BROADCASTS.com

Show: 45

Show Overview: Brian and Tyler talk about the core capabilities of container registries, how they interact with Kubernetes and CI/CD pipelines, and some design and security considerations for architects.
\xa0
Show Notes:

• Twistlock $33M in Funding - Container Security
• Project Clair - Vulnerability Scanning
• Quay Container Registry
• Red Hat OpenShift Registry

Topic 1 - Let\u2019s start with the basics. What does a container registry do? Is it just a glorified FTP server?

• Serves and stores container images\xa0
• Has a storage backend that should be replicated (somewhere) - usually Object or NFS\xa0
• May have the ability to scan images for vulnerabilities or digitally sign image

Topic 2 - What are the typical interactions that a container registry has with elements of Kubernetes (e.g. Deployments, Kubernetes masters) and elements around Kubernetes (e.g. CI/CD pipeline)?

Topic 3 - How do things like scanning and signing fit into container registries? Or should that function reside somewhere else?

Topic 4 - What sort of design considerations should architects consider for the container registry?

• Where is it physically located?\xa0
• How to handle redundancy or replication?\xa0
• How to scope out performance?\xa0
• Multi-Tenancy or Groups?

Feedback?

• Email: PodCTL at gmail dot com
• Twitter: @PodCTL
• Web: http://podctl.com