Video Series: Modernizing Java Apps for Developers Part 2
Moving a monolithic application to a modern cloud architecture can be difficult and often results in a greenfield development effort. However, it is possible to move towards a cloud architecture using Docker Enterprise Edition with no code changes and gain portability, security and efficiency in the process.
In the first post in this series, we discussed how you don’t need to do a full re-architecture of your application to microservices when using Docker Enterprise Edition.
In the second installment of the series, I go into the details of containerization of the application. This process builds containers using the application code as-is. I’ll follow three simple rules:
- Keep the existing architecture
- Keep the save version of the OS, components and application
- Keep deployment simple, i.e. static not elastic
I’ll also demonstrate how to use multi-stage build file to compile the code and deploy it to application server container such as Tomcat. It also shows how to deploy the application and database using a Docker Compose file.
Video Series: Modernizing @Java Apps for #Developers with #docker EE
Click To Tweet
To learn more about Docker solutions for Developers:
- Learn more about Docker Enterprise Edition
- Start a hosted trial
- Sign up for upcoming Continue reading
Technology Short Take 96
Welcome to Technology Short Take 96! Ahead, lying in wait, is a unique collection of links, articles, and thoughts about various data center technologies. Browse if you dare…OK, so I’m being a bit melodramatic. It’s still some good stuff here!
Networking
- Via Matt Oswalt and Michael Bushong, I came across this article on Juniper’s use of P4. Interesting stuff…P4 definitely has the potential to dramatically reshape networking in new ways, in my humble opinion.
- Maxime Lagresle of XING outlines how they went about troubleshooting an unexplained connection timeout on Kubernetes/Docker.
- Ajay Chenampara outlines how POAP (Power On Auto Provisioning), a feature of Cisco NX-OS, works to streamline provisioning new network switches.
- Don Schenck has a high-level overview of Istio and service meshes.
- Daniel Álvarez has a good article describing some OVN profiling and optimizing he recently performed. I believe the patches he mentioned in the post have already been accepted into the OVN codebase.
Servers/Hardware
Nothing this time around; sorry! If you have some articles you feel are worthy of inclusion in the next Tech Short Take, send them my way!
Security
- Joe Beda talks about securing the Kubernetes dashboard in the wake of several “cryptojacking” instances.
- CloudFlare discusses recent Continue reading
A Secure Supply Chain for Kubernetes, Part 2
Two weeks ago we shared how the upcoming release of Docker Enterprise Edition (Docker EE) is able to secure the software supply chain for Kubernetes; just as it does for Docker Swarm through a combination of scanning for vulnerabilities and implementing image promotion policies. In this blog, we’ll take a closer look at another part of this solution – Docker Content Trust and image signing.
When combined with granular Role Based Access Controls [RBAC] and the secure clustering features of Docker EE, organizations get a secure container platform solution that is ready for the enterprise.
Restricting Unverified Kubernetes Content
As discussed in Part 1 of this blog post, organizations typically have a “supply chain” for how applications progress from a developer’s laptop to production, whether that is on-premises or in the cloud. For larger organizations, the team that handles QA and testing is not always the same team that develops the applications. There may also be a separate team that handles staging and pre-production before an application is pushed to production. Since an application can pass through several teams before it gets deployed, it’s important for organizations to be able to validate the source of the application.
Video Series: Modernizing Java Apps for Developers Part 1
Moving a monolithic application to a modern cloud architecture can be difficult and often result in a greenfield development effort. However, it is possible to move towards a cloud architecture using Docker Enterprise Edition with no code changes and gain portability, security and efficiency in the process.
Containerizing a monolithic application is a great starting point for modernizing application architecture.In many cases this can be done with no code changes at all. From there, breaking down the application into smaller components makes it easier to deploy updates, introduce new components and manage scale.
This new video series covers modernization for Java applications. It walks through the process of evolving a N-tier Java application to a distributed application running across multiple containers. Docker provides the platform that plugs in and manages all the components into a coherent architecture.
This series does not cover a full re-architecture to microservices. Shifting to a full microservices approach isn’t right for all applications, and the daunting task of a full rewrite of a monolithic application can be a massive endeavor that takes years to pay-off. Especially if what you have works. This series uses a feature driven approach. I select key features to update, in order to fix Continue reading
GETTING STARTED: UPGRADING ANSIBLE TOWER
Thanks for checking out the Getting Started series! This quick tutorial lists the basic steps needed to perform an upgrade of Red Hat Ansible Tower in a standalone configuration. Specifically, we'll be upgrading Ansible Tower 3.1.0 to the latest (as of this writing) version 3.2.2 in a few simple steps. There are some things you’ll need to keep in mind while upgrading (e.g., editing the inventory file appropriately), and a description will be offered with each example.
Upgrading is Easy
The steps to upgrading are similar to installing Ansible Tower. The original inventory file from the install should already have the hostnames and variables you'll be using, so it's suggested that you work from your current install's inventory file to populate the upgrade file.
Your older inventory file may have some different lines than the newer upgrade version, due to updated configuration options or added features. In this example, the difference between the 3.1.0 and the 3.2.2 inventory files is the added ability to enable isolated key generation for clustered installs. See below for a side-by-side comparison:
| Ansible Tower 3.1.0 | Ansible Tower 3.2.2 |
| [tower] |
Getting Started with Ansible Tower
If you’re considering evaluating Red Hat Ansible Tower, you might also be curious about what sort of support is included with a trial key. This post will explain what sort of help is available while you conduct a PoC, along with information to assist you with errors and more.
Ansible Experts Are Here to Help
After you download a trial of Ansible Tower and request a license key, there is more than just documentation and reading materials to help guide you through errors. Once you and your team are connected with Ansible and want to start working on an evaluation or proof of concept installation, there are a boatload of resources to help you on your automation journey:
Sales Representatives: Provide support from day one, helping you understand what Ansible Engine and Ansible Tower can do for you and your environment.
Getting Started Team: The product field engineering team (known colloquially as the "Getting Started" team) helps with the installation, configuration and integration of Ansible Engine and Ansible Tower.
Solution Architects: For cases that delve into deeper understanding of all things Ansible Automation, writing playbooks, or consultation/screenshared demos to ensure success of the project, a Solutions Architect can save Continue reading
Enhanced Layer 7 Routing for Swarm in Docker Enterprise Edition Beta
The beta release of Docker Enterprise Edition has seen incredible activity. The highlight of the upcoming Docker Enterprise Edition (Docker EE) release is the integration of Kubernetes and bringing all of the advanced security, RBAC and management capabilities of Docker EE to Kubernetes. At the same time, we have been working to improve Swarm, delivering the only container platform that allows you to run both orchestrators in the same cluster. In this blog post, we’ll highlight some the key new capabilities around application-layer (Layer 7) routing and load balancing for Swarm-deployed applications. These enhancements come from the new Interlock 2.0 architecture which provides a highly scalable and highly available routing solution for Swarm. The new architecture brings some additional features to the platform, including path-based routing and SSL termination.
Path-Based Routing
Layer 7 load balancing allows traffic going to host domains like acme.com to be distributed across specific containers in your environment. With path-based routing, traffic headed to sub-domains within acme.com (eg. acme.com/app1 or acme.com/app2) can be separately routed to different sets of containers. This can be especially useful for optimizing application performance by driving different requests to different groups of containers.
Read Continue reading
Announcing DockerCon Europe 2018
The Docker Team is excited to announce that the next DockerCon Europe 2018 will take place at the CCIB in Barcelona, Spain from December 3-5, 2018. With 3000 expected attendees, 7 tracks, 80+ speakers and sponsors, this upcoming edition should be the largest enterprise container conference for the IT industry in Europe.
From Docker basics and orchestration best practices to insights into how containers can enable edge computing, serverless and machine learning, DockerCon will include content for everyone. No matter your level of expertise with Docker or job title, attendees will have ample opportunities to learn and collaborate with their peers at other companies using the Docker platform as the cornerstone of their container strategy.
The CFP and official registration will open in the upcoming months but you can already pre-register to to get an additional 50 EUR off early bird price.
We can’t wait to welcome back many returning DockerCon alumni as well as open the DockerCon doors to so many new attendees and companies as we return to Barcelona.
Announcing @dockercon Europe 2018: December 3-5 at CCIB Barcelona, Spain. Early signup is open!…
Click To Tweet
Learn More about DockerCon EU 2018
- Visit the website
- Pre-register
- Inquire Continue reading
5 years later, where are you on your Docker journey?
Docker is turning five the week of March 19-25, 2018 and in celebration of this event, we would like to turn the spotlight to our users – the customers, partners, individuals and organizations that are using the Docker platform every day. From scientific use cases in the field of medical and space research to more traditional use cases in large banks and insurance companies, Docker’s adoption is only accelerating with everyone from individual developers to global corporations. Here are some of the key figures showing the widespread adoption of Docker across the community and within enterprises.
Docker has evolved from a container runtime to Docker Enterprise Edition (EE), a secure enterprise-ready container platform that brings unmatched freedom of choice to enterprises, while providing a foundation for their digital and multi-cloud initiatives. Millions of users rely on Docker, downloading 100M container images a day, and over 450 companies have turned to Docker Enterprise Edition – including hundreds of the largest enterprises in the world. With such vast adoption, the range of stories to tell and the diverse set of use cases continues to grow. So where are some of these users and enterprise customers on their Docker journey?
Docker users have deployed Docker containers for a Continue reading
Recent Changes in my “Learning Tools” Repository
A couple years ago, I created a “learning-tools” repository on GitHub with the goal of creating environments/tools that would help others learn new technologies. At first, the contents of the repository were almost exclusively leveraging Vagrant, but over time I’ve extended the environments to also leverage Ansible and to use tools such as Terraform. Over the past month or so, I’ve made a few additional (albeit relatively minor) updates that I also wanted to share.
As I said, the updates are relatively minor:
- I’ve added environments for running generic versions of Fedora Atomic Host (26 and 27), Ubuntu 16.04, and Debian 9.x. These environments are probably of limited value by themselves, but in the future I may use them as the basis for more complex environments based on these operating systems. Of course, others may leverage them as the basis for projects of their own.
- I’ve added Libvirt support for a number of the Vagrant-based environments, based on my experience with the Vagrant Libvirt provider. This support is limited to areas where I was able to find Libvirt-formatted Vagrant boxes, so you’ll find Libvirt support for the environments using CentOS Atomic Host, Fedora Atomic Host, and Debian. Continue reading
Looking Ahead: My 2018 Projects
For the last six years or so, I’ve been publishing a list of projects/goals for the upcoming year (followed by a year-end review of how I did with those projects/goals). For example, here are my goals for 2017, and here’s my year-end review of my progress in 2017. In this post, I’m going to share with you my list of projects/goals for 2018.
As I’ve done in previous years, I’ll list the projects/goals, along with an optional stretch goal (where it makes sense).
Become extremely fluent with Kubernetes. I’m focusing all my technical skills on Kubernetes this year, with the goal of becoming extremely fluent with the project in all its aspects. There are some aspects—like networking, for example—where some specialization/additional focus will be needed (focusing on particular network architectures/plugins). That means “leaving behind” other technologies, like OpenStack, in order to more fully focus on Kubernetes. (Stretch goal: Pass the Certified Kubernetes Administrator [CKA] exam.)
Learn to code/develop in Go. Given that Kubernetes is written in Go and that Go seems to be the language of choice for many new projects, tools, and utilities, I’m going to learn to code/develop in Go in 2018. Because I learned Continue reading
Ansible Tower Feature Spotlight: Instance Groups and Isolated Nodes
As we continue to improve Red Hat Ansible Tower, we’ve focused on allowing you to automate in more flexible ways, no matter your deployment scenario. As part of this, we’ve introduced two new features: Instance Groups and Isolated Nodes. These new features allow you to use Ansible Tower automation more flexibly in ways that match both the structure of your organization and your infrastructure.
Instance Groups
What is an instance group?
Ansible introduced Clusters in Ansible Tower 3.1. Tower Clusters allow you to add capacity to your Ansible Tower environment - the more nodes in your Tower Cluster, the more job execution capacity you have. If you have to run many jobs simultaneously, adding more nodes to the cluster lets you run them all without queueing.
However, this just gives you an additional mass of capacity. If you just have one group using a Tower instance, that may be enough. But we know that many Ansible Tower instances are shared among teams, groups, and organizations that may have different uses for their automation.
That’s why, in Ansible Tower 3.2, we created Instance Groups.
An Ansible Tower Instance group is a set of cluster nodes dedicated for a particular purpose. Continue reading
A Secure Supply Chain for Kubernetes
The beta release of the Docker Enterprise Edition (Docker EE) container platform last month integrates Kubernetes orchestration, running alongside Swarm, to provide a single container platform that supports both legacy and new applications running on-premises or in the cloud. For organizations that are exploring Kubernetes or deploying it in production, Docker EE offers integrated security for the entire lifecycle of a containerized application, providing an additional layer of security before the workload is deployed by Kubernetes and continuing to secure the application while it is running.
Mike Coleman previously discussed access controls for Kubernetes. This week we’ll begin discussing how Docker EE secures the Kubernetes supply chain.
What is a Software Supply Chain?
When you purchase something from a retail store, there is an entire supply chain that gets the product from raw materials to the manufacturer to you. Similarly, there is a software supply chain that takes an application from code on a developer’s laptop to production.
Every company’s software supply chain may be slightly different; some outsource software development, some have adopted Continuous Integration and Continuous Delivery processes, and some deploy production applications across multiple clouds, some on-premises. Regardless of what the software supply chain consists of, Continue reading
First Look at the DockerCon San Francisco 2018 Agenda
From June 12th – 15th, San Francisco will welcome 6,000+ developers, sysadmins, architects, VP of Apps and other IT leaders to get hands-on with the latest innovations in the container ecosystem at DockerCon 2018. Today, we are excited to share a first look at the DockerCon Agenda. We’ve brought back some of your favorite from past DockerCons and are also thrilled to welcome many first time DockerCon speakers to the stage. Here is a first look at some of our favorites sessions:
Customers in Production
Use case sessions highlight how companies are using Docker to modernize their infrastructure and build, manage and secure distributed applications. These sessions are heavy on business value, ROI and production implementation advice, and learnings.
- Building your NoSQL ship: How an Enterprise transitioned from a RDBMS to NoSQL DB using Agile and Docker by Jonell Taylor, Metlife
- Black Friday and 100K Deployments Per Year by Srikanth Bulusu & Sanjoy Mukherjee, JCPenney
- Packaging Software for Distribution on the Edge with Docker and Windows Server
Peter Ngai, GE Digital
Using Docker
Using Docker sessions are introductory sessions for Docker users, dev and ops alike. Filled with practical advice, learnings, and insight, these sessions will Continue reading
Getting Started: Using New Kerberos Feature in Ansible Tower
Welcome to another post in our Getting Started series. In our previous post, we discussed how you can set up and use LDAP in your Red Hat Ansible Tower instance. In this post we are going to discuss a new feature in regard to Windows authentication with Kerberos. Before we get started, please note that these changes will not affect the current configuration you are using if you have previously used Kerberos with Ansible Tower. Your setup should function the same way as before.
Using Kerberos to Connect to Windows
Using Kerberos with Ansible and Ansible Tower to connect to your Windows hosts before the release of Ansible 2.3 required some prior scaffolding tasks be set up before you were able to fully use it. The necessary packages for Kerberos are still required to be on the machine that Ansible Tower is installed on. The documentation on the required materials and configuration changes can be found here if you are just starting out or need a refresher.
The main change that comes to using Kerberos with Ansible and Ansble Tower is how Ansible manages Kerberos “tokens” or “tickets." Ansible Tower defaults to automatically managing Kerberos tickets (as Continue reading
Technology Short Take 95
Welcome to Technology Short Take 95! This Short Take was a bit more challenging than normal to compile, given that I spent the week leading up to its publication visiting customers in Europe. (My travel schedule in Europe is also why it didn’t get published until Saturday instead of the typical Friday.) Nevertheless, I have persevered in order to deliver you this list of links and articles. I hope it proves useful!
Networking
- Larry Smith Jr. has a nice write-up on Cisco XR stemming from a presentation at NFD 17.
- VMware recently released a reference design guide for NSX-T; see here for more details.
- The engineering team at Lyft recently discussed a new overlay-free networking approach they’ve been working on for Kubernetes: IPVLAN-based CNI stack for running within VPCs on AWS. This is pretty cool, but does introduce some potential design considerations for deploying Kubernetes on AWS. (For those that may be unfamiliar: CNI, or Container Network Interface, is the means whereby network mechanisms “plug into” Kubernetes. IPVLAN is a low-latency means of providing IP connectivity to containers. VPCs, or Virtual Private Clouds, are Amazon’s software-defined networking mechanism for workloads running on AWS.)
- Viktor van den Berg writes Continue reading
Video Series: Modernizing .NET Apps for Developers
Docker Enterprise Edition (EE) is the container platform for modernizing your existing applications, and running them in the cloud or on-premises. You can take monoliths and run them in containers with no code changes, and that gets you portability, security and efficiency.
Running in Docker is also a great starting point for modernizing the application architecture. You can breaking down the monolith into smaller, independent components which makes it easier to deploy updates, manage scale and introduce new technologies.
This new video series covers app modernization, for .NET developers and architects. It walks through the evolution of a monolithic ASP.NET 3.5 app to a distributed application running across multiple containers, using the Docker platform to plug everything together and adding features with great open-source software from the Docker ecosystem.
This is not a full re-architecture to microservices – for large .NET apps that would be a 12 month project. This series uses a feature-driven approach, taking key features out of the monolith to fix performance issues, add new functionality and support fast application updates.
Part 1 introduces the series, talks about what “modernization” means and then gets started – this is a very demo-heavy video series, where you’ll see lots Continue reading
Loop: Plays in the future, items in the past
Welcome to another episode of Feature Spotlight. In today's post, we'll quickly cover the loop keyword being introduced in Ansible 2.5.
Everyone knows the with_* syntax in playbooks.
For example:
- name: Test that with_list works with a list
ping:
data: ''
with_list:
- 'Hello World'
- 'Olá Mundo'In Ansible 2.5, we're introducing loop as a shorter, simpler keyword for playbooks.
Example:
- name: Test that loop works with a manual list
ping:
data: ''
loop:
- 'Hello World'
- 'Olá Mundo'
It's a very minute change, and can easily be overlooked when skimming a playbook! However, when writing many lines of tasks in a playbook, why not save some potential muscle fatigue?
Let's be real, even if a playbook accomplishes a whole lot in 10 lines, that's still ten lines!
All joking aside, we wanted to make things simpler. It's much easier to remember loop than with_items or with_list.
The question after this very well may be, "What happens to with_first_found or with_dict or .... etc, etc, etc?
Well the idea here is to abstract out some of the magic that with_* really is.
Example:
- name: Test that loop works with a list via the list Continue readingDocker Compose and Kubernetes with Docker for Desktop
If you’re running an edge version of Docker on your desktop (Docker for Mac or Docker for Windows Desktop), you can now stand up a single-node Kubernetes cluster with the click of a button. While I’m not a developer, I think this is great news for the millions of developers who have already been using Docker on their Macbook or Windows laptop because they now have a fully compliant Kubernetes cluster at their fingertips without installing any other tools.
Developers using Docker to build containerized applications often build Docker Compose files to deploy them. With the integration of Kubernetes into the Docker product line, some developers may want to leverage their existing Compose files but deploy these applications in Kubernetes. There is, of course, Kompose, but that’s a translation layer which causes you to have two separate artifacts to manage. Is there a way to keep a native Docker-based workflow?
With Docker on the desktop (as well as Docker Enterprise Edition) you can use Docker compose to directly deploy an application onto a Kubernetes cluster.
Here’s how it works:
Let’s assume I have a simple Docker compose file like the one below that describes a three tier Continue reading
Top 3 reasons to attend DockerCon 2018
In case you missed it, DockerCon 2018 will take place at Moscone Center in San Francisco, CA on June 13-15, 2018. DockerCon is where the Docker community comes to learn, belong, and collaborate. Attendees are a mix of beginner, intermediate and advanced users who are all looking to level up their skills and go home inspired. With a 2 full days of training, more than 100 sessions, free workshops and hands-on labs, and the wealth of experience brought by each attendee, DockerCon is the place to be if you’re looking to learn Docker in 2018.
Want to go but need information to convince your manager? Here is a document to help you build a case for it including content, budget and reasons why you should attend.
Register for DockerCon 2018
Reason #1: Inspiring and informative breakout sessions
From beginner to experts, DockerCon brings together the brightest minds to talk about all things containers including Docker Platform, Kubernetes, Digital Transformation in the Enterprise, Moby and CNCF projects, Container Security, Service Mesh and more. Although the full schedule won’t be announced until the end of the month, below is a sneak peak of some of the sessions we have lined Continue reading