Simplifying the build process with Cloud Native Buildpacks.
You have an app in a container. Great! But now you have to add in monitoring and security agents to keep that app up and secure. App developers can configure this manually by pulling a specific agent or scanning tools or configuration in. But how are you going to keep everything up to date and avoid snowflake clusters? In addition, developer time is precious. Cross-cutting concerns like security and monitoring should be handled by the platform team building around Kubernetes.
Cloud Native Buildpacks are a sandbox project within the CNCF. CNB’s take source code, detect the language, compile based upon that detection process, and prepares a runnable container image that is OCI compliant. This method guarantees that the rootfs layer is Application Binary Interface (ABI) compatible with the layers above it, thus allowing for an OS image rebasing on a Docker v2 compliant registry on the order of minutes, not hours.
Modern day applications are not just stand alone ones, they usually work in concert with other software to provide services to end-users. These add-ons provide cross-cutting functionality, such as maintaining security, user privacy, service availability and accessibility and are just as important to a cloud native application as is the source code of the app itself.
CNB’s therefore, accelerate the development process by making the combination of the developer’s source code and these additional add-ons easier to maintain.
In this tutorial, you’ll learn how to:
How to integrate scanning software, monitoring agents and your own application code.
Keep that scanning and agent tool up to date along with your application
Keep the underlying rootfs up to date when a security issue is found