Archive

Category Archives for "Systems"

Liveblog: IPv6 in the Cloud – Protocol and Service Overview

This is a liveblog of an AWS re:Invent 2017 breakout session titled “IPv6 in the Cloud: Protocol and Service Overview.” The presenter’s name is Alan Halachmi, who is a Senior Manager of Solutions Architecture at AWS. As with so many of the other breakout sessions and workshops here at re:Invent this year, the queues to get into the session are long and it’s expected that the session will be completely full.

Halachmi starts the session promptly at 11:30am (the scheduled start time) by reviewing the current state of IP4 exhaustion, then quickly moves to a “state of the state” regarding IPv6 adoption on the Internet. Global IPv6 adoption is currently around 22%, and is expected to hit 25% by the end of the year. Mobile and Internet of Things (IoT) are driving most of the growth, according to Halachmi. T-Mobile, for example, now has 89% of their infrastructure running on IPv6.

Transitioning again rather quickly, Halachmi moves into an overview of the IPv6 protocol itself. IPv4 uses a 32-bit address space; IPv6 uses a 128-bit address space (29 orders of magnitude larger than IPv4). IPv4 uses dotted decimal with CIDR (Classless Interdomain Routing) notation; IPv6 uses colon-separated hextet notation Continue reading

A Sample Makefile for Creating Blog Articles

In October of this year, I published a blog post talking about a sample Makefile for publishing blog articles. That post focused on the use of make and a Makefile for automating the process of a publishing a blog post. This post is a companion to that post, and focuses on the use of a Makefile for automating the creation of blog posts.

Since early 2015, this site has been running as a static site with the content created using Markdown. In its first iteration as a static site, the HTML was generated using Jekyll and hosted on GitHub Pages. In the current iteration, the HTML is generated using Hugo, hosted on Amazon S3, and served via Amazon CloudFront. In both cases, the use of Markdown as the content format also required specific front-matter to instruct the static site generator how to create the HTML. For Hugo, the front-matter looks something like this (I use YAML, but other formats are supported):

---
author: slowe
categories: Explanation
date: 2017-11-27T12:00:00Z
tags:
- Writing
- Blogging
- Productivity
title: Sample Blog Post title
url: /2017/11/27/sample-blog-post-title/
---

There are obviously a lot of different ways to automate the creation of this front-matter Continue reading

Installing MultiMarkdown 6 on Fedora 27

Long-time readers are probably aware that I’m a big fan of Markdown. Specifically, I prefer the MultiMarkdown variant that adds some additional extensions beyond “standard” Markdown. As such, I’ve long used Fletcher Penny’s MultiMarkdown processor (the latest version, version 6, is available on GitHub). While Fletcher offers binary builds for Windows and macOS, the Linux binary has to be compiled from source. In this post, I’ll provide the steps I followed to compile a MultiMarkdown binary for Fedora 27.

The “How to Compile” page on the MMD-6 Wiki is quite sparse, so a fair amount of trial-and-error was needed. To keep my main Fedora installation as clean as possible, I used Vagrant with the Libvirt provider to create a “build VM” based on the “fedora/27-cloud-base” box.

Once the VM was running, I installed the necessary packages to compile the source code. It turns out only the following packages were necessary:

sudo dnf install gcc make cmake gcc-c++

Then I downloaded the source code for MMD-6:

curl -LO https://github.com/fletcher/MultiMarkdown-6/archive/6.2.3.tar.gz

Unpacking the archive with tar created a MultiMarkdown-6-6.2.3 directory. Changing into that directory, then the instructions from the Wiki page worked as expected:

make
 Continue reading

Using Docker Machine with KVM and Libvirt

Docker Machine is, in my opinion, a useful and underrated tool. I’ve written before about using Docker Machine with various services/providers; for example, see this article on using Docker Machine with AWS, or this article on using Docker Machine with OpenStack. Docker Machine also supports local hypervisors, such as VMware Fusion or VirtualBox. In this post, I’ll show you how to use Docker Machine with KVM and Libvirt on a Linux host (I’m using Fedora 27 as an example).

Docker Machine ships with a bunch of different providers, but the KVM/Libvirt provider must be obtained separately (you can find it here on GitHub). Download a binary release (make sure it is named docker-machine-driver-kvm), mark it as executable, and place it somewhere in your PATH. Fedora 27 comes with KVM and the Libvirt daemon installed by default (in order to support the Boxes GUI virtualization app), but I found it helpful to also install the client-side tools:

sudo dnf install libvirt-client

This will make the virsh tool available, which is useful for viewing Libvirt-related resources. Once you have both the KVM/Libvirt driver and the Libvirt client tools installed, you can launch a VM:

docker-machine create -d kvm --kvm-network  Continue reading

Shifting Legacy WebLogic Apps to Docker Enterprise Edition for Improved Operations

Founded in 1792, Alm. Brand is a Danish insurance and banking company headquartered in Copenhagen, Denmark and one of the oldest companies to have ever presented at any DockerCon. Sune Keller, an IT architect, and Loke Johannessen, Systems Specialist, rode their bikes to DockerCon Europe 2017 to demonstrate how they helped lift and shift their legacy WebLogic applications to Docker Enterprise Edition (Docker EE).  You can watch their entire talk here:

Seeking Operational Stability for Legacy Apps

Alm. Brand started working with Docker EE after hearing about it at DockerCon 2015 (known as Docker Datacenter back then). After successfully deploying the first set of new greenfield apps in their Docker EE environment, Alm. Brand wanted to tackle their existing WebLogic applications which were causing the operations team the biggest headaches. The team operated the WebLogic applications in a large cluster, all running on the same JVM. When an app crashed, it would often crash the entire JVM or hang the entire cluster, making it hard to identify which application was the root cause. The setup was also very brittle and slow as they could only deploy one app at a time to the cluster.

Docker customer

With the skills Continue reading

5 Reasons Why We’re Thankful for the Docker Community

As the weather gets colder and the days get shorter, we wanted to take some time to give a warm “thank you” to the Docker Community. With an ever-growing community and active community leaders, there’s a lot that Docker has to be thankful for this year! Here’s our top five:

Moby Docker ThanksgivingDocker Community Gives Back

1. Docker Community Gives Back

Members of  the Docker and Moby  Community work with unbelievable amounts of dedication and passion on some of the best open source projects around. Their hardwork never goes unnoticed, and the Moby Project is better because of it’s community of awesome contributors.  

Interested in getting started on the Moby Project? Get more info on how you can get involved here.

 

2. Our Community Knows how to Take Action

With over 500 Community Leaders and locations in 81 countries, we’re continually impressed by the initiative our community takes in mentoring and teaching one another – even when you’re on different parts of the globe. We’ve seen you collaborate and create, and we couldn’t be more thankful for all of the impressive tips, tricks and knowledge that you share with us and the community.

 

Docker captain

 

3. All Roads Lead to Continue reading

Happy Thanksgiving 2017

In the US, today (Thursday, November 23) is Thanksgiving. I’d like to take a moment to reflect on the meaning of Thanksgiving.

Thanksgiving means different things to different people:

  • To folks outside the US, it often just a day with drastically reduced email volume and no interruptions from US-based coworkers. (Enjoy!)
  • To folks in the US, it’s a holiday filled with food (turkey, anyone?). There may also be family gatherings, football (American football, of course), and possibly some shopping. (There will most certainly be shopping tomorrow.)
  • To many people, it’s also a time to be thankful or grateful for the good things in their lives.
  • To Christians, like myself, it’s often a time to reflect on the blessings that God placed in your life. I know that I am quite blessed—blessed with a great family, an amazing wife, and the opportunity to work in a fast-paced industry (among many many other blessings).

Whatever Thanksgiving means to you, I hope that you enjoy the holiday. Happy Thanksgiving!

Docker for Windows 17.11 with Windows 10 Fall Creators Update

Experimental support for Microsoft’s Linux containers on Windows (LCOW) feature has been available for Windows Server 1709 via the Docker EE “Preview” release. The same functionality is now available for Windows 10 Fall Creators Update with the release of Docker for Windows 17.11. In fact, it’s been available since Docker for Windows 17.10. 

How to get it

Docker for Windows 17.11 is an Edge channel release. If your copy of Docker for Windows is set to the Edge or Nightly channel you will receive the update automatically. Users on the Stable channel will need to switch to Edge via the Setting dialog to receive the update.

Doesn’t Docker for Windows already run Linux containers?

That’s right. Docker for Windows can run Linux or Windows containers, with support for Linux containers via a Hyper-V Moby Linux VM (as of Docker for Windows 17.10 this VM is based on LinuxKit).

The setup for running Linux containers with LCOW is a lot simpler than the previous architecture where a Hyper-V Linux VM runs a Linux Docker daemon, along with all your containers. With LCOW, the Docker daemon runs as a Windows process (same as when running Docker Continue reading

Installing Older Docker Client Binaries on Fedora

Sometimes there’s a need to have different versions of the Docker client binary available. On Linux this can be a bit challenging because you don’t want to install a “full” Docker package (which would also include the Docker daemon); you only need the binary. In this article, I’ll outline a process I followed to get multiple (older) versions of the Docker client binary on my Fedora 27 laptop.

The process has two steps:

  1. Download the RPMs for the older releases from the Docker Yum repository (for Fedora, that repository is here).
  2. Extract the files from the RPM without actually installing the RPM.

For step 1, you can use the curl program to download specific RPMs. For example, to download version 1.12.6 of the Docker client binary, you’d download the appropriate RPM like this:

curl -LO https://yum.dockerproject.org/repo/main/fedora/24/Packages/docker-engine-1.12.6-1.fc24.x86_64.rpm

You’ll note that the URL above appears to be tied to a particular Fedora version (24, in this case). However, that’s only significant/applicable for the entire RPM package; once you extract the specific binaries, you should have no issues running the binaries on a different version (I was able to run older versions of Continue reading

Sharing is Caring: Docker Enterprise Edition Access Control

Multi-tenancy has many benefits in organizations. Clearly it increases hardware utilization but it also allows IT roles to specialize more, and provides better separation of concerns. This leads to more manageable infrastructure. Multi-tenancy is a challenging practice though, as it requires strict security control over resources without becoming too cumbersome for application deployment.

This blog post is about the Role-based Access Control (RBAC) enhancements introduced in Docker Enterprise Edition (Docker EE) 17.06. These enhancements allow for much more granular control and also flexible policy modeling that is one giant building block of a multitenant container infrastructure. This post will help you  address questions like:

  • How do I prevent different teams from viewing or interacting with each other’s applications when using shared infrastructure?
  • How can I enforce scheduling on certain nodes in the cluster?
  • How can I manage all the access policies so it’s clearly understandable who has access to what?

Docker EE Access Control is a policy-based model that uses access control lists called grants to dictate access between users and cluster resources. A grant is a rule that ties together who, can do which actions, against what resource.

As shown below, a grant is made Continue reading

Installing Postman on Fedora 27

I recently had a need to install the Postman native app on Fedora 27. The Postman site itself only provides a link to the download and a rather generic set of instructions for installing the Postman native app (a link to these instructions for Ubuntu 16.04 is also provided). There were not, however, any directions for Fedora. Hence, I’m posting the steps I took to set up the Postman native app on my Fedora 27 laptop.

(Note that these instructions will probably work with other versions of Fedora as well, but I’ve only used them on Fedora 27.)

Here are the steps I followed:

  1. Download the installation tarball, either via your browser of choice or via the command line. If you’d prefer to use the command line, this command should take care of you:

    curl -L https://www.getpostman.com/app/download/linux64 -O postman-linux-x64.tar.gz

  2. Unpack the tarball into the directory of your choice. I prefer to put third-party applications such as this into the /opt directory; you can (obviously) put it wherever you prefer. This command should do the trick:

    sudo tar xvzf postman-linux-x64.tar.gz -C /opt

    If you prefer a directory other than /opt, specify the Continue reading

Multi-arch All The Things

[This post was written by Phil Estes and Michael Friis.]

True multi-platform workload portability has long been the holy grail of enterprise computing. All kinds of virtualization strategies have been used over the years to approximate this dream to varying levels of acceptable performance or usability. On the one hand, virtual machines and hardware virtualization are flexible enough that you can mix and match operating systems (and even CPU architectures) on the same host—but they come with a lot of overhead. However, language-based virtual runtimes don’t have packaging formats that encapsulate all system-level app dependencies, and that makes them unsuitable for general-purpose deployment and configuration management.

Docker came along as a unique type of virtualization that only virtualizes the operating system for container processes. Docker uses existing Linux kernel features to offer isolation characteristics that are similar to what is available with virtual machines. The analogy of a “standard shipping container,” combined with these isolation primitives, caught developer interest immediately. With this new shipping metaphor came speed and agility that blew the doors off virtual machine size and speed constraints that impacted developer workflow, not to mention developer happiness! The containerization craze has grown like wildfire since then, but Continue reading

Swarm Orchestration in Docker Enterprise Edition

swarm orchestration

At DockerCon Europe, we announced that the next release of Docker Enterprise Edition (Docker EE) would include Kubernetes integration. We’re really excited about bringing Kubernetes to our customer base and continuing to increase our involvement within the community. But it’s equally important for us to note that Swarm orchestration is not going away. Swarm forms an integral cluster management component of the Docker EE platform; in addition, Swarm will operate side-by-side with Kubernetes in a Docker EE cluster, allowing customers to select, based on their needs, the most suitable orchestration tool at application deployment time.

Here are just a few reasons that Swarm is integral to the Docker EE solution:

  1. Support our existing customers and ecosystem integrations
  2. Provide customers the flexibility in choice of orchestrators
  3. Provide secure and highly available clustering architecture

Existing Customers and Ecosystem Integrations

Docker now has hundreds of Docker EE customers who have standardized on Swarm orchestration. In fact, at our Customer Summit during DockerCon, all of the customers stated that they intend to continue using Swarm even with the Kubernetes announcement. Having both orchestration options available is definitely a plus for some of these customers that have organizations within the company using both Swarm and Continue reading

Docker Enterprise Edition Certified as Kubernetes Conformant

Yesterday, the Cloud Native Computing Foundation® (CNCF®) announced that Docker Enterprise Edition (Docker EE) passed the Certified Kubernetes™ conformance program. Based on the upcoming release of Docker EE that was demonstrated onstage at DockerCon Europe, this certification guarantees that all Kubernetes APIs function as specified to deliver a consistent and portable Kubernetes experience within Docker EE.

Docker EE Certified Kubernetes

In addition to a fully-conformant, unmodified  Kubernetes experience, users of Docker EE will also have access to the advanced capabilities of the Docker platform including simple and powerful clustering, a secure end-to-end supply chain, and validation to run on all major Linux distributions, Windows, IBM mainframe, and several leading public clouds. By integrating Kubernetes into Docker EE, we simplify and advance the management of Kubernetes for enterprise IT.  

Conformance Testing

Docker EE was certified against Kubernetes v1.8 by passing a test suite overseen by SIG Architecture. The test gives end users the confidence that Docker EE delivers a high level of common functionality to the main Kubernetes distribution and these results are validated by CNCF.

As a Certified Kubernetes platform, we are also promising to release new versions of Docker EE with Kubernetes to ensure that customers can take advantage of the rapid pace Continue reading

Integrating Docker EE Into Société Générale’s Existing Enterprise IT Systems

Société Générale is a 153-year old French multinational bank that believes technology and innovation are key to enriching the customer experience and advancing economic development. A few years ago, the bank started a project to define their next generation application platform that would help them get 80% of their applications running in the cloud by 2020. Société Générale chose Docker Enterprise Edition (Docker EE) to be the foundation of their application platform and began working with it 15 months ago. This year at DockerCon Europe, Stephan Dechoux, DevOps architect, and Thomas Boussardon, Middleware Specialist, shared their journey over this time integrating Docker Enterprise Edition [Docker EE] into Société Générale IT systems.

You can watch their breakout session here:

A New Platform For Today and Tomorrow

Société Générale has a diverse application portfolio that includes many different types of applications, including legacy monolithic apps, SOA, distributed apps and REST APIs. The bank is also a global organization with teams and data centers around the world. A primary goal  was to deliver a new application platform to improve time-to-market and lower costs, while accelerating innovation. Initially Société Générale considered off-the-shelf PaaS solutions, but realized that these were better suited for greenfield applications Continue reading

Making AWS re:Invent More Family-Friendly

AWS re:Invent is just around the corner, and Spousetivities will be there to help bring a new level of family friendliness to the event. If you’re thinking of bringing a spouse, partner, or significant other with you to Las Vegas, I’d encourage you to strongly consider getting him or her involved in Spousetivities.

Want a sneak peek at what’s planned? Have a look:

  • Monday’s activity is a full-day trip to Death Valley, including a stop at Bad Water Basin (significant because it is 280 feet below sea level, making it the lowest place in the Western Hemisphere!). Lunch is included, of course.
  • On Tuesday, Spousetivities participants will get to visit a number of locations on the Las Vegas Strip, including Siegfried and Roy’s Secret Garden, the Wildlife Habitat at the Flamingo, and the Shark Reef at Mandalay Bay. Transportion is provided for longer connections, but there will be some walking involved—wear comfortable shoes!
  • Wednesday includes a visit to Red Rock Canyon and Hoover Dam. There will some opportunities for short sightseeing walks in Red Rock Canyon (plus the 13-mile scenic drive), and the Hoover Dam tour includes access to the generator room (a very cool sight).
  • Wrapping up the Continue reading

THE ENTERPRISE IT CHECKLIST FOR DOCKER OPERATIONS

At Docker, we believe the best insights come from the developers and IT pros using the Docker platform every day. Since the launch of Docker Enterprise Edition, we learned three things from our customers.

  1. First, a top goal in enterprise IT is to deliver value to customers (internal business units or external clients)…and to do so fast.
  2. Second, most enterprises believe that Docker is at the center of their IT platform.
  3. Finally, most enterprises’ biggest challenge is moving their containerized applications to production in time to prove value. My DockerCon talk focused on addressing the third item, which seems to be a critical one for many of our customers.

In our recent customer engagements, we’ve seen a pattern of common challenges when designing and deploying Docker in an enterprise environment. Particularly, customers are struggling to find best practices to speed up their move to production. To address some of these common challenges, we put together a production readiness checklist (https://github.com/nicolaka/checklist) for Docker Enterprise Edition. This list was discussed thoroughly during my DockerCon EU 2017 session. Here’s a video of that talk:

I go through 10 key topics (shown below) that a typical enterprise should  go through when deploying Continue reading

Technology Short Take 90

Welcome to Technology Short Take 90! This post is a bit shorter than most, as I’ve been on the road quite a bit recently. Nevertheless, there’s hopefully something here you’ll find useful.

Networking

Security

How to Tag Docker Images with Git Commit Information

I’ve recently been working on a very simple Flask application that can be used as a demo application in containerized environments (here’s the GitHub repo). It’s nothing special, but it’s been useful for me as a learning exercise—both from a Docker image creation perspective as well as getting some additional Python knowledge. Along the way, I wanted to be able to track versions of the Docker image (and the Dockerfile used to create those images), and link those versions back to specific Git commits in the source repository. In this article, I’ll share a way I’ve found to tag Docker images with Git commit information.

Before I proceed any further, I’ll provide the disclaimer that this information isn’t unique; I’m building on the work of others. Other articles sharing similar information include this one; no doubt there are countless more I haven’t yet seen. I’m presenting this information here simply to show one way (not the only way) of including Git commit information with a Docker image.

Getting the necessary information from Git is actually far easier than one might think. This variation of the git log command will print only the full hash of the last commit Continue reading

Deep Dive into Container Images in Kolla

This is a liveblog of my last session at the Sydney OpenStack Summit. The session title is “OpenStack images that fit your imagination: deep dive into container images in Kolla.” The presenters are Vikram Hosakote and Rich Wellum, from Cisco and Lenovo, respectively.

Hosakote starts with an overview of Kolla. Kolla is a project to deploy OpenStack services into Docker containers. There are two ways to use Kolla: using Ansible (referred to as Kolla-Ansible) or using Kubernetes (referred to as Kolla-Kubernetes). Hosakote mentions that Kolla-Kubernetes also uses Helm and Helm charts; this makes me question the relationship between Kolla-Kubernetes and OpenStack-Helm.

Why Kolla? Some of the benefits of Kolla, as outlined by Hosakote, include:

  • Fast(er) deployment (Hosakote has deployed in as few as 9 minutes)
  • Easy maintenance, reconfiguration, patching, and upgrades
  • Containerized services are found in container registry
  • One tool to do multiple things

Hosakote briefly mentions his preference for Kolla over other tools, including Juju, DevStack, PackStack, Fuel, OpenStack-Ansible, TripleO, OpenStack-Puppet, and OpenStack-Chef.

Other benefits of using containers for OpenStack:

  • Reproduce golden state easily
  • No more “Works in DevStack” but doesn’t work in production
  • Production-ready images (this seems specific to Kolla, not just containers for OpenStack control plane)
  • Continue reading
1 59 60 61 62 63 125