Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Building Minimal Docker Containers
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Gavin Zhou
February 22, 2017
Technology
1.3k
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Building Minimal Docker Containers
Gavin Zhou
February 22, 2017
More Decks by Gavin Zhou
See All by Gavin Zhou
Prometheus Operator
gavinzhou
3
1.3k
Other ingress voyager
gavinzhou
0
200
Multiple Ingress on GKE
gavinzhou
0
1.9k
kubernetes chatops
gavinzhou
0
620
Other Decks in Technology
See All in Technology
「軸足」は 固定しなくていい - 熱量と強みで描く、しなやかなキャリアの形
kakehashi
PRO
1
260
気軽に使える"情報のハブ"としてのNotion活用 〜フロー情報の集積点 と、 Claude Code × Notion AI〜
syucream
1
200
4人目のSREはAgent
tanimuyk
0
160
Bucharest Tech Week 2026 - Guardians of the Cloud-Native Galaxy
edeandrea
PRO
0
140
時期が悪い!それでもRaspberry Piを買って遊んで活用するには / 20260627-osc26do-rpi-jikigawarui
akkiesoft
0
800
Lightning近況報告
kozy4324
0
220
脱SaaS!FDEを支えるプロビジョニングと分離設計
knih
0
300
クラウドファンディング版StackChan 3体(4体)をインタラクティブな体験型作品にして展示もした話 / スタックチャンお誕生日会2026
you
PRO
0
180
AI-DLCを “そのまま導入しなかった”話 ~組織に合わせてアジャストした 私たちの実践共有~
hiroramos4
PRO
1
430
AIAU_UMEMOGU_ninomiya_slide
ninomiya_ii
0
260
GitHub Copilot app最速の発信の裏側
tomokusaba
1
260
[AWS Summit Japan 2026]迷っているあなたへ_小さな一歩が、やがて自分を助けてくれる
sh_fk2
2
410
Featured
See All Featured
Keith and Marios Guide to Fast Websites
keithpitt
413
23k
How to build a perfect <img>
jonoalderson
1
5.7k
Agile Actions for Facilitating Distributed Teams - ADO2019
mkilby
0
210
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.8k
16th Malabo Montpellier Forum Presentation
akademiya2063
PRO
0
150
Getting science done with accelerated Python computing platforms
jacobtomlinson
2
240
Efficient Content Optimization with Google Search Console & Apps Script
katarinadahlin
PRO
1
630
Lightning Talk: Beautiful Slides for Beginners
inesmontani
PRO
2
580
Future Trends and Review - Lecture 12 - Web Technologies (1019888BNR)
signer
PRO
0
3.6k
The Power of CSS Pseudo Elements
geoffreycrofte
82
6.3k
[SF Ruby Conf 2025] Rails X
palkan
2
1.1k
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
620
Transcript
Building Minimal Docker Containers Orangesys Inc.
$Who am I Orangesys Inc. Tachibana Shuji Twitter @yepn Running
Orangesys Inc. SaaS監視システム https://orangesys.io @orangesysio
None
None
Orangesys • All in docker • Kubernetes on GKE •
OpsDev -> NoOps Architecture & Stack
Architecture: Orangesys > Kubernetes Apigateway Namespace Cloud Load Balancing Standard
Devices HTTPS Browser Client Production Namespace Kube-system Namespace Tiller Replication Controller Grafana Container Engine Replication Controller Influxdb Container Engine Replication Controller Corporate Site App Engine Autoscaling Orangesys Firebase Autoscaling Monitoring Namespace Prometheus RC Influxdb RC Grafana RC Opsbot Namespace Kubebot RC K8s-event RC Stripe Server Api Container Engine Replication Controller PostgresSQL Container Engine Replication Controller MariaDb Container Engine Replication Controller Nginx Container Engine Replication Controller Traefik Container Engine Replication Controller Server Telegraf Ingress Container Engine Replication Controller Kong ApiGateway Container Engine Replication Controller Kubenetes API Replication Controller SSL Cert Bot Replication Controller Orange Api Container Engine Replication Controller
Technology Stack
Agenda • Docker images size • Docker images security
None
Coreos clair Security data Sources
Layers
Topic Alpineでdocker image Goalngなら、scratchベースでdocker imageを作る Layersを減らすと、build時間が短縮
Alpine base image base size 2MBのAlpineでdocker imageを作る、 ただし LIBCがMUSL LIBCとなりましたが、OS周りの依頼関係
ex) Not resolving using search domain <service-name>.<namespace-name>.svc.cluster.local https://github.com/gliderlabs/docker-alpine/issues/8
Scratch base image Goalngなら、scratchベースでdocker imageを作る ただし コンテナから外部へhttps通信時、ca証明書の実装が必要となります。 FROM scratch ADD
ca-certificates.crt /etc/ssl/certs/ ADD main / CMD ["/main"]
Layers Layersを減らすと、build時間が短縮 ただし、LIBCを使う場合は、既存のdocker imagesを利用した方が良いかも
参考 https://github.com/orangesys https://stackshare.io/orangesys-inc https://hub.docker.com/u/orangesys/dashboard/