We conducted joint work with Université de Neuchâtel on improving the handling of Docker container images in the increasingly heterogeneous hardware environments. We propose to (1) finer-grained incorporate hardware dependency information in the image metadata, (2) leveraging heuristic analysis techniques to populate such information at large scale (although of course preferring properly curated metadata), and (3) improving the tool support around container creation from images. The work has led to new tools like
hdocker and heuristic analysis rules. Furthermore, to underline the need for such a solution, we have been conducting a long-term tracking over
fourteen now seventeen months of selected subsets of registered Docker container images.
This work has been accepted by the 21st International Conference on Distributed Applications and Interoperable Systems (DAIS 2021). Ahead of the event we already provide the collected data and code. Have a look!
Cloud applications are typically designed as coupled microservices and deployed in managed containerised form. Industry trends around container build processes, deployment packages, management platforms and abstractions (e.g. cloud functions) are still fast-paced. Developers and operators need to be able to tell good from bad practices based on automatically determined metrics. Assuming they participate in this tutorial, they will learn how to do that on a hands-on level. We introduce approaches and open source tools for quantitative assessment of containers and other microservice technologies and ecosystems. On the research side, we explain how this blends with policy-driven deployments, trusted cloud execution and data science opportunities.
The three-hours tutorial will be offered at the CLOSER 2020 conference (originally scheduled in Prague, now online) in the afternoon on May 7. Registration information is available from the conference website.
Docker images have become the valuta franca in the cloud and container platform world. Although on the path to vendor-neutral standardisation (e.g. with OCI also being in Docker Hub for a year now), developers for now have settled on plain Docker as de-facto standard due to the vast ecosystem of base images and dependency images which speed up the rapid prototyping of complex scalable applications. From a production-grade DevOps perspective, a key concern is then to be assured that the containers used are of high quality, not infected by security vulnerabilities, and still containing the latest features available. In this blog post, a novel approach to visualise the situation around a particular container image is presented.