Rethinking the Container Layer with Nix
How many layers can you put in a container?
Do you know why there's a limit?
Containers are a fantastic virtualization technology.
They even have some packaging properties!
However, we can learn a lot of new cloud-native magic tricks if we bring packaging discipline a little further through the stack of bits that make up our container image layers and OCI manifests.
Enter Nix.
Nix uses stores that isolate individual packages into hashed folders that can be used independently from each other and combined with each other!
Sounds a lot like a container registry, doesn't it?
In this presentation, Tom and Leigh will cover the basics of Nix Storage and Packaging as well as the basic make-up of OCI images.
We'll then demo a few working solutions that extend and modify cloud-native interfaces:
- nix expressions to build containers
- nix-snapshotter to tell containerd to use Nix store paths instead of layers from a registry
- node-local nix stores with per-container overlay caches for dynamic dependencies within container workloads
- seekable OCI and /nix
Come join in for a primer on Nix and Kubernetes with diagrams, demos, and Q&A with Nix and Kubernetes contributors :)