1. 8 C .00 ) /8 / A 4
.00 M J R T TN
9 D 2
1 1 18 1 A (
https://slideshare.net/AkihiroSuda
2. A HC E 044 AC 2 ED 2 D C
• K O 00C O FKSNM DB F
• : 7 :2 O
• o p 1 i c`ag S A8 C A7H rM R
• t S A8 C A7H Kd Ss O SL
• :2 ( 6 6 O a
• y u A8 C 7F
• ) ) :9 169 O
• F7 C E D TvtTN y ubn hlne k
2 . AC
bc
3. 3 1 0 3 22 +1 0 +. . 8.-
• 2 )2 2 200 1 4 ( D C
• https://dockerjp.connpass.com/
• L T
• C T
• R AC
•
• L
•
• N A A
8. LMTN F PU :: LNM - 8 F PO 8 O NR C
• " 1
• h l y xr c o r ) !
• 6M K l K S RO NR Nfeh v rV 1 l- 1 d j of
e b `
• " 1 1 1 C
• 0 feh 4t g fNLLPEO s u r4 NB N c
• d biV docker create docker cp docker commit docker
push h Zf h docker run docker build f !
• nf a`
• " 1 2 2 :D 8
• 3 d- 1
• TP LK
0 : 9: 0
, 2 A NK P Oh cXo.LNFi
io h ( n
pb `d pb o
iB NLLP !
https://changelog.com/podcast/250
https://jpetazzo.github.io/2017/02/24/from-dotcloud-to-docker/
https://bitbucket.org/Foi3GraS/dotcloud-fork/commits/1
https://github.com/shykes/cloudlets https://youtu.be/kL30gj2KY_k
9. )
,H B AL ( 2 ,H B AL N
• 0 1 2 C
• 3 ,H g0
• mho09,c . T h M HN v
• :
• H D B
• a eXal f Vn p
• XgbR g u s fjr p
• H D M
• dg f ablS f abl fu T
• 81m z cg e k
• z h t
• epiXBFFML
3 D
+MB
AB M
g09, . + C B H B PH edfh
T yT ep f aU
T h09, R T yT f ep
https://youtu.be/wW9CAH9nSLs
11. 0 1 10 .. 2 2 1
6 [ I a 3 O 4
• & & 6 • 2
5 2 6 5 6
1 6
P RS]
• ( ) 5 0 : 6
5 5 D
• C A 6 C 6
• 5 A 6
12. 8 3 ( .. 8 )77 3 2 2 21
2
• D CI 11
• 0 R C FF ( N A
• D CI
13. '
,FGMHA N ) ,FHG CC 7A I 7 I HL
7 9 ] b M 4
• ' ) 19 - 7:
1 [
• F Hb p a Sh
F H c g h
• ,72 Shb F Hb i
ga3K HE Ib rk T
h
• 3K HE I AE K : FHv olmt
• 7 9 7 : 9 [
• FE :AE H L a k o
pusvnyst
• ,72d a0FF C
• ( ' , , a
• ( 22S ORH
7 9 9 D 6 I a
• F M EA :C 8 HAE
,FDDA
C
71. FH:
aRh
ac e S S
14. 4 A .. 4 2 2 21
• ' 6 5C 25 :5 5
]
• 2gi C eC D
m st GBd
aN 0 2 p
• ' S D [
DF -
75 G aK N
• ' 75 1 ]
• ' 75 1 45
]
• 8N o B d r G
R
• wv hk y cC TB
0 2 gl S
15. 2 8 0. 2 11 0. 5 5
• 1 0 K
• N C A TR
• 1 0 2 D
• : ?
7 :2 2
16. FA :C 144 A 2 :C 28 8AD87
• S jT Eb M : C c
•
• dM 2 M[D 2
3 M] Eg e
• 6 8A -- H
• H M 2 D 1C 8 2 H i
• E A 78 N L
2 M O MhP d0
https://blog.docker.com/2018/03/au-revoir/
2/-0 .87 A
17. CDK L 1 C D ( I
( ) ( )
P C / B 07 a M hVgR
HB
)H .
C K
7 7.
21.
KD .
0C8K
C
0C8K CC
8B C
8 B A B
http://mobyproject.org/projects/
) D
N C
dWcT
C b e
18. )
.LMUNGEFP ) 8== .LNM II GEFPO COCNRCB
• D
• 8 0480
• P ) 9 R
• a7L U BLAHCNB alhswo a
( /10 ,M
https://www.slideshare.net/chanezon/dockercon-eu-2017-recap/51
( x a http://mobyproject.org/projects/ rvmikpaswo tu n a g f b e
/
PL GA
TS U
.IL BDI NC
.LBCOFGM
.LNC9
/LAHCN
/NLM LT
1 AC LLH
2LLEIC
NECN LDPS NC
SCG
-7
KDI T/ P
KDL GDPN
KDL ILT
GN PCAF
7GANLOLDP
8==
KAFCN O
CB P
0
N K NCC KGR LD =CAF
=CKACKP
RCKPC MNGRCC
y gc
d gf
19. C D -22 DC 0 E 0 E D 9
• U
• TUR 2 hik vPw O1I D 9 u
• D
•
• 8 DoPtyS m
• 0 A8 D .11
• I ?
• 9 8 D 9 sp ahNbeldP rM `V T
•
• ncag
• D EE ncag
•
21. ) A 8 C .00 ) A ( 8 C A
•
1docker1 ) Tc L
) C24 R 4D C A DA4 C NeK
D A C
4 A
4 C2 A
4 A
D A C
4 C2 A
db
2 A A 4 CA A
) C2 A D C C A 24
)
Ia 4 A &R 4 AT N` N
25. 01 2. 021 . 25
• docker dockerd s ) m R
• docker-compose.yml eu R D
( f D R
kubectl get stack I R
• ) bIkp R a L (
t
• ( oL I l docker service r L
• docker run LK ) r a IicC R
) vd yn
26. )DEK L 1 )D E (AA G G
• docker-compose.yml ?
• .D EDG
• .I C Gin
• 8C
• 6 ampT k D s O RM D Yr 2
• docker-compose.yml
• RM (0 l ebN cd ho gR SU GDCC Y
docker-compose.yml
29. 01 2. 021 . 2
• 3
• 3
• D D
• 3
• & S 3 & & ` c 3
docker build & &
30. 01 2. 021 . 3 3 2
docker build S K
- IA
•
•
•
• -
•
- I C
•
CB
D : , - CB O
31. 8A .00 8A C
• : https://github.com/moby/buildkit
• 3 KM )) AG D
• -- D C 2B A B3A A , 3A 13 3 3 1 8
• d ea L N Gbc N
• : B )) AG ? L D
3 (3: P docker build
TR
3:
-- ,
1 A
docker-image://alpine
Image
git://foo/bar
docker-image://gcc
Run("apk add ..")Run("make")
32. 238 0. 2 3 11 0.
• D - K G : G
• D B : A G
• AN C R N ? T C :
docker build
FROM golang AS stage0
...
RUN go build –o /foo ...
FROM clang AS stage1
...
RUN clang –o /bar ...
FROM debian AS stage2
COPY --from=stage0 /foo /usr/local/bin/foo
COPY --from=stage1 /bar /usr/local/bin/bar
33. ) : 2018 ) (33 2018 .
T R G N
A
C N
docker build
34. A B .00 4 4 43
•
• hD TC k d eo Crvo Rsl
• hD i d e s
• Tp k ag RC W d e nLN CGMCr
v t hD
: docker build
2 4
2 4
2 4
4
1 84
1 84
1 84
35. 8B .11 8BA A D 5
• c `: dS
• AA8 3 B ` d iTc d`
• 00 rn 35 D C c d`
• C 5- Bh H B ylm k s
• F K O e
e D a
• g pu 2buildctl2 cdaSR tN C 5- B vK
Heo
• B
https://github.com/openfaas/openfaas-cloud
docker build
36. (
8 3 ) - 8 . 3 .2 2 21
• M J F
https://github.com/genuinetools/img
•
• DK B
•
•
• D T 2321 8062 N R
A N R C N https://github.com/opencontainers/runc/issues/1658
37. 78 23 7 8 23 0 0 0
• S
https://github.com/projectatomic/buildah
• -
• docker run docker commit A 7. 0 1 0 T D buildah run
buildah commit T N R C
•
• - - B
• - H D R
-
38. 12 3. 8 132 . 3
• E O
https://github.com/cyphar/orca-build
•
•
• S
• A .0
• D A U
39. 1 09 33 1 098 .8. .
• 11 ) 4
https://github.com/GoogleCloudPlatform/kaniko
• 1( ) )
• )/1 6
• 11 --privileged
• RUN d 2 12 a R TN NC
• A C A
https://github.com/GoogleCloudPlatform/kaniko/issues/106
• 1( ) ) a D G c
1
41. AG : ( .22 A 0 : C 09C9 98
• B https://bazel.build/
• /11T O gice : 9 k v
• rules_docker_l T aice`g b hd us
• D
• zNS4RUN4 mo s tNS r p y R
AC : 9 8 9C 8 9 CC 9C )
# https://github.com/bazelbuild/rules_docker#container_image
container_image(
name = "app",
base = "@java_base//image",
files = ["//java/com/example/app:Hello_deploy.jar"],
cmd = ["Hello_deploy.jar"]
)
https://bazel.build/contributing.html
42. NG IO 44 G " (BB 2 I 2 GK "
• https://github.com/containerbuilding/cbi
• ) , :C ( , DK
• " ) " " B BI J D K
• da[ P P] S feb R cT
) , : R
,
A G
B D
) B . I
B D
C
B D
) B
B D
)
B D
A 8 IB
, :,
2 IGN
) 2 8 B 8
0 I D B ) B . I D 21
G D D B G DI I I N
) B D (1
0 IG 8 I D
A G 2 IGN (1
46. 2 840. 6 24 11 0. 6 4
• - K SRT E K
-
• EAE - K b I E
L I
• - DP O
• N C A
a C
47. 4 00 88 . 4 . 2
• - D BC
• c ( podman ` H R
• E DA 17 . 0 CE
• podman build a - P L ROD C
• )D IC H
-
48. (
A C 33 AC 1 D 18D8C 8
• 42 C
• nw lcexy m 34A 4A rN T
https://github.com/alibaba/pouch/blob/master/FAQ.md
• . 2 D . ( P pouchd
• -A6 8C suS P 2 4C A 8 R N
• -A6 8C 0. 1.
• . )(AL pouch
• . A IL
• lceo D D 8 vr h d C 6 6A 4 8C
• 0 0g b kabdi -C4 A
• f ) h d C I6 tp
.1
49. (
A IC 044 AC ) D 9D9C 98
8A 9C8 A I
A 9C8
A 9C .
- 9C 9 9D
1
C
. 9C 9
2A . 2A8
A 8
A 9C )2
A 9C .
https://slideshare.net/AkihiroSuda
51. A 8C ( 11 A ) 8C 5 5A 5
• )82 4 00 ( g e
( ) 1 8 2
• D C 5 0 53I, 2 5 0 53N e O. ,hdgf
• b S i b T iR C c D PO
AIH
( ) 1 8 2
3 5A 5 T C2A
S
T
R 0
, 2 5 0 53
D C 5 0 53
) 1 8 2
ca
52. 8 ( 00 ) .8 A . A D 3
• D S D
•
3
2 58 I 1 A
N R A
S
T I
, 1 2
.C 8 2
)(
53. A :D .22 A ) 0 :DC 0 C F
• 2
• ) 3 3 3 8 ( https://github.com/alibaba/Dragonfly
• ) 3 3 STP R 5: N I
• 3 1( https://github.com/jvassev/image2ipfs/
• 0 0 CD ( http://www.arrikto.com/
54. 8 5 4 .. 8 5 4 2 2 21
• ?
• G
?
• 5 0 A RT HB A CN G
BN
localhost:5000
docker pull localhost:5000/github.com/foo/bar:baz
https://help.github.com/articles/what-is-my-disk-quota/
56. 86 C ) .86 .5 5 A5
?
N a
N T R e( 25 :5 5
bc aR e( : 18:5
dc aR e( :
M V
0
K
? M
) (
: ?:
:
57. 8 7 C ) .8 7 .5 5 A5
N a
N T R e( 25 :5 5
bc aR e( : 18:5
dc aR e( :
M V
0
K
58. .11 0 A 07A7 7
• ,C 7 7 7A 2
• volumeMounts.subPath P idg gi PuIPa PMR lT NM
i c Pb Vh fTe i K pn
• ,C 7 7 7A 2
• A75 7 5 8 - t E E PuIPa PMR lT NM i
c Pb Vh f PolPb VhTsr K pn
https://kubernetes.io/blog/2018/04/04/fixing-subpath-volume-vulnerability/
https://github.com/kubernetes/kubernetes/issues/60814
59. .
0 NICA - 688 0 I EE 7CA 7 IM
• 1 D I 0 2# )#.(
• 4 5 l c Rc oc d h p T sy c l
h
• C I
• l r l c Rc oc d h p T gaU e LEE
g V sy c/tmph
• IL 0 2# #..
• usc c Rc oc d h p T runc exec
g usc il ksn vh `T
• IL 0 2# #( .
• 931 c tc oc d h p T c aR931
Z `T
60. A C , 133 AC # . 2 D 28D8C 87#
• 0 0 - 8 8
ltr
• - 0 0 2 ec 1
• C 8 87 D8C 4 8D 468 lh R CAA 9D d fb or
• D 5 7 D 5 7 D8 CA 4 ac ebni mp o
r
• 6 CA D
• --privileged T 0A6 8C m
•
• 7 6 o 1
• )( ,, ) gk sdN
- s n
61. C E GK 1 CE ) GF F E :
• I
• meh( .8E: B C : C B:E
• ( CBG8 B E:
• K D K
• meh( 2E 8 A
• ( : G
• C - ) (
: + O
• R https://github.com/rootless-containers
• ) F8 8E8 6 , RncNldO XTRU
ki( E B g S0 B 8E G N
ECCG FF L aL
62. F N ( 166 F G G F
• We C M : O d a V t
v
• We I) n : IrlD V u
MzS
• .C F C C FG FIC 2 C A C C FG
• .gia e) ,F A F l W C C F . 2 p
• i ( I : yD
so
• MIF - : dPbn
• 8 C G F I M C dPbS T V ROc ah i ai
I: F K W 0W kRpo
) e
64. C? 8AD .11 ? 0 8A 06 6? 6
• D 8
• V 4 6?M
• c
• 4 A 6? 0
• b 0 K0
• IN
• D e
• ? A 6 R O 2- R O T
• k1 8 2
https://events.docker.com/events/details/docker-san-francisco-presents-docker-birthday-5-san-francisco-edition
65. )
0KLSMFD OT & 0KML . FD ON BNBM BA
AK BMA 6K?S
K O F BMA
1K BM 05 09
/PF A4FO
4P?BM BOBN
0 8
MP
1K BMCF B
bd-
55/
80 P OFIB LB
0
80 I DB LB
80 1FNOMF?POFK LB
FID/PF A
BM
AK BM KILKNB SI
4KILKNB
8LB FCO
020
10 8
8M
https://slideshare.net/AkihiroSuda 5F PR BM B
1K BM 05 U1K BM A BIK
ae ( cf