docker container lifecycles, problem or opportunity? by baruch sadogursky, jfrog
TRANSCRIPT
![Page 1: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/1.jpg)
Docker Container Lifecycles -
Problem or Opportunity?
BaruchSadogurskyDev Advocate @JFrog
![Page 2: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/2.jpg)
What Frog?
![Page 3: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/3.jpg)
What Frog?
![Page 4: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/4.jpg)
What Frog?
![Page 5: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/5.jpg)
What Frog?
![Page 6: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/6.jpg)
JFrog Xray
![Page 7: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/7.jpg)
Poll Time!
![Page 8: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/8.jpg)
Poll Time!
Heard about Docker
Can do the tutorial
PoCing, playing etc.
Production, baby!
![Page 9: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/9.jpg)
![Page 10: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/10.jpg)
![Page 11: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/11.jpg)
![Page 12: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/12.jpg)
JFrog Artifactory + Docker
![Page 13: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/13.jpg)
Who’s using Docker and nothing else?
![Page 14: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/14.jpg)
The Promotion Pyramid
Development builds
Dev Integration tests
Integr. tests
Staging
Pre-Prod
Prod
Amount of builds
Bu
ild/D
eplo
y ti
me
Amount of binaries
![Page 15: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/15.jpg)
Pipeline: Quality Gates and Visibility
Source: Agile ALM, Michael Hüttermann, Manning Publications Co.
![Page 16: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/16.jpg)
![Page 17: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/17.jpg)
$docker build
![Page 18: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/18.jpg)
![Page 19: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/19.jpg)
Too easy!
![Page 20: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/20.jpg)
![Page 21: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/21.jpg)
That’s why.
![Page 22: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/22.jpg)
Let’s fix it!
![Page 23: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/23.jpg)
Let’s fix it (again)!
![Page 24: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/24.jpg)
Let’s fix it (again)!
![Page 25: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/25.jpg)
What you code is (not) what you get
![Page 26: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/26.jpg)
![Page 27: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/27.jpg)
The stronger the quality gates, more trust you have.
![Page 28: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/28.jpg)
![Page 29: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/29.jpg)
Not so fast…
![Page 30: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/30.jpg)
Trumped-up limitations
![Page 31: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/31.jpg)
The Anatomy of Docker Tag
![Page 32: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/32.jpg)
Wait a second, how can I have more than one
repository per host now?!
![Page 33: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/33.jpg)
How can we support this?
https://host:8081/artifactory/docker-dev/busybox
https://host:8081/artifactory/docker-staging/busybox
https://host:8081/artifactory/docker-qa/busybox
https://host:8081/artifactory/docker-prod/busybox
![Page 34: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/34.jpg)
Panic!
![Page 35: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/35.jpg)
Virtual hosts/ports to the rescue
https://host:8081/artifactory/docker-dev/busybox
docker tag host:port/busybox
Context name
Virtual repository nameTag name
![Page 36: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/36.jpg)
server {
listen 5001;
server_name 192.168.99.100;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-dev/$1/$2;
…
}
}
![Page 37: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/37.jpg)
![Page 38: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/38.jpg)
But then you realize…
Wait a second, now I need to pull, retag and push for
every step?!
![Page 39: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/39.jpg)
![Page 40: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/40.jpg)
Virtual Repositories FTW
![Page 41: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/41.jpg)
What we did?
![Page 42: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/42.jpg)
What we did?
- Minimize number of repositories docker
interact with
![Page 43: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/43.jpg)
What we did?
- Minimize number of repositories docker
interact with
- deploy to virtual (backed by dev repository)
![Page 44: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/44.jpg)
What we did?
- Minimize number of repositories docker
interact with
- deploy to virtual (backed by dev repository)
- promote within artifactory
![Page 45: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/45.jpg)
What we did?
- Minimize number of repositories docker
interact with
- deploy to virtual (backed by dev repository)
- promote within artifactory
- Resolve from virtual (production-ready
images)
![Page 46: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/46.jpg)
Why?
![Page 47: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/47.jpg)
Finding the needle in haystack of
binaries
![Page 48: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/48.jpg)
Finding the needle in haystack of
binaries- What deployed where
- Tracing binaries to sources
![Page 49: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/49.jpg)
Finding the needle in haystack of
binaries- What deployed where
- Tracing binaries to sources
- Cherry pick the one to prod
![Page 50: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/50.jpg)
Adding Metadata
![Page 51: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/51.jpg)
![Page 52: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/52.jpg)
Consuming Metadata
![Page 53: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/53.jpg)
Let’s talk security
![Page 54: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/54.jpg)
Access Control
![Page 55: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/55.jpg)
r/w on repo level
is not enough
![Page 56: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/56.jpg)
r/w on repo level
is not enough
- read, write, delete, annotate
- on any level – registry, repo, image or
tag
![Page 57: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/57.jpg)
Content Control – Don’t Lose It
![Page 58: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/58.jpg)
![Page 59: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/59.jpg)
![Page 60: Docker Container Lifecycles, Problem or Opportunity? by Baruch Sadogursky, JFrog](https://reader031.vdocuments.us/reader031/viewer/2022030318/5a6cf2cc7f8b9af8418b47a3/html5/thumbnails/60.jpg)
Thank you!