binaries, sudo make install ▪ K8s CRI: incubation project to use containerd as CRI In beta today; e2e tests, validation, contributing
  • 30. Thank You! Questions? ▪ Jessica Valarezo ▫ https://github.com/jessvalarezo ▫ jessica.valarezo@docker.com ▫ Twitter: @jessvalarezo1