We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

Unboxing and building container images

Formal Metadata

Title
Unboxing and building container images
Subtitle
What is an image technically and how to assemble them manually
Title of Series
Number of Parts
94
Author
License
CC Attribution 4.0 International:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
Everyone wants to use containers today yet most don't really know how they function and what is in the box. Also building containers in unprivileged contexts can be challenging. In this talk we will look into a docker image and discuss how to create those packages using tools like kaniko For most people that want to create a docker image the journey ends with docker build. What this will trigger is building a docker image using the running docker engine on your host. The problems start at a point where you don't have access to the docker daemon, want to build a container in a container (as most CI systems execute in containers nowadays) or just have limited permissions on the system. For this we will open the mystical box of a docker image by looking into: - Layers - Empty Layers - Configuration Details Then we will look into the kaniko project that tries to build those images without ever touching a docker daemon to better understand how those images can be created and how to work in more restricted environments. Those information can also be very helpful when looking into container security and scanning what is in the box.