Rock Stars, Builders, and Janitors: You’re Doing it Wrong

This is a liveblog of the session titled “Rock Stars, Builders, and Janitors: You’re Doing it Wrong”. The speaker is Alice Goldfuss (@alicegoldfuss) from GitHub. This session is part of the “Transform” track at DockerCon; I’m attending it because I think that cultural and operational transformation is key for companies to successfully embrace new technologies like containers and fully maximize the benefits of these technologies. (There’s probably a blog post in that sentence.)

Goldfuss starts out by asking the audience some questions about what they’ve been doing for the last 3 months, and then informs the attendees that they are, in fact, part of the problem.

Goldfuss now digs into the meat of the presentation by covering some terminology. First, what is a rock star? They’re the idea person, the innovator. They’re curious, open-minded, iterating faster, and always looking for the new things and the new ideas. They’re important to our companies, but they do have some weaknesses. They get bored easily, they have no patience for maintenance, and they’re not used to thinking about end user experience. Thus, according to Goldfuss, you can’t have a team of only rock stars.

Next, Goldfuss talks aboutbuilders. Builders Continue reading

DockerCon EU 2017 Day 1 Keynote

This is a liveblog of the day 1 keynote/general session at DockerCon EU 2017 in Copenhagen, Denmark. Prior to the start of the keynote, attendees are “entertained” by occasional clips of some Monty Python-esque production.

At 9:02, the lights go down and another clip appears, the first of several cliups that depict life “without Docker” and then again “with Docker” (where everything is better, of course). It’s humorous and a good introduction to the general session.

Steve Singh, CEO of Docker, now takes the stage to kick off the general session. Singh thanks the attendees for their time, discusses the growth of the Docker community and the Docker ecosystem, welcomes new members of the community (including himself), and positions Docker less as a container company and more as a platform company. (Singh comes to Docker from SAP, following SAP’s acquisition of Concur.) Singh pontificates for a few moments about his background, the changes occurring in the industry, and the “center stage front-row” seat that Docker has to witness—and affect/shape—these changes.

Singh pivots after a few minutes to talk about Docker growth in terms of specific metrics (21 million Docker hosts, for example). This allows him to return to the Continue reading

Docker Platform and Moby Project add Kubernetes

Today we’re announcing that the Docker platform is integrating support for Kubernetes so that Docker customers and developers have the option to use both Kubernetes and Swarm to orchestrate container workloads. Register for beta access and check out the detailed blog posts to learn how we’re bringing Kubernetes to:

• Docker Enterprise Edition
• Docker Community Edition on the desktop with Docker for Mac and Windows
• The Moby Project

Docker is a platform that sits between apps and infrastructure. By building apps on Docker, developers and IT operations get freedom and flexibility. That’s because Docker runs everywhere that enterprises deploy apps: on-prem (including on IBM mainframes, enterprise Linux and Windows) and in the cloud. Once an application is containerized, it’s easy to re-build, re-deploy and move around, or even run in hybrid setups that straddle on-prem and cloud infrastructure.

The Docker platform is composed of many components, assembled in four layers:

• The containerd industry-standard container runtime implementing the OCI standards
• Swarm orchestration that transforms a group of nodes into a distributed system
• Docker Community Edition providing developers a simple workflow to build and ship container applications, with features like application composition, image build and management
• Docker Enterprise Edition, to manage an end Continue reading

Extending Docker Enterprise Edition to Support Kubernetes

At DockerCon Europe, we announced that Docker will be delivering seamless integration of Kubernetes into the Docker platform. Bringing Kubernetes to Docker Enterprise Edition (EE) will simplify and advance the management of Kubernetes for enterprise IT and deliver the advanced capabilities of Docker EE to a broader set of applications.

Swarm and Kubernetes Side-by-Side

Docker EE is an enterprise-grade container platform that includes a private image registry, advanced security features and centralized management for the entire container lifecycle. By including Kubernetes for container orchestration, customers will have the ability to run both Swarm and Kubernetes in the same Docker EE cluster while still leveraging the same secure software supply chain for building and deploying applications.

Figure 1. Docker EE Architecture with Multiple Orchestrators

This is possible because Docker EE has a modular architecture that is designed to support multiple orchestrators. The Linux nodes are both Swarm and Kubernetes-ready and application teams can decide which orchestrator to use at app deployment time.

When creating a new Stack in Docker EE, you are given the choice of deploying it as Swarm Services or as Kubernetes Workloads:

Figure 2. Selectable modes at app deployment time

Upon deployment, the Docker EE dashboard has a “Shared Resources” area Continue reading

Beta Docker for Mac and Windows with Kubernetes

Today, as part of our effort to bring Kubernetes support to the Docker platform, we’re excited to announce that we will also add optional Kubernetes to Docker Community Edition for Mac and Windows. We’re demoing previews at DockerCon (stop by the Docker booth!) and will have a beta program ready at the end of 2017. Sign up to be notified when the beta is ready.

With Kubernetes support in Docker CE for Mac and Windows, Docker Inc. can provide customers an end-to-end suite of container-management software and services that span from developer workstations, through test and CI/CD through to production on-prem or in the cloud.

Docker for Mac and Windows are the most popular way to configure a Docker dev environment and are used everyday by hundreds of thousands of developers to build, test and debug containerized apps. Docker for Mac and Windows are popular because they’re simple to install, stay up-to-date automatically and are tightly integrated with macOS and Windows respectively.

The Kubernetes community has built solid solutions for installing limited Kubernetes development setups on developer workstations, including Minikube (itself based partly on the docker-machine project that predated Docker for Mac and Windows). Common to these solutions however, Continue reading

Technology Short Take 88

Welcome to Technology Short Take #88! Travel is keeping me pretty busy this fall (so much for things slowing down after VMworld EMEA), and this has made it a bit more difficult to stick to my self-imposed biweekly schedule for the Technology Short Takes (heck, I couldn’t even get this one published on Friday!). Sorry about that! Hopefully the irregular schedule is outweighed by the value found in the content I’ve collected for you.

Networking

• Christopher Davis has an article discussing a recommended VPC subnet configuration. This is, of course, just one way of handling subnets within a VPC, but some of the principles outlined in Christopher’s article are definitely sound.
• Speaking of VPCs and subnets, here’s an example of a Terraform module for a VPC with public, private, and internal subnets (similar to the article in the previous bullet).
• Prefer SaltStack to Terraform? No worries, Calvin Hendryx-Parker has an example of building AWS VPCs with SaltStack formulas.
• Phil Bedard (TME at Cisco) has a post discussing telemetry in Cisco IOS-XR.
• Fidelis Ekezue has a high-level “compare-and-constrast” between AWS VPCs and Azure VNETs. This article is pretty high-level; I wish it had a bit more depth to it.
• Abdullah Continue reading

Videos series: Modernizing Java Apps for IT Pros

Today we start releasing a new video series in Docker’s Modernize Traditional Apps (MTA) program, aimed at IT Pros who manage, maintain and deploy Java apps. The video series shows you how to move a Java EE 7 application written to run on Wildfly 3, move it to a Windows Docker container and deploy it to a scalable, highly-available environment in the cloud – without any changes to the app.

These are the first 4 of a 5 part video series in Docker’s Modernize Traditional Apps (MTA) program, aimed at Java IT Pros. The video series shows you how to move a Java EE app on JBoss Wildfly to a Docker container and deploy it to a scalable, highly-available environment in the cloud – without any changes to the app.

Part 1 introduces the series, explaining what is meant by “traditional” apps and the problems they present. Traditional apps are built to run on a server, rather than on a modern application platform. They have common traits, like being complex to manage and difficult to deploy. A portfolio of traditional applications tends to under-utilize its infrastructure, and over-utilize the humans who manage it. Docker Enterprise Edition (EE) fixes that, giving Continue reading

Least Privilege Container Orchestration

The Docker platform and the container has become the standard for packaging, deploying, and managing applications. In order to coordinate running containers across multiple nodes in a cluster, a key capability is required: a container orchestrator.

Orchestrators are responsible for critical clustering and scheduling tasks, such as:

• Managing container scheduling and resource allocation.
• Support service discovery and hitless application deploys.
• Distribute the necessary resources that applications need to run.

Unfortunately, the distributed nature of orchestrators and the ephemeral nature of resources in this environment makes securing orchestrators a challenging task. In this post, we will describe in detail the less-considered—yet vital—aspect of the security model of container orchestrators, and how Docker Enterprise Edition with its built-in orchestration capability, Swarm mode, overcomes these difficulties.

Motivation and threat model

One of the primary objectives of Docker EE with swarm mode is to provide an orchestrator with security built-in. To achieve this goal, we developed the first container orchestrator designed with the principle of least privilege in mind.

In computer science,the principle of least privilege in a distributed system requires that each participant of the system must only have access to  the information and resources that are necessary for its legitimate purpose. No Continue reading

Register for DockerCon Europe 2017 Livestream

For those of you who can’t make it to DockerCon Europe 2017 in Copenhagen, we are thrilled to announce that the General Sessions on both Day 1 and Day 2 of DockerCon will be livestreamed!

Find out about the latest Docker announcements live from Steve Singh (CEO) and Solomon Hykes (Founder and CTO) and enjoy the highly technical demos the Docker team has prepared for you!

Livestream schedule:

• General Session Day 1 on 10/17 from 9am UTC +2
• General Session Day 2 on 10/18 from 9am UTC+2

The livestream player will be embedded on the DockerCon site a few hours prior to the event. Be sure to sign up here to receive an email with the link to the livestream before the general session starts!

Sign up for the DockerCon EU Livestream

We invite you to follow the official Twitter account: @DockerCon and hashtag #DockerCon in order to get the latest updates.

Learn More about DockerCon

• Visit the DockerCon Europe 2017 Website
• Save the date for DockerCon 2018

Watch the live stream of keynotes at #DockerCon Europe | Oct 17 – 18, 9-11am UTC +2
Click To Tweet

The post Register for DockerCon Europe 2017 Livestream appeared first on Docker Blog.

8 Use Cases for Modernizing and Automating Workflows

Managing an organization’s many tools and business processes is becoming increasingly complicated as technology expands. Whether your teams are performing their weekly system reboot, or looking to configure instances to a desired state, it’s no secret that automation is critical to increase speed, efficiency, productivity, and accuracy. Listed below are several instances¹ where automation can help across your enterprise.

• Weekly system reboot: There’s nothing worse than doing the same thing for 8 hours a day! Eliminate repetitive, manual processes with automation.

• Enforce security guidelines: Rules are rules. It’s best to automate in an effort to achieve strict security standards.

• Monitor configuration drift: Use check mode with Ansible tasks to enforce desired settings and see if your configuration has drifted.

• Disaster recovery: Disaster recovery can involve a wide range of components. Act across different variables of the technology stack to identify problems and eliminate cross team dependencies.

• Command blaster: Remarkably easy to write, you can run commands across your environment for any number of servers.

• Database binary patching: Several databases use outdated binary sets. Patch the binaries in accordance with the release of the latest patch.

• Instance provisioning: Use modules for several cloud providers to create new instances and tailor Continue reading

Fumbling Through Networking

This blog post is written by a systems person who has always dodged networking ... until now. I gave Ansible networking modules a try with a vyos Vagrant image. This blog describes how I fumbled through the process of writing my first Ansible playbook to successfully gather facts from a running vyos virtual machine.

First things first, I need a network thingy to run commands on. I don’t have a physical networking thingy so let’s go searching for a virtual one. After some googling for a Cisco IOS virtual machine I found and started to download an ISO. While that was going on I pinged my co-worker Ben on Slack. Ben’s a networking guy within Ansible. I asked him what virtual device he uses. He pointed me at a vyos Vagrant image. So I canceled the Cisco IOS ISO download and ran the needed vagrant commands.

vagrant init higebu/vyos
vagrant up

Ok, that did something but what did it do? Let me try the old vagrant ssh. Nope, that didn’t work. Oh, I got another message from Ben on slack. He mentions I’m going to need a plugin to make this work smoothly with Vagrant and to run:

vagrant plugin install  Continue reading

Brace yourselves, DockerCon Europe 2017 is coming!

DockerCon Europe 2017 is just around the corner and the whole European Docker community is getting ready for four days of incredible learning, networking and collaboration!

If you’re a registered attendee, login on to the DockerCon Europe Agenda Builder using the information you set up during the registration process. You can use the keyword search bar or filter by topics, days, tracks, experience level or target audience to get recommended sessions and build you schedule.

Every DockerCon Europe Attendee should have received an invitation to join the Docker Community Slack (dockercommunity.slack.com). If that’s not the case, please reach out to [email protected] and we’ll make sure to resend the invitation.

Monday 16 October

Attendees who have signed up for Paid-Workshops or want to check in and pick up their badge and backpacks early should plan to be in Copenhagen by Monday morning.

Registration

Registration will be open from 12:00 – 19:30.

Workshops

Interested in attending a DockerCon EU Workshops on Monday? Here is the list of the workshops that are still available:

• Introduction to Docker for Enterprise Developers
• Docker on Windows: From 101 to Production
• Docker for Java Developers
• Learn Docker

If you’ve already registered for a workshop, Continue reading

Introducing Hallway Track: Learn from People Around You at DockerCon

Photo by: Youssef Shoufan at DockerCon Austin 2017

The DockerCon Hallway Track is coming to DockerCon Europe in Copenhagen. We’ve partnered with e180.co once again to deliver the next level of conference attendee networking. Together, we believe that education is a relationship, not an institution, and that a conversation can change someone’s life. After the success of our collaboration in Austin with Moby Mingle, we’re happy to be growing this idea further for Copenhagen.

DockerCon is all about learning new things and connecting with the right people. The Hallway Track will help you meet and share knowledge with community members and practitioners at the conference.  

So, what’s a Hallway Track?

DockerCon Hallway Track is a one-on-one or group conversations based on topics of interest that you schedule with other attendees during DockerCon. Hallway Track’s recommendation algorithm curates an individualized selection of Hallway Track topics for each participant, based on their behavior and interests.

It’s simple:

1. Explore the knowledge Offer and Requests –where all participants post the knowledge they are willing to share.
2. Pick something you want to learn or create your own Offer or Request.
3. Book your Hallway Tracks and meet in person at Continue reading

Ansible Tower 3.2: Available Now

We're happy to announce that Red Hat Ansible Tower 3.2 is now generally available.

With Red Hat^® Ansible^® Tower 3.2, we're working to make sure you can automate more flexibly, and manage more globally across your enterprise. For more information:

• Check out the Ansible Tower 3.2 documentation
• See our Deep Dive into Ansible Tower 3.2
• Join us for our What’s New in Ansible Tower 3.2 Webinar on Tuesday, Oct 10^th at 2PM EDT

Go get it now via local install, Vagrant, or Amazon AMI. Ansible Tower 3.2 is available for Red Hat Enterprise Linux 7, CentOS 7, Ubuntu 14.04, and Ubuntu 16.04. If you have any questions, or run into any issues, don't hesitate to contact us via the Red Hat Customer Portal.

Your Docker Agenda for JavaOne

If you are one of the thousands that will be in San Francisco for JavaOne Oct 1-5th, don’t miss the opportunity to level-up your knowledge around container technology and Docker Community and Enterprise Edition. We’ve listed our must-attend sessions below:

Monday, October 2nd

Monday, Oct 02, 11:00 a.m. – 11:45 a.m. | Java in a World of Containers [CON4429]

Speakers: Paul Sandoz and Mikael Vidstedt, Oracle

This session explains how OpenJDK 9 fits into the world of containers, specifically how it fits with Docker images and containers. The first part of the session focuses on the production of Docker images containing a JDK. It introduces technologies, such as J-Link, that can be used to reduce the size of the JDK and discusses the inclusion of class-data-sharing (CDS) archives and ahead-of-time (AOT) shared object libraries. The second part describes how the Java process can be a good citizen when running within a Java container and obeying resource limits. The presentation also covers the role of CDS archives and AOT shared object libraries that can be shared across running containers to reduce startup time or memory usage.

Tuesday, October 3rd

8:30 a.m. – 10:30 a.m. |   Continue reading

Kubernetes 1.8 release integrates with containerd 1.0 Beta

Intent of containerd effort

When containerd was first developed it had two goals. The first was to solve the upgrade problem with running containers and provide a codebase where OCI runtimes, like runc, could be integrated into Docker.  However, as needs change in the container space and after speaking  with various members of the community at the beginning of this year, we decided to expand the scope of containerd and make it a fully functional container daemon with storage, image distribution and runtime.

containerd fully supports the OCI Runtime and Image specifications that are part of the recently released 1.0 specifications. Additionally, it was important to build a stable runtime for users and platform builders. We wanted containerd to be fully functional; but also, it needed to retain a small core codebase so that it is easy to maintain and support in the long run with an LTS release receiving backported patches on a stable API.

To demonstrate the progress made on the project,  Stephen Day presented the current status of containerd 1.0 alpha at the Moby Summit in LA two weeks ago,:

Check out the getting started with containerd guide to get your feet wet with containerd if you want to integrate Continue reading

Introducing the Docker Global Professional Certification Program

Docker is excited to announce the first and only official professional certification program for the Docker Enterprise Edition (EE) platform.

The new Docker Certified Associate (DCA) certification, launching at DockerCon Europe on October 16, 2017, serves as a foundational benchmark for real-world container technology expertise with Docker Enterprise Edition. In today’s job market, container technology skills are highly sought after and this certification sets the bar for well-qualified professionals. The professionals that earn the certification will set themselves apart as uniquely qualified to run enterprise workloads at scale with Docker Enterprise Edition and be able to display the certification logo on resumes and social media profiles.

The DCA is the first in a comprehensive multi-tiered certification program and the exam was created by top practitioners using a rigorous development process. It consists of 55 questions to be completed over 80 minutes covering essential skills on Docker Enterprise Edition.  The exam can be taken anywhere in the world at any time and is delivered using remote proctoring technology to ensure exam security while creating a simple and streamlined test taking experience for candidates.

Be among the first to earn the DCA designation and gain recognition for your enterprise container skills.

Get Started now

Be Continue reading

Upcoming Spousetivities Events

Long-time readers/followers know that my wife, Crystal, runs a program called Spousetivities. This program organizes events for spouses/partners/significant others at IT industry conferences. This fall is a particularly busy season for Crystal and Spousetivities, as she’ll be organizing events at DockerCon EU, the fall OpenStack Summit, and AWS re:Invent! Here are some details on these upcoming events.

DockerCon EU 2017

For the first time, Spousetivities will be present at DockerCon EU, taking place this year in Copenhagen, Denmark. There’s a great set of activities planned:

• City tour of Copenhagen
• Castle tour, including Kronborg and Frederiksborg
• Food tour and Tivoli Gardens

More information is available on the Spousetivities web site; if you’d like to register for any of the events, tickets are available right now.

OpenStack Summit Sydney

Spousetivities returns to the fall OpenStack Summit, held this year in beautiful Sydney, Australia. Spousetivities is no stranger to the OpenStack Summits, having supported the OpenStack community for several years now.

Once again, Crystal has arranged a great set of activities in and around Sydney:

• Picturesque tour up to the Blue Mountains
• City tour of Sydney, including some beautiful hidden beaches
• Hunter Valley wine tour

This blog post on the Spousetivities Continue reading

Faster Builds with Ansible Container 0.9.2

The focus for the latest release of Ansible Container is on making builds faster through the availability of pre-baked Conductor images. The release landed this week thanks to the dedication of Joshua ‘jag’ Ginsberg, Ansible’s Chief Architect, who managed to put the finishing touches on the release while at AnsibleFest San Francisco.

The Ansible Container project is dedicated to helping Ansible users re-use existing Ansible roles and playbooks to build containers, and deploy applications to OpenShift. The Conductor container is at the center of building, orchestrating, and deploying containers. It’s the engine that makes it all work, and it brings with it a copy of Ansible, a Python runtime, docker packages, and other dependencies.

The first step, before any serious work gets done by the command line tool, is standing up a Conductor container. And up until now, that meant building the image from scratch, and waiting through all the package downloading and installing. This happens at the start of a project, and repeats anytime you find yourself needing to rebuild from scratch.

With this release, the team has made available a set of pre-baked images based on several distributions that are popular within the community. These images are currently Continue reading

The Docker Modernize Traditional Apps (MTA) Program Adds Microsoft Azure Stack

In April of this year, Docker announced the Modernize Traditional Apps (MTA) POC program with partners Avanade, Booz Allen, Cisco, HPE and Microsoft. The MTA program is designed to help IT teams flip the 80% maintenance to 20% innovation ratio on it’s head. The combination of Docker Enterprise Edition (EE), services and infrastructure into a turnkey program delivers portability, security and efficiency for the existing app portfolio to drive down total costs and make room for innovation like cloud strategies and new app development. The program starts by packaging of existing apps into isolated containers, providing the opportunity to migrate them to new on-prem or cloud environments, without any recoding.

Docker customers have already been taking advantage of the program to jumpstart their migration to Azure and are experiencing dramatically reduced deployment and scaling times — from weeks to minutes —  and cutting their total costs by 50% or more.

The general availability of Microsoft Azure Stack provides IT with the ability to manage their datacenters in the same way they manage Azure. The consistency in hybrid cloud infrastructure deployment combined with consistency in application packaging, deployment and management only further enhance operational efficiency. Docker is pleased Continue reading