Introducing the Docker Certification Program for Infrastructure, Plugins and Containers
In conjunction with the introduction of Docker Enterprise Edition (EE), we are excited to announce the Docker Certification Program and availability of partner technologies through Docker Store. A vibrant ecosystem is a sign of a healthy platform and by providing a program that aligns Docker’s commercial platform with the innovation coming from our partners; we are collectively expanding choice for customers investing in the Docker platform.
The Docker Certification Program is designed for both technology partners and enterprise customers to recognize Containers and Plugins that excel in quality, collaborative support and compliance. Docker Certification is aligned to the available Docker EE infrastructure and gives enterprises a trusted way to run more technology in containers with support from both Docker and the publisher. Customers can quickly identify the Certified Containers and Plugins with visible badges and be confident that they were built with best practices, tested to operate smoothly on Docker EE.
Save Your Seat: Webinar – Docker Certified and Store on March 21st.
There are three categories of Docker Certified technology available:
- Certified Infrastructure: Include operating systems and cloud providers that the Docker platform is integrated and optimized for and tested for certification. Through this, Docker provides a great user Continue reading
Announcing Docker Enterprise Edition
Today we are announcing Docker Enterprise Edition (EE), a new version of the Docker platform optimized for business-critical deployments. Docker EE is supported by Docker Inc., is available on certified operating systems and cloud providers and runs certified Containers and Plugins from Docker Store. Docker EE is available in three tiers: Basic comes with the Docker platform, support and certification, and Standard and Advanced tiers add advanced container management (Docker Datacenter) and Docker Security Scanning.
For consistency, we are also renaming the free Docker products to Docker Community Edition (CE) and adopting a new lifecycle and time-based versioning scheme for both Docker EE and CE. Today’s Docker CE and EE 17.03 release is the first to use the new scheme.
Docker CE and EE are released quarterly, and CE also has a monthly “Edge” option. Each Docker EE release is supported and maintained for one year and receives security and critical bugfixes during that period. We are also improving Docker CE maintainability by maintaining each quarterly CE release for 4 months. That gets Docker CE users a new 1-month window to update from one version to the next.
Both Docker CE and EE are available on a wide range of Continue reading
Customizing Docker Engine on CentOS Atomic Host
I’ve been spending some time recently with CentOS Atomic Host, the container-optimized version of CentOS (part of Project Atomic). By default, the Docker Engine on CentOS Atomic Host listens only to a local UNIX socket, and is not accessible over the network. While CentOS has its own particular way of configuring the Docker Engine, I wanted to see if I could—in a very “systemd-like” fashion—make Docker Engine on CentOS listen on a network socket as well as a local UNIX socket. So, I set out with an instance of CentOS Atomic Host and the Docker systemd docs to see what I could do.
The default configuration of Docker Engine on CentOS Atomic Host uses a systemd unit file that references an external environment file; specifically, it references values set in /etc/sysconfig/docker, as you can see from this snippet of the docker.service unit file:
ExecStart=/usr/bin/dockerd-current \
--add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \
--default-runtime=docker-runc \
--exec-opt native.cgroupdriver=systemd \
--userland-proxy-path=/usr/libexec/docker/docker-proxy-current \
$OPTIONS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
$ADD_REGISTRY \
$BLOCK_REGISTRY \
$INSECURE_REGISTRY
The $OPTIONS variable, along with the other variables at the end of the ExecStart line, are defined in /etc/sysconfig/docker. That value, by default, looks like this:
OPTIONS='--selinux-enabled --log-driver=journald --signature-verification=false'
Introducing Ansible Tower 3.1
We're excited to announce the release of Ansible Tower 3.1. Our engineering team has been hard at work on enhancing Ansible Tower to allow teams to harness the power of automation across servers, applications, environments, and networks, and with Ansible Tower 3.1, we've brought together a variety of enhancements that allow your teams to automate more processes, more frequently, and more easily analyze the results of your automation across the enterprise
Model complex processes with multi-Playbook workflows
Ansible brought simple, agentless automation to IT. But some IT processes don't lend themselves to being automated in a single Playbook - if you're provisioning environments, you may want to handle basic provisioning, default configuration, and application deployment differently. And once you've automated those tasks, you want to reuse those tasks in different ways, or in different environments. Plus, what if a deployment goes wrong? You may need to back your environment out to the last known good state.
To solve these issues, we developed Tower workflows. With Tower workflows, you can chain together any number of Playbooks together into a workflow, with each workflow step potentially using a different Playbook, inventory, set of credentials, and more. Easily launch one or more Continue reading
Introducing Ansible Tower 3.1
We're excited to announce the release of Ansible Tower 3.1. Our engineering team has been hard at work on enhancing Ansible Tower to allow teams to harness the power of automation across servers, applications, environments, and networks, and with Ansible Tower 3.1, we've brought together a variety of enhancements that allow your teams to automate more processes, more frequently, and more easily analyze the results of your automation across the enterprise
Model complex processes with multi-Playbook workflows
Ansible brought simple, agentless automation to IT. But some IT processes don't lend themselves to being automated in a single Playbook - if you're provisioning environments, you may want to handle basic provisioning, default configuration, and application deployment differently. And once you've automated those tasks, you want to reuse those tasks in different ways, or in different environments. Plus, what if a deployment goes wrong? You may need to back your environment out to the last known good state.
To solve these issues, we developed Tower workflows. With Tower workflows, you can chain together any number of Playbooks together into a workflow, with each workflow step potentially using a different Playbook, inventory, set of credentials, and more. Easily launch one or more Continue reading
The Linux Migration: Other Users’ Stories, Part 1
Shortly after I announced my intention to migrate to Linux as my primary desktop OS, a number of other folks contacted me and said they had made the same choice or they had been encouraged by my decision to also try it themselves. It seems that there is a fair amount of pent-up interest—at least in the IT community—to embrace Linux as a primary desktop OS. Given the level of interest, I thought it might be helpful for readers to hear from others who are also switching to Linux as their primary desktop OS, and so this post kicks off a series of posts where I’ll share other users’ stories about their Linux migration.
In this first post of the series, you’ll get a chance to hear from Roddy Strachan. I’ve structured the information in a “question-and-answer” format to make it a bit easier to follow.
Q: Why did you switch to Linux?
I was a heavy Windows user due to corporate requirements. It was just easy to run Windows. I never ran the standard corporate build, but instead ran my own managed version of Windows 10; this worked well. I switched because I wanted to experiment with Linux Continue reading
containerd summit recap: slides, videos and meeting notes
Last week, we hosted a containerd summit for contributors and maintainers. Containerd is a core container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision, snapshot storage for container filesystems and a few other things to make the management of containers robust.
We started off by getting everyone up to speed on the project, roadmap and goals before diving down into specific issues and design of containerd. We had a couple breakout sessions where we discussed blocking issues and feature requests by various members of the community. You can see a summary of the breakout sessions in last week’s development report in the containerd repository and the various presentations below:
Deep Dive into containerd by Michael Crosby, Stephen Day, Derek McGowan and Mickael Laventure (Docker)
Driving containerd operations with gRPC by Phil Estes (IBM)
containerd and CRI by Tim Hockin (Google)
We ended the day with discussions around governance and extension model. Watch this video recording to learn more about why and how core contributors are thinking about integrating containerd with other Continue reading
Build Your DockerCon Agenda!
It’s that time of the year again…the DockerCon Agenda Builder is live!
Whether you are a Docker beginner or have been dabbling in containers for a while now, we’re confident that DockerCon 2017 will have the right content for you. With 7 tracks and more than 60 sessions presented by Docker Engineering, Docker Captains, community members and corporate heavyweights such as Intuit, MetLife, PayPal, Activision and Netflix, DockerCon 2017 will cover a wide range of container tech use cases and topics.
Build your agenda
We encourage you to review the catalogue of DockerCon sessions and build your agenda for the week. You’ll find a new agenda builder that allows you to apply filters based on your areas of interest, experience, job role and more!
Check Out All The Sessions
One of our favorite features of the Agenda Builder is the recommendations generated based on your profile and marked interest sessions. To unlock the recommendations feature you’ll need to sign up for a DockerCon account.
Within this tool you’ll be able to adjust your agenda, rate sessions and add notes to reference after the conference. All of your selections features will be available in the DockerCon mobile app once Continue reading
Networking Features Coming Soon in Ansible 2.3
It’s been a year since the first networking modules were developed and included in Ansible 2.0. Since then, there have been two additional Ansible releases and more than 175 modules added, with 24 networking vendor platforms enabled. With the fantastic efforts from the community and our networking partners, Ansible has been able to add more and more features for networking use cases. In the forthcoming Ansible 2.3 release, the focus on networking enablement now turns to increasing performance and adding connection methods that provide compatibility and flexibility.
Looking ahead to Ansible 2.3, the most notable additions planned are:
- Persistent connections framework
- The network_cli connection plugin
- The netconf connection plugin
Why are these features important?
Since Ansible 2.0, the primary focus for networking enablement has been to help increase the number of third-party devices that have modules included by default. As this list grows (we expect to have even more platforms and modules in Ansible 2.3), Ansible and Ansible Tower continue to be trusted components of critical networking production deployments.
The development of these plugins further demonstrates the value and investment Ansible and the community have made into networking infrastructure enablement. As we approach the Ansible Continue reading
Adding Metadata to the Arista vEOS Vagrant Box
This post addresses a (mostly) cosmetic issue with the current way that Arista distributes its Vagrant box for vEOS. I say “mostly cosmetic” because while the Vagrant box for vEOS is perfectly functional if you use it via Arista’s instructions, adding metadata as I explain here provides a small bit of additional flexibility should you need multiple versions of the vEOS box on your system.
If you follow Arista’s instructions, then you’ll end up with something like this when you run vagrant box list:
arista-veos-4.18.0 (virtualbox, 0)
bento/ubuntu-16.04 (virtualbox, 2.3.1)
centos/6 (virtualbox, 1611.01)
centos/7 (virtualbox, 1611.01)
centos/atomic-host (virtualbox, 7.20170131)
coreos-stable (virtualbox, 1235.9.0)
debian/jessie64 (virtualbox, 8.7.0)
Note that the version of the vEOS box is embedded in the name. Now, you could not put the version in the name, but because there’s no metadata—which is why it shows (virtualbox, 0) on that line—you wouldn’t have any way of knowing which version you had. Further, what happens when you want to have multiple versions of the vEOS box?
Fortunately, there’s an easy fix (inspired by the way CoreOS distributes their Vagrant box). Just create a file with the Continue reading
How about family spring break in Austin?
Are you looking for Spring Break plans with the family? Look no further than DockerCon 2017! Located in sunny Austin, Texas April 17-20, DockerCon provides learning and entertainment for all members of the family.
Childcare
As part of our efforts to make DockerCon’s doors open to all, we are excited to announce that we will be partnering again this year with Big Time Kid to provide childcare at DockerCon! Gone are the days of “Mom / Dad has to stay home with the kids…” – you can now bring the whole family to DockerCon!
Childcare will be offered:
- Monday, April 17 1:00pm – 7:30pm
- Tuesday, April 18 8:00am – 6:30pm
- Wednesday, April 19 8:00am – 5:30pm
- Thursday, April 20 8:00am – 12:00pm
Following in the success of last year, we have chosen Big Time Kid Care as our childcare provider. All caregivers and staff are certified, fully insured and experienced in child education and care with police background checks. Big Time Kid Care will be well equipped and excited to take good care of your little ones at a kid-friendly play room close to the DockerCon activities at Austin Convention Center. Games, activities, breakfast and lunch will be provided.
Spousetivities
Ansible Is 5 Years Old Today!
Five years ago today, Michael DeHaan created this commit:
commit f31421576b00f0b167cdbe61217c31c21a41ac02
Author: Michael DeHaan
Date: Thu Feb 23 14:17:24 2012 -0500
Genesis.
When you create something you intend to release as open-source software, you never know if it will be something others are actually interested in using (much less contributing to).
Michael invited me to join Ansible when it was just over a year old as a project, and I have seen it grow from an already wildly popular project into something used by people around the world. The thing that makes Ansible the strongest though, by far, is its community of users and contributors. So join us in wishing Happy Birthday by sharing how you innovate with Ansible!
Tweet #AnsibleBirthday
Ansible Community – 2016 Year in Review
It's time again for the annual Ansible community review. Time flies. Our upward trajectory generally continued from 2014 and 2015 through 2016, and our growth continued to bring new challenges and new opportunities.
Let's start again, as we do every year, with a look at the numbers.
Debian Popcon
Debian’s Popularity Contest is an opt-in way for Debian users to share information about the software they’re running on their systems.
Caveats abound with this graph -- but even though it represents only a small sample of the Linux distro world, it’s useful because it’s one of the few places where we can really see an apples-to-apples comparison of install bases of the various tools. Because Ansible is agentless, we compare the Ansible package to the server packages of other configuration management tools. (Chef does not make a Debian package available for Chef server.)
We see that Ansible has continued its steady growth through the end of 2016, nearly doubling its Popcon install base again in 2016.
Github Stars
Ansible continued in 2016 to extend its already significant lead in GitHub Stars over other tools in the configuration management space, passing the 20k mark in December 2016.
Github Contributors
Launching an Open Source Book Project
In my list of planned 2017 projects, I mentioned that one thing I’d like to do this year is launch an open source book project. Well, I’m excited to announce The Open vSwitch Cookbook, an Apache 2.0-licensed book project aimed at providing “how to” recipes for Open vSwitch (OVS).
Portions of the book are already available, with more content being added soon (more on that in a moment).
I’m using GitBook as the publishing platform; this allows me to write in Markdown and publish to a variety of formats. I’ll only be publishing to HTML at first; other formats may come down the road. I chose GitBook for a few reasons:
- It’s free for open source projects. This book, as well as the software that is its focus, are both open source projects.
- As I mentioned already, I can use Markdown for all the content.
- It allows me to store the book in a Git repository and use standard Git workflows.
I decided against using GitBook to host the Git repository for the book. Instead, the book’s source is found on GitHub. This enables collaboration on the book’s content—an aspect of this project that I think Continue reading
What’s new at DockerCon 2017
If you’ve attended multiple DockerCons, you should know that the DockerCon team is always looking for new and exciting programs to improve on the previous editions. Last year, we introduced a ton of new DockerCon programs including a new Black Belt Track, a DockerCon scholarships, Workshops, etc. This year we’re excited to introduce more DockerCon goodness!
Using Docker and Docker Deep Dive Tracks
In the past editions, we received great attendee feedback requesting to split the Docker, Docker, Docker track into two separate tracks. We’ve heard you and as a result are happy to introduce the Using Docker and Docker Deep Dive tracks.
The Using Docker track is for everyone who’s getting started with Docker or wants to better implement Docker in their workflow. Whether you’re a .NET, Java or Node.js developer looking to modernizing your applications, or an IT Pro who wants to learn about Docker orchestration and application troubleshooting, this track will have specific sessions for you to get up to speed with Docker.
The Docker Deep Dive track focuses on the technical details associated with the different components of the Docker platform: advanced orchestration, networking, security, storage, management and plug-ins. The Docker engineering leads will walk Continue reading
Dockercast Interview: Docker Captain Stefan Scherer on Microsoft and Docker
In this podcast we chat with Docker Captain and newly minted Microsoft MVP Stefan Scherer. Stefan has done some fantastic work with Docker for Windows and Microservices. We also talk about how lift and shift models work really well for Docker and Windows and Stefan walks us through some of the basics of running Docker on Windows. In addition to the podcast, below is his interview on why being a Captain allows him to give back to the awesome Docker community.
Dockercast with Stephen Scherer
Interview with Stefan Scherer
How has Docker impacted what you do on a daily basis?
How has Docker impacted what you do on a daily basis?Docker helps me to keep my machines clean. I realize more and more that you only need a few tools on your laptop, keeping it clean and lean. And instead of writing documentation on how to build a piece of software, describe all steps in a Dockerfile. So multi GByte fat developer VM’s we maintained some years ago shrink down so a few KByte Dockerfiles for each project. No time-consuming backups needed, just keep the Dockerfile in your sources and have a backup of your Git repos.
Having practiced that on Mac and Linux now for a while, I’m happy Continue reading
Technology Short Take #78
Welcome to Technology Short Take #78! Here’s another collection of links and articles from around the Internet discussing various data center-focused technologies.
Networking
- The rise of the disaggregated network operating system (NOS) marches on: this time, it’s Big Switch Networks announcing expanded hardware support in Open Network Linux (ONL), upon which its own NOS is based.
- The Pivotal Engineering blog has an article that shows how to use BOSH with the vSphere CPI to automate adding servers to an NSX load balancing pool.
- Mircea Ulinic has a nice article describing the combination of NAPALM and Salt for network automation.
- Here’s a post by Ron Fuller on changing the IP address of NSX Manager.
Servers/Hardware
Nothing this time around, sorry!
Security
- As part of some research around my Linux migration, I came across this write-up on how to do encrypted instant messaging on OS X with Adium and Off the Record (OTR). I’ve been using OTR with Adium for a while so this wasn’t new to me, but I wanted to share it here for others who may not be familiar with the solution. (I use OTR with Adium on OS X, and OTR with Pidgin on my Fedora Linux Continue reading
Correlating OVS and Guest Domain Interfaces
I’ve written a fair amount about Open vSwitch (OVS), including some articles on using it with KVM and Libvirt. One thing I haven’t discussed in such environments, though, is the potential challenge of mapping network interfaces in a guest domain to the corresponding OVS interface (for the purposes of troubleshooting, for example). There is no single command that will provide a guest-to-OVS interface map (as far as I know), but this information is easily gathered using a couple commands.
Gathering Information About the Guest Interface
First, we’ll need to gather some information about the interface from the guest domain’s perspective. There are two ways we can do this: from within the guest OS itself, or by interrogating Libvirt.
Working from Within the Guest OS
Inside the guest domain (I’m assuming you’re using a relatively recent Linux distribution), you only need to use standard commands like ip link list or ip addr list. The goal is to obtain the MAC address assigned to the particular guest interface. So, for example, if you wanted to get the MAC address for the guest “eth0” interface, you’d run:
ip link list eth0
To isolate only the MAC address from the output of that Continue reading
Fixing Double Sublime Text Icons on Fedora 25
In my previous post on how to install Sublime Text 3 (ST3) on Fedora 25, I mentioned that I have observed instances where launching ST3 via the subl command creates an additional icon in the Dash. While searching for a solution to an issue with LibreOffice icons, I found a fix for this problem.
The fix is to add this line to the sublime-text.desktop file (typically found in /usr/share/applications):
StartupWMClass=subl
This tells Fedora and GNOME that when a window with the WMClass of “subl” appears, it should be considered a Sublime Text window. Once you add this line to the sublime-text.desktop file, then launching ST3 either via the GUI or via the subl command should create only a single ST3 icon in the Dash.
Now, back to trying to figure out this LibreOffice icon issue…
Announcing Docker Birthday #4: Spreading the Docker Love!
Community is at the heart of Docker and thanks to the hard work of thousands of maintainers, contributors, Captains, mentors, organizers, and the entire Docker community, the Docker platform is now used in production by companies of all sizes and industries.
To show our love and gratitude, it has become a tradition for Docker and our awesome network of meetup organizers to host Docker Birthday #4 meetup celebrations all over the world. This year the celebrations will take place during the week of March 13-19, 2017. Come learn, mentor, celebrate, eat cake, and take an epic #dockerselfie!
Docker Love
We wanted to hear from the community about why they love Docker!
Wellington Silva, Docker São Paulo meetup organizer said “Docker changed my life, I used to spend days compiling and configuring environments. Then I used to spend hours setting up using VM. Nowadays I setup an environment in minutes, sometimes in seconds.”
Love the new organization of commands in #Docker 1.13!
— Kaslin Fields (@kaslinfields) January 25, 2017
Docker Santo Domingo organizer, Victor Recio said, “Docker has increased my effectiveness at work, currently I can deploy software to production environment without worrying that Continue reading