Do you know how to manage container (Docker) images, how to run a container image registry and security scans, how to sign container images, how to prevent usage of images that are not verified or signed, how to replicate container images, and how to store Helm charts, binaries, and other artifacts? In this video, I’ll show you how to do all of that with Harbor.Continue reading
How do we build container images inside containers running in a Kubernetes cluster? Docker is a bad option since it cannot run inside containers. Using it requires communication to the Docker engine running in cluster nodes. Even if that security concern is not enough, Dockershim is deprecated in Kubernetes 1.20 and will be (or already is) removed from 1.22. That means that alternative container engines like ContainerD will take its place. In other words, using Docker is not even an option anymore.
Kaniko comes to the rescue. It is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster.