►
Description
Building the Perfect Tools Container (rhel-tools)
Have you used the `rhel-tools` container? Come learn about what it is and what you can use it for.
Learn more at https://red.ht/leveluphour
A
Good
morning,
good
afternoon,
good
evening,
welcome
to
the
level
up
hour
on
openshift.tv,
I
am
chris
short
principal
technical
marketing
manager
on
the
openshift
team.
I
am
also
a
cncf
ambassador.
I
was
also
a
sys
admin
back
in
the
day,
I
was
also
a
network
admin
and
all
kinds
of
other
fun
things
and
I'm
joined
today
by
langdon
white
langdon.
Please
introduce
yourself
hello.
B
B
It's
hard
to
say
you
know,
but
I'm
a
former
developer
advocate
engineer,
consultant
now:
technical
marketing
manager,
with
red
hat
and
I'm
here
to
convince
you
that
containers
are
awesome
and
you
really
want
to
be
using
them,
and
so
that's
what
we
talk
about
during
this
show.
I
do
have
to
apologize
because
you
know
my
support
staff
at
my
house
was
in
the
middle
of
making
coffee
and
that's
why
the
coffee
was
delayed.
Our
start,
you
know
your
staff
board
staff.
A
B
C
B
Clean
for
a
little
bit,
so
we
were
going
to
talk
a
little
bit
about
kind
of
the
the
way
you
can
kind
of
get
to
the
rel
tools
thing
and
maybe
we'll
learn
some
new
stuff.
I'm
always
impressed
myself.
If
I
teach
you
something
that
you
haven't
seen
before,
so,
let's
see
should
we
go
ahead
and
get
started.
Is
there
any
other
introductions?
We
should.
A
B
Well,
it's
also
the
convenience
factor.
I
think
of
containers
is
very
high,
which
I
don't
think
you
know
people
necessarily
realize,
and
so
yeah
there's
this
all
this
scary
cloud
native
stuff
in
a
sense,
but
in
fact
many
of
the
things
you
might
want
to
do
are
actually
easier
in
kind
of
a
cloud-native
sort
of
way.
B
C
B
Google
was
in
my
way
that's
what
I'm
looking
for.
So
the
thing
we're
going
to
be
talking
about
today
is
this
thing
called
rel
tools
and
what
I
want
to
point
out
with
rel
tools.
It
was
it's
actually
only
available
as
a
rel,
seven
version.
That
doesn't
mean
it's
not
interesting,
especially
if
you're
managing
real
seven
servers,
which
we
know
something
like
some
ridiculous
percentage
of
people
are,
so
it's
it.
B
You
know
it
probably
largely
works
on
a
rel
eight
host,
but
because
it's
the
concept
of
this
is
that
it's
so
integrated
with
the
os
itself
that
it
may
not.
So
you
know,
generally
speaking
right,
you
can
run
kind
of
any
container
on
any
of
the
rails
generally,
some
of
that
scenarios
are
supported
and
some
aren't,
but
you
know
in
general
it
should
just
work
right
with
this
thing.
B
It's
a
little
shakier
just
because
when
you
you
know,
because
the
whole
idea
of
this
container
image
is
that
it's
tightly
integrated
and
let
me
actually
let
me
back
up
a
little
bit
for
a
second.
So
what
we've
done
in
the
past
couple
episodes
right
is.
We
talked
about
here's.
How
to
get
a
container
that
is,
you
know,
kind
of
single
purpose.
B
I
need
this
tool,
it's
not
installed
by
default,
so
I
want
to
go.
Get
it
right
and
I
want
to
just
be
able
to
use
it
one
time
or
whatever
so
like
netstat
was
an
example,
and
then
we
had
a
few
others.
If
you
want
to
know
the
rest
of
them,
go
back
and
watch
the
show
right.
If
and
then
we
talked
a
little
bit
about
okay.
Now
I
have
a
custom
piece
of
software.
A
B
Random
places
right,
so
I
wanted
to
show
that
in
a
container.
So
what
we're
looking
at
today
is
okay.
Well,
wouldn't
it
be
nice,
even
if
it's
a
little
heavy
weight.
If
I
had
a
tool
set
all
in
one
container
that
I
could
use
any
of
the
tools
in
right
and
red
hat
actually
publishes
a
few
of
these
and
over
the
next
couple,
episodes
we're
going
to
kind
of
look
at
all
of
them
and
they
all
kind
of
take
slightly
different
approaches.
B
So
the
first
one
we're
talking
about
is
this
one,
which
is
rel
tools
which
was
originally
developed
way
back
when,
when
we
used
to
talk
about
atomic
host,
an
atomic
host
and
core
os
or
what
we're
calling
what
red
hat
core
os
now
is
are
very,
very
similar.
They
both
use
the
same
technology
underneath
the
rpmos
tree
and
the
idea
is
you
have
an
operating
system,
that's
immutable,
except
for
configuration.
B
B
So
the
problem
with
an
os
tree
based
host
is
that
the
scenario
of
you
know
a
lot
of
times
in
a
data
center.
You
don't
want
to
install
anything
because
it's
dangerous
and
makes
you
frightened,
but
in
the
case
of
our
cause,
right
or
rh
cause
or
red
hat
core
core
os,
you
can't
actually
install
anything
else
or
at
least
not
without
a
huge
amount
of
difficulty.
B
So
all
that
said,
if
you
see
references,
for
example
in
the
documentation,
so
taking
a
look
at
real
atomic
host,
for
example
great
and
yes,
that
was
its
original
use
case,
but
that
doesn't
mean
it's
not
also
useful
in
a
regular
rail7
or
you
know,
or
maybe
a
rail
eight
like
I
said
your
mileage
may
vary
because
you
still
don't
want
to
install
anything
on
those
if
you
can
avoid
it.
So
the
container
is
really
useful
as
just
a
set
of
tools
that
you
might
find
handy.
B
A
A
A
B
B
And
so
there
have
been
a
number
of
attempts
and
I
think
we
talked
about
some
of
these
attempts.
You
know-
maybe
maybe
it
was
last
week.
You
know
talking
about
things
like
juju
and
charm
and
helm
and
charts,
and
even
this
old
thing
called
atomic
app
that
that
I
actually
worked
on.
But
one
of
the
other
things
was
this
atomic
cli,
which
was
originally
developed
as
kind
of
like
this
extra
tool
that
came
with
every
atomic
host
and
has
kind
of
since
been
discontinued.
B
B
B
Blame
you
for
that
at
all,
so
there's
lots
of
useful
information
in
here
about
the
container,
but
the
thing
we
want
to
look
at
in
this
particular
case
and
I'll
try
to
expand
this.
So
it's
a
little
bit
more
legible.
That's
what
I
mean
is
it's
it's
hard
to
make
it
legible,
but
is
this
block
called
labels?
Oh
stupid
t-mucks.
C
C
B
Notice
description
exactly
so,
there's
what's
the
license
on
it
and
I'm
going
to
stop
selecting
so
that
it
stops
jumping
or
I
can.
I
can
select
this
way
if
I
remember
so,
there's
the
license
on
it.
Here's
the
architecture,
one
of
the
things
that
we've
been
trying
to
introduce,
is
multi
architecture,
containers.
B
Starting
to
be
a
real
thing,
and
so
that's
also
super
useful
mostly,
you
should
never
have
to
worry
about
this
too
much
right.
It
should
select
the
architecture,
that's
appropriate
for
the
platform
you're
on,
but
but
then
you
have
kind
of
useful
for
end
user
information
right.
So
you
have
things
like
the
description
and
then
what
I
really
want
to
get
to,
though,
is
this
thing
called
run,
and
so
what
run
does
is?
B
B
B
B
Oh,
my
god,
I
am
having
c
oh
and
then
you
need
run
okay.
So
what
this
says
is
kind
of
in
the
container
stuff.
Take
a
look
at
the
run
label
then
display
it
and
then
you
this
is
which
run
label
we
want,
because
in
theory
you
can
have
more
than
one,
but
I
haven't
seen
that
too
often,
you
know-
and
I'm
not
entirely
sure
of
the
use
case
for
that.
B
B
A
A
C
A
B
C
B
A
B
So
the
idea
yeah,
which
is
good
in
a
sense
this
guy,
the
idea
of,
is
it's
a
container
that
you
kind
of
keep
around
and
keep
adding
to
right.
So
if
you've
heard
the
not
ps,
sorry
if
you've
ever
heard
the
which
we
don't
really
like
right-
the
pets
versus
cattle
metaphor,
there
was
a
guy
there's,
a
guy
called
the
stevo.
B
Who
has
a
elephants
and
ants
metaphor,
which
I
like
better,
because
it's
because
if
you
actually
ever
had
cattle,
you
do
actually
have
a
fairly
strong
relationship
with
most
of
your
cattle.
So
the
idea
being
is
that
this
container
is
one
that
you
treat
like
a
pet
like
you
keep
adding
to
it,
you
you
know,
use
it
or
whatever.
Obviously
it's
still
pretty
ephemeral,
you
can.
You
know
I
just
destroyed
it
relatively
easily,
so
you
don't
necessarily
want
to
put
anything
in
there.
B
That's
going
to
be
super
dangerous
to
to
wander
off
with,
but
you
what
was
I
going
to
say
so,
but
you
can
look
at
you
know,
so
you
can
kind
of
keep
adding
to
it.
But
that's
why
it's
a
named
container
and
actually
before
we
start
talking
about
rel
tools
entirely.
Why
don't
we
just
look
real
quick
at
how
you
do
the
run
label.
C
B
B
A
B
B
B
A
B
C
B
B
B
B
Right
clearly,
I
think
there's
a
difference
between
privileged
running
that
container
as
a
root
user
and
privilege
running
a
container
as
a
non-root
user
absolutely.
But
this
is
a
little
bit
where
you
know
you
kind
of
have
to
dig
into
the
details
a
little
bit
and
I
haven't
lately,
because
this
is
something
podman
can
do
and
docker
can't
and
not
something
that
comes
up
for
me
a
whole
lot.
You
know,
basically
it's
one
of
those
things
where
I
know
what
I'm
trying
to
accomplish.
So
I
usually
pull
off
the
security.
C
A
B
B
Container
file
t
so
what
happens
when
you
pass
that
colon
z?
Is
it
re-labels
it
as
container
file
t
so
and
that's
how
you
access
it
from
within
the
container?
However,
if
you
notice
here
so
this
is
actually
a
sim
link
to
a
nfs
mounted
directory.
Okay.
Basically,
what
I
do
is
I
loop
back
onto
my
host
machine,
where
the
actual
files
are.
A
A
B
So
I
thought
that
was
super
interesting
and
you
get
a
very
unusual
error.
Basically
that
says
you
pass
the
colon
z
and
it
tells
you,
oh,
you
can't
do
this,
because
it's
mounted-
and
so
I
can't
relabel,
but
it
turns
out
that
it
will
actually
just
work
if
you
just
drop
the
colon
z
which
never
would
have
occurred
to
me.
A
A
Yeah
so
narendra
has
some
chat.
You
know
like
how
to
run
a
container
as
root
right
like
is
it
actually
as
simple
as
oh,
it's
pseudo
pod
man
yeah.
That's
it
right
like
don't
don't
overthink
it.
Narendev
is
basically
like,
don't
read
too
much
into
it
and
don't
try
like
I
get
it.
It's
it's
layered
and
it
could
be
a
little
complicated,
but
pseudo
podman's
sudo
docker.
That
would
run
the
container.
B
B
All
the
time
is
actually
a
znc
server
on
its
standard
port
and
running
it
on
its
standard
port
is
a
privileged
operation
and
the
reason
I
want
to
run
on
a
standard
port
is
because
I'm
firewalled
and
nodded
and
routed,
and
all
that
stuff,
such
that
from
the
external
you
can't
get
to
that
port
directly.
Right,
like
you,
can
only
get
to
you
know
some
manufacture
port.
That
then,
is
rerouting
blah
blah
right,
but
to
minimize
the
headaches
in
the
actual
tool,
I'm
using
you
know
whether
that's
apache
or
whatever.
B
I
just
want
to
run
that
as
port
80
right
and
in
order
to
do
that,
you
need
to
build.
You
need
to
run
it
as
a
privileged
operation
to
be
able
to
get
to
port
80..
So
that's
a
bad
practice
on
my
part.
A
lot
of
the
time
I
should
probably
be
running
those
as
unprivileged
ports,
so
I
should
be
running
an
apache
8080,
but
if
you're
doing
something
quick
and
dirty
and
I'm
routing
that
way,
that's
why
I
often
do
it
that
way.
B
C
B
A
B
B
C
B
B
B
B
So
when,
when
I
was
doing
a
lot
of
debugging,
for
example-
and
I
wanted
to
restart
a
container
over
and
over
and
over
again,
I
could
guess
what
the
new
port
would
be,
but
you
can't
do
that
with
podman.
It
will
be
a
random
number
again
from
a
security
perspective
that
might
be
better,
but
from
a
debugging
perspective,
it's
not
as
much
fun
so
yeah
nice,
so
we
kill
out
of
that.
Okay.
So,
let's
see
what
else
I
want
to
talk
about
related
to
this.
B
A
B
B
So,
thank
you
yeah.
I
actually
have
it
open
this
time,
I'm
doing
pretty
well
all
right,
so
so
there's
that
guy
and
then
there
is
also
again
off,
like
I
said
I'll
put
these
in
the
show
notes.
But
like
here's,
you
know
a
blog
post
about
the
rel
tools,
guy
itself,
you
know
and
how
you
might
want
to
use
it.
Oh
and
then
actually
speaking,
of
running
containers
as
rootless.
Here
you
go
because
I
was
looking
at
this
earlier.
B
C
A
Chris
shorts
and
we're
all
in
tech
or
we're
all
tech
savvy
when
I
went
to
go
by
chrisshort.net
in
2003,
somebody
had
scooped
chriswort.com
in
2002.,
yeah,
they're,
a
photographer
and
digital
artist.
So
I
was
like
well
that's
fine.
I
do
work
on
infrastructure
and
networks
and
you
know
all
kinds
of
fun
stuff,
so
that
works
well.
A
C
A
B
C
B
Time
I
kind
of
started
being
a
big
twitter
user.
I
I
kind
of
went
back
and
was
like
oh
I'm,
an
idiot
so
we'll
yeah,
so
there
there's
the
the
background
for
that
story.
All
right,
let's
see
so
rail
tools.
So
let's
now
that
we
theoretically
know
how
to
actually
get
into
rel
tools
again,
we
can
go
into
rail
tools
and
then
oh
and
then,
of
course,
let
me
show
you
what
is
not
here
right,
so
no
net,
stat
and
then
inside
rail
tools.
B
So
the
way
so
this
one,
this
container
takes
a
slightly
different
approach
than
we've
been
taking
right,
which
is
that
what
we've
been
doing
is
what
I
commonly
refer
to
as
an
executable
container.
So
one
where
we
can
just
say
podman,
run
and
then
essentially
feed
it
flags
right
or
or
arguments
or
whatever,
and
it
will
run
whatever.
The
thing
is
this
one
takes
the
approach
more
so
of
you
go
into
the
container
and
it
has
enough
privilege
to
do
the
operations
on
the
local
machine.
B
How
many
people
I
know
in
the
rel
admin
world
right
pseudo
is
kind
of
a
new
thing.
That
really
was
much
more
in
the
debian
side
of
the
house,
but
for
me
I've
always
been
a
pseudo-user
and
so
there's
a
sometimes
I
use
sudo,
because
I
want
to
do
a
couple
of
things
right
and
sometimes
I
actually
su
into
the
root
account,
because
I
want
to
do
a
whole
series
of
things.
B
So
it's
kind
of
like
that
difference,
so
it
kind
of
depends
on
the
use
case
and
what
you're
trying
to
accomplish,
which
one
you
want
to
use
so.
But
we
can
also
take
a
look
at
the
docker
file
itself,
which
of
course
I
lost
that
window.
Why
is
there
no
bottom
scroll
bar?
That's
weird,
so
yeah.
So
if
you
notice
this
is
command
user
bin
bash.
So,
as
a
result,
we're
always
going
to
drop
into
that
another
way
you
can
develop
this
same
tool.
A
B
Exactly
you
can
override
this
make
an
entry
point
here
that
would
somehow
get
you
the
set
of
commands.
You
wanted
right
that
might
get
a
little
tricky,
trying
to
figure
out
how
to
make
the
difference
like
basically
make
them
all
available,
but
maybe
we'll
play
with
that
when
we
get
to
so
we're
gonna
go
through
a
few
of
these
containers
that
exist
and
then
go
and
try
to
develop
our
own
and
figure
out.
B
Maybe
how
do
we
choose
the
best
of
both
worlds
or
all
worlds
right
that
we
want
but
kind
of
going
back
to
the
soccer
file?
One
of
the
nice
things
about
the
docker
file
and
being
able
to
see
the
docker
file
right.
This
is
beauty
of
open
source
right.
Is
this
kind
of
tells
us
all
the
stuff
that's
inside
here?
B
So
these
are
all
the
different
tools
we
have
available
and
again,
if
there
is
a
tool
that
we
don't
have
that
we
would
like
to
have,
we
can
also
either
you
know,
because
this
is
a
persistent
container
or
semi-persistent
container.
You
know
we
can.
I
don't
know
if
wireshark
is
actually
out
there
is
that
do
we.
B
C
B
A
B
Let's
see
so,
are
there
particular
things
we
might
want
to
talk
about
here?
You
know
we
could
go
into
screen
and
really
confuse
ourselves,
but
I
you
know
like
one
of
the
nice
things
I
think
is
that
it
does
have
get
installed
and
you
know,
like
I
said,
before:
netstat
and
tcb
dump
and
kind
of
all
the
things
you
might
want
to
use
for
your.
A
A
I
need
to
go
check
on
a
system
right
and
I
don't
want
like
my
key
is
already
set
up
right
like
I
can
ssh
wherever
I
need
to
go
on
the
network
and
everything
right
and
but
I
don't
necessarily
want
to
leave
the
friendly
confines
of
my
ide
right
like
because
I'm
used
to
working
in
that
environment.
Potentially,
you
know,
there's
a
way
to
do
remote
connections
and
then
there's
a
way
to
do.
A
A
B
B
A
B
A
B
A
C
C
C
B
Eclipse
or
you
use
ides
at
all,
which
you
know
is
a
little
bit
of
a
shock,
I
think
to
most
people
having
this
kind
of
built-in
tool
that
you
could
just
send
off
your
compilation
into
a
container
was
a
really
neat
little
feature.
I
don't
know
if
it's
still
around,
but
I
do
remember
that
I'm
developing
it
and
talking
about
it
at
a
couple
of
different
conferences,
so
yeah
super
neat,
so
I
really
thought
talking
about
run
labels
and
stuff
like
that,
was
going
to
take
a
lot
longer.
A
A
A
Nc
a
lot
to
do
point-to-point
like
bandwidth,
testing
inside
internal
networks,
so
you
can
actually
build
with
dd.
You
can
build
large
files
and
then
use
them
to
like
frequently
test
bandwidth
across
the
network
using
cron
jobs
and
report
that
you
know,
and
you
can
then
graph
that
data
as
a
csv
or
whatever,
and
you
know
present
it.
You
know
in
any.
C
A
B
B
A
B
B
A
A
B
B
All
right
now,
I
bet
that
ps
is
not
going
to
work.
No
ps
does
how
about
ping
there
we
go.
Okay,
so
ping
doesn't
work.
I
think
ip
is
missing.
Yeah
ip
is
missing,
you
know,
so
a
bunch
of
the
basics
are
missing
which
are
in
our
tools
container
right,
so
you
get
ip,
you
get
ping,
you
know
the
number
of
times
I've
tried
to
connect
a
container
and
wow.
That's
interesting.
A
A
B
Oops
well,
whatever
the
point
is
ping
that
one's
a
little
weird,
I
think
it's
because
we
are
so
privileged
that
maybe
we're
blocking
it.
You
know,
and
so
that's
why
it's
actually
having
trouble.
But
the
point
being
is
just
that
even
the
the
basic
stuff
is
not
in
a
you
know,
a
typical
container,
and
this
is
uv
i7
right,
like
they're,
I
mean
you're,
probably
in
most
of
your
scenarios,
gonna
be
running,
something
like
ubi,
minimal
right.
B
A
B
C
A
C
B
Of
a
container,
but
also
when
you're,
you
know,
even
if
you
have
a
more
traditional
data
center,
set
up,
whether
it's
bare
metal
or
virtual
machines,
you
know
having
this
handy
container,
which
has
all
these
tools
already
in
it
that
you
can
just
download
as
a
binary
blob
from
somewhere
else
on
your
network
is
super
useful
right.
Yes,
so
you
want
to
talk
about
points,
real,
quick,
look
at
that.
A
B
B
A
B
B
Third
week,
yeah
yeah,
that's
why
I
keep
using
the
s1e3
whatever
to
remember
so
but
yeah.
So
we
have
d.
I
don't
know
how
to
say
these,
though
d
l
housed,
maybe
and
then
sausage,
crumbs
and
parrots
for
red
hat,
and
I
I
like
paris,
it's
a
very
big
city,
but
it
only
has
one
r.
So
I
assume
it's
not
the
same
paris
but
yeah.
So
here
here
are
cool
internet
points.
B
A
Video
video
and
you
can
get
all
of
those
like
for
now
they're
on
twitch.
They
roll
off
in
60
days.
So
basically
for
the
next
two
months.
You'll
have
you
know
well
two
months
minus
three
weeks
or
whatever
you'll
have
those
videos
on
twitch,
but
they'll
always
be
on
youtube
and
langdon.
We
probably
should
get
you
your
own,
like
youtube
like
playlist
thingy,.
A
B
A
A
B
A
C
A
Level
up
channel
feel
free,
there's
no
such
thing
as
like
a
a
noob
or,
like
you,
know,
wrong
kind
of
question
to
ask
right
like
come
in
there
ask
your
questions,
no
judgment
like
we.
We
very
much
think.
Oh,
this
is
a
great
opportunity
to
teach
you
something.
Not
oh.
How
do
you
not
know
this
right
like
we
want
you
to
learn
this
stuff?
We
want
to
help.
You
learn
this
stuff,
so
please
feel
free
to
jump
in
and
ask
your
questions.
Well,.
A
C
B
And
we're
gonna
start.
You
know
like
so
we're
gonna
play
around
with
some
more
of
this
tool
container
stuff
for
another
couple
episodes
then
we're
gonna
start
looking
at
okay.
How
do
we
start
deploying
those
things
in
ways?
That's
consumable
for
across
the
environment,
you
know
or
across
your
data
center
and
things
like
that
and
then,
if
I
can
work
it
right,
I
can
try
and
get
brent.
Maybe
we
can
get
brent
soon
on
the
show.
B
Exactly
exactly
yeah,
I'm
sure
he
will
he
would
jump
at
the
chance.
We
just
need
to
make
sure
the
timing
works,
but
yeah
so
watch
the
calendar
because,
as
I
get
people
as
I
can
twist,
people's
arm
into
being
interviewed
we'll
get
them
on
the
show,
but
we'll
just
kind
of
slot
them
in
and
bump
whatever
is
there
out?
You
know.