Parsing Packages with Porter

by | 18.10.2021 | Engineering

The process of deployment when it comes to cloud based applications is a strange mix of complicated commands, containerized steps and dealing with execution and compatibility issues, once the application is out. With the advent of easy to use tools designed to deal with such issues always springing from the community, it is important to shed light on one such application that every beginner and coder should take a look at Porter.

Porter works as a containerized tool that helps users to package the elements of any existing application or codebase along with client tools, configuration resources and deployment logic in a single bundle. This bundle can be further moved, exported, shared and distributed with just simple commands.

Porter was accepted to CNCF in 2020 and was inducted as a Sandbox project, instantly earning attention as a sizeable and sleek tool for solving packaging and deployment issues.

Typical Balancing and Packaging Cluster Source: Porter
Typical Balancing and Packaging Cluster Source: Porter

How Porter Works To Perfect Packaging

Porter is designed to package all applications and their development files in the format of a single version bundle distributed over standard Docker registries or plain tgz files. This helps users install the application without requiring any important steps or instructions for setup. What’s more is that this can be carried out on any system regardless of the tech stack.

Porter achieves this by compartmentalizing all the major documentation and other files in the form of bundles. Based on the Cloud Native Application Bundle Specification, CNAB, Porter helps users work with a declarative authoring type that helps maintain a secure connection to applications.

It also supports mixins which acts as building blocks and supports you while authoring bundles.

Why Bundles Are Important

A bundle can be regarded as an application that uses the same configuration as a starter pack with all the bare minimum elements needed to run any application on any system. Here is a small list of what users can achieve with bundles:

  1. Install tools to manage your application through cloud platforms such as helm, aws/azure/gcloud, terraform.
  2. Deploying applications with all their infrastructure and other elements along with packages for cloud storage, DNS entry, load balancer, SSL layers and so on.
  3. Fulfilling software requirements and dependencies Get software and its dependencies into offline airgapped networks.
  4. Management of any disjointed operations and handling additional techn requirements such as Helm or Terraform, across teams and departments.
  5. Securing pipelines by connecting with security defense systems with little to no code requirements for linkages.

When users typically deploy to the cloud, the applications aren’t restricted to a single platform or cloud provider or even deployment tool. Even the tiniest of applications with the least number of requirements are plagued by additional needs for tools such as load balancers, overtime and persistent storage, databases, SSL certificates. These are then again the consequences of a rapidly expanding cloud network that is complemented by increasing user needs and neverending platform requirements.

The Cloud Native Application Bundle (CNAB) that Porter professes as its flagship product was designed to deal with these exact issues. CNAB not only details all the information related to the bundles and how they will be run on systems but also contain vast data on the user’s part to design and replicate the bundle development. This induces a sense of independent frameworks to the deployment phase which was sorely complicated in the past. CNAB adopts an opinionated and user centric approach to make bundle authoring less of a headache in software development. 

Examples of applications that are compatible with Porter Source: Porter
Examples of applications that are compatible with Porter Source: Porter

Important Porter Elements: What Makes it Unique:

  • The artifact option is used to package everything that you use to deploy in a single application and can be easily distributed with simple  commands.
  • The verification tool from Porter is used for signing and verifying applications before installing the bundle to improve supply chain security.
  • The CLI component can be well adjusted to any environment as it has a version that applies to any platform. End users don’t have to install the right versions of tools locally, taking away a huge load of compatibility issues.
  • Operational knowledge about the system can be gathered from the metadata section in order to customize the installation options and check for version needs on any machine. In most cases, users won’t even need to check which tools are necessary as the bundle would contain them all.
  • The history tab keeps a record of all actions performed previously on the bundle, the parameter values used, the current bundle version and other details to help software developers.
  • All actions are securely stored in a secret store to avoid details from being copied around which makes the use of bundles much safer than using tools in their standalone versions.

The Good & Perhaps The Not So Bad

Porter has been a great addition to the deployment architecture environment and has garnered a great deal of exposure from the CNCF induction. The bundling approach to deployment and packaging can be seen as a great next step in making software development cycles less cumbersome as product needs and customer specifications make the process more complex.

There’s no doubt that a great deal of complications in running such systems arise from the need to update existing applications and prepackaging them with all the basic files to make installation on other platforms easier. Porter has found unique methods to deal with these issues albeit with several challenges along the way.

Some users may be aversive in adopting the system given how familiar software developers have become to similar platforms like Ansible or Terraform. Such adoption is only hindered by a lack of support and documentation for more complex packaging and deployment operations. But in consolation, these issues are again common with any new tool. Porter isn’t exactly going to replace its counterparts but simply add onto Ansible or Terraform through scripts and files that makes their distribution much simpler. This can now be well achieved in the form of OCI (docker) registries or USB sticks to get into air-gapped networks.

The lack of features for rewriting works as a double edged sword where it makes deployment easier but may delay the process altogether if the developers have to make changes with the original codebase. Faster deployment for updates and edits is still a challenge that requires a more peculiar approach.

Typical packaging application bundle Source: Porter
Typical packaging application bundle Source: Porter

So What’s The Final Word

It’s hip. It’s new. And it’s got the crowd talking. But moving ahead, many of Porter’s actual uses can be realized only after receiving ample support from larger platforms and being complemented with the necessary documentation to make it easier for any user to pick up and use. The simplistic command line format is already easy to use and would be best served with proper tutorials and references.

With that we close the end of another tool to equip in one’s arsenal. A quick glance at the community and official pages online should convince anyone about its benefits and uses. Check out future articles for more information and to get ahead on the latest news about cloud tools.

Read more from us here:

Happy Packaging!


The DevOps Awareness Program

Subscribe to the newsletter

Join 100+ cloud native ethusiasts


Join the community Slack

Discuss all things Kubernetes, DevOps and Cloud Native

Related articles6

Introduction to GitOps

Introduction to GitOps

GitOps serves to make the process of development and operations more developer-centric. It applies DevOps practices with Git as a single source of truth for infrastructure automation and deployment, hence the name “Git Ops.” But before getting deeper into what is...

Kaniko: How Users Can Make The Best Use of Docker

Kaniko: How Users Can Make The Best Use of Docker

Whether you love or hate containers, there are only a handful of ways to work with them properly that ensures proper application use with Docker. While there do exist a handful of solutions on the web and on the cloud to deal with all the needs that come with running...

Cilium: A Beginner’s Guide To Improve Security

Cilium: A Beginner’s Guide To Improve Security

A continuation from the previous series on eBPF and security concerns; it cannot be reiterated enough number of times how important it is for developers to ensure the safety and security of their applications. With the ever expanding reach of cloud and software...

How to clean up disk space occupied by Docker images?

How to clean up disk space occupied by Docker images?

Docker has revolutionised containers even if they weren't the first to walk the path of containerisation. The ease and agility docker provide makes it the preferred engine to explore for any beginner or enterprise looking towards containers. The one problem most of...

eBPF – The Next Frontier In Linux (Introduction)

eBPF – The Next Frontier In Linux (Introduction)

The three great giants of the operating system even today are well regarded as Linux, Windows and Mac OS. But when it comes to creating all purpose and open source applications, Linux still takes the reign as a crucial piece of a developer’s toolkit. However, you...

Falco: A Beginner’s Guide

Falco: A Beginner’s Guide

Falco shines through in resolving these issues by detecting and alerting any behaviour that makes Linux system calls. This system of alerting rules is made possible with the use of Sysdig’s filtering expressions to detect potentially suspicious activity. Users can also specify alerts for specific calls, arguments related to the calls and through the properties of the calling process.