Building Small Containers

this guy is amazing. let him know that!
its very hard for this type of hosts not to be boring neither annoying. and when it happens, it often go unnoticed.

mathportillo

This was clear, concise, and useful. Your 8:44 minutes made my teams' job much easier.

DerekUniqueBennett

This is a great video. What is it, how does it work, why do I care? Perfectly addressed, perfect level of detail, and outstanding technical embellishments in the side panel. Well done!

peteallennh

Everytime he snaps, the container image size is reduced by 50%.

AnonozChong

Outstanding presentation. Sandeep you are as good as it gets!

javimaci

I like the vulnerability scanning on images. Think always ahead. This will simplify a lot of process with current development models.

nkans

I never used kubernetes before but I still finish the video 😂 looks awesome

maaya

It's good he started building those containers months ago, because I can confirm that vulnerability scanning takes days, if not weeks, to get from state 'queued' to actually displaying something. And then, it seems to me, it's no real scanning but going through the package manager's database. You can easily spot that by patching the binary yourself, retaining its version number, or removing a binary that's usually part of the package.

EditioCastigata

It's worth mentioning that many of the Linux distros on docker hub now have smaller images (it may have not been the case when this video was made).


If you were to run Python on Alpine you may find that it doesn't use glibc by default and this will change how it performs on tasks that use an alternate library (or you can a custom Alpine that installs GlibC). Dependency management can be a little easier with Ubuntu or Debian.

It's best to research your actual use case.

PrinceESL

Great video
On the 7:24 you say's that pulling time of the huge container like "go:onbuild" on the large machine is two times faster than on the small machine. But as I know, the pulling operation needs only the fast connection and fast hard drive and nothing else. So my questions is: 1. What is the large machine and small machine? 2. Why are the numbers so far? 3. Am I wrong about the resources needed for the pulling process?

alexeypalyonii

I've actually found one benefit of larger images. If I build a single image that contains all of my services, that is the only image my nodes will ever need; instead of having dozens of different 50-100MB images, I have a single copy of one 500MB image running my entire cluster.

Note that that's exactly how kubernetes itself is usually deployed, as a best-practice - hyperkube contains all of kubernetes' different parts, and runs the correct one given its command line parameters.

ifconfigurator

For Go binaries you can use scratch, without alpine

konstantintsepelev

Excellent Tutorial. Looking forward to new ones. Thanks Sandeep

ShyamHazari

When using alpine you can use apk --no-cache to avoid using update and then removing the cached apk files.

Is another advantage with smaller containers saving on memory on the node? Or it doesn’t matter?

oughtington

Really cool, enjoying this series so far! I just hope that Gitlab support is added to Container Builder, at the moment I have to build on Gitlab CI and push to Google Container Registry because only Github and BitBucket are supported. There are workarounds but it introduces possible bottlenecks

prodestrian

Good Video. With docker, I can launch a container with UID 0. How do I disable this launch? Basically, I want to disable -it option and also launching as UID 0. Can you please recommend best practices in this area?

nissankula

Very informative and useful material. Also thanks for making the content simple it is easy even for beginners to follow. Just one correction.I think the tabular data to compare performance between Large and Small machines have the wrong headings.

webplethora

the build pattern was really useful to me :)
thanks!

FinlayDaGk

Had no idea about the Builder pattern. Thanks!

MrKpinga