2017-05-06 09:30 to 2017-05-06 10:30

Experience level


Session Track


More Terrible Ideas for Containers? The Ideal and the Real Linux Container

Today’s best practices for building and deploying Linux containers do not always align with the messy realities of containers used in production. In the wild, the vast majority of containers include entire OS filesystems, applications with complex and often poorly understood dependencies, and a plethora of libraries, with all of their attendant security vulnerability and maintenance concerns.

In this talk, we will cover:

  • Data mined from GitHub and Docker Hub illustrating the realities of container images in use today
  • Why the runaway success of Linux and Open Source Software has allowed developers to lose sight of application dependencies
  • Key learnings from containerizing Puppet, the open source configuration management tool
  • Practical advice for developers and operators considering a migration to containers

Container orchestration systems like Kubernetes encourage us to treat containers as immutable black boxes. From these building blocks, developers can assemble, integrate, and scale distributed applications with relative ease. Containers as black boxes, is that a brilliant idea or, considering what might be lurking inside, a terrible idea? The answer is both, and after this talk, you will understand why.