The Dockerizing of VMworld 2016
Containers have landed…in VMs in the enterprise.
Docker’s adoption continues to grow in the enterprise. There have been over 5 billion images pulls, and 60% of users are running Docker in production environments. Today Docker is run everywhere – from development to production; in the cloud, on virtual machines and bare-metal servers. Enterprise application teams around the world are seeing the value of Docker containers and how they help them containerize their existing applications to save money and better utilize infrastructure resources.
To get the latest with Docker and vms stop by our Docker booth #2362 at VMworld. Containers and vms are different but are complementary when it comes to application deployment. With their ability to optimize infrastructure resources, accelerate deployment and provide additional security, Docker containers bring some serious benefits to virtualized workloads within enterprise environments. Additionally, a Dockerized workload gains portability as containers move from VMs or bare metal systems, on prem or in the cloud. That same platform serves as the foundation for your new microservices applications as well.
The Docker booth experience you won’t want to miss:
Live demos – Three live demos will be featured in the booth, including:
- Deploy your very first Docker container with a quick hands Continue reading
Securing the Enterprise Software Supply Chain Using Docker
At Docker we have spent a lot of time discussing runtime security and isolation as a core part of the container architecture. However that is just one aspect of the total software pipeline. Instead of a one time flag or setting, we need to approach security as something that occurs at every stage of the application lifecycle. Organizations must apply security as a core part of the software supply chain where people, code and infrastructure are constantly moving, changing and interacting with each other.
If you consider a physical product like a phone, it’s not enough to think about the security of the end product. Beyond the decision of what kind of theft resistant packaging to use, you might want to know where the materials are sourced from and how they are assembled, packaged, transported. Additionally it is important to ensure that the phone is not tampered with or stolen along the way.
The software supply chain maps almost identically to the supply chain for a physical product. You have to be able to identify and trust the raw materials (code, dependencies, packages), assemble them together, ship them by sea, land, or air (network) to a store (repository) so the item Continue reading
Your Software is Safer in Docker Containers
The Docker security philosophy is Secure by Default. Meaning security should be inherent in the platform for all applications and not a separate solution that needs to be deployed, configured and integrated.
Today, Docker Engine supports all of the isolation features available in the Linux kernel. Not only that, but we’ve supported a simple user experience by implementing default configurations that provide greater protection for applications running within the Docker Engine, making strong security default for all containerized applications while still leaving the controls with the admin to change configurations and policies as needed.
But don’t take our word for it. Two independent groups have evaluated Docker Engine for you and recently released statements about the inherent security value of Docker.
Gartner analyst Joerg Fritsch recently published a new paper titled How to Secure Docker Containers in Operation on this blog post. In it Fritsch states the following:
“Gartner asserts that applications deployed in containers are more secure than applications deployed on the bare OS” because even if a container is cracked “they greatly limit the damage of a successful compromise because applications and users are isolated on a per-container basis so that they cannot compromise other containers or the host OS”.
Additionally, NCC Group contrasted the security Continue reading
Weekly Roundup: Top 5 Docker articles of the week
This week, we announced the launch of the Docker Scholarship program, got to know our featured Docker Captains, and aired the first #Dockercast episode. As we begin a new week, let’s recap our top 5 most-read stories for the week of August 14, 2016:
- Docker Scholarship Program: Docker announced the launch of a new scholarship program, in partnership with Reactor Core, a network of coding schools. The application period is open and interested applicants can apply here.
- Docker Captains: meet and greet with our three selected August Captains. Learn how they got started, what they love most about Docker, and why Docker.
- Dockercast Episode 1: this podcast guest stars Ilan Rabinovitch the Director of Technical Community at Datadog and discusses Monitoring-as-a-Service, Docker metadata and Docker container monitoring information.
- Docker on Raspberry Pi: an informative guide to getting started with Docker on Raspberry Pi by Docker Captain Alex Ellis
- Powershell with Docker: introduction to building your own custom Docker container image, that runs PowerShell natively on Ubuntu Linux by Larry Larsen & Docker Captain Trevor Sullivan at Channel 9
5 #docker stories you don’t want to miss this week cc @chanwit @vfarcic @idomyowntricks Continue reading
Your Docker Agenda for LinuxCon North America
Hey Dockers! We’re excited to be back at LinuxCon this year in Toronto and hope you are, too! We’ve a got a round-up of many of our awesome Docker speakers, as well as a booth. Come visit us in between the sessions at booth #41 inside “The Hub”. You may even be able to score yourself some Docker swag.
Monday:
11:45am – Curious about the Cloud Native Computing Foundation, Open Container Initiative, Cloud Foundry Foundation and their role in the cloud ecosystem? Docker’s Stephen Walli joins other panelists to deliver So CFF, CNCF, and OCI Walk into a Room (or ‘Demystifying the Confusion: CFF, CNCF, OCI).
3:00pm – Docker Captain Phil Estes will describe and demonstrate the use of the new schema format’s capabilities for multiple platform-specific image references in his More than x86_64: Docker Images for Multi-Platform session.
4:20 pm – Join Docker’s Mike Coleman for Containers, Physical, and virtual, Oh My! insight on what points businesses need to consider as they decide how and where to run their Docker containers.
Tuesday:
2:00pm – Docker Captain Phil Estes is back with Runc: The Little (Container) Engine that Could where he will 1) give an overview Continue reading
New Dockercast episode with Ilan Rabinovitch from Datadog
In case you missed it, we launched Dockercast, the official Docker Podcast earlier this month including all the DockerCon 2016 sessions available as podcast episodes.
In this podcast we talk to Ilan Rabinovitch the Director of Technical Community at Datadog. I first met Ilan back at SCALE8X (Southern California Linux Expo) 6 years ago. Ilan has been running SCALE since it’s inception. 
As Ilan points out in the podcast, our very own Jérôme Petazzoni packed the house back at SCALE11x (2013). At Datadog Ilan has been working with the Docker community on monitoring containers and developing what Datadog calls their Monitoring-as-a-Service offering that combines Docker metadata and Docker container monitoring information. Ilan discusses some of the differences of monitoring containers versus virtual machines. We also talk about Datadog’s adoption surveys highlighting the unprecedented “wildfire” adoption of technology unseen since Linux and Apache. Hope you enjoy our conversation.
You can find the latest #Dockercast episodes on the Itunes Store or via the SoundCloud RSS feed.
New #dockercast episode w/ host @botchagalupe and @irabinovitch from @datadoghq as a guest!
Click To Tweet
The post New Dockercast episode with Ilan Rabinovitch from Datadog appeared first on Docker Blog.
Apply for a Docker Scholarship and learn how to code!
Today, Docker is proud to announce the launch of the Docker Scholarship Program in partnership with Reactor Core to improve opportunities for underrepresented groups in the tech industry! With the help of the community, we surpassed our goal for the DockerCon 2016 Bump Up Challenge unlocking $50,000 to fund three full tuition scholarships.
The Docker Scholarship Program is part of our continued work to improve opportunities for women and underrepresented groups throughout the global Docker ecosystem and encourage inclusivity in the larger tech community.
Docker’s Goal
The goal of the Docker scholarship program is to strengthen the broader tech community by making it more diverse and inclusive to traditionally underrepresented groups. We aim to achieve that goal by providing financial support and mentorship to three students at Reactor Core’s partner schools, Hack Reactor and Telegraph Academy.
Our Partnership with Hack Reactor and Telegraph Academy
Docker believes in the power of innovation and pushing our current technological boundaries. As a driver of innovation, we embrace our role in advancing opportunities for underrepresented groups in the tech industry. Hack Reactor and Telegraph Academy share in our vision of empowering people and creating more opportunities for every member of our community. Continue reading
5 Minutes with the Docker Captains
Docker Captain is a distinction that Docker awards select members of the community that are both experts in their field and are passionate about sharing their Docker knowledge with others. Captains are Docker ambassadors (not Docker employees) and their genuine love of all things Docker has a huge impact on the Docker community – whether they are blogging, writing books, speaking, running workshops, creating tutorials and classes, offering support in forums, or organizing and contributing to local events – they make Docker’s mission of democratizing technology possible. Whether you are new to Docker or have been a part of the community for awhile, please don’t hesitate to reach out to Docker Captains with your challenges, questions, speaking requests and more.
Docker Weekly | Roundup
This week, we’re taking a look at how to quickly create a Docker swarm cluster, setup a mail forwarder on Docker, and better understand the new Docker 1.12.0 load-balancing feature. As we begin a new week, let’s recap our top 5 most-read stories for the week of August 7, 2016:
VMworld 2016 Prayer Time
For the last couple of years, I’ve helped organize a gathering of Christians for a brief time of prayer while at VMworld. This year, I’d like to again offer fellow believers attending VMworld 2016 the same opportunity to gather together for a time of prayer before starting the day. If you’re interested in attending, here are the details.
What: A brief time of prayer
Where: Mandalay Bay Convention Center, level 1 (same level as the food court), at the bottom of the escalators heading upstairs
When: Monday 8/29 through Thursday 9/1 at 7:45am (this should give everyone enough time to grab breakfast before the keynotes start at 9am)
Who: All courteous attendees are welcome, but please note that this will be a distinctly Christian-focused and Christ-centric activity. (I encourage believers of other faiths/religions to organize equivalent activities.)
Why: To spend a few minutes in prayer over the day, the conference, and the attendees
As in previous years, there’s no need to RSVP or let me know that you’ll be there, although you’re welcome to do so if you’d like. There’s also no need to bring anything except an open heart and a willingness to display your faith in front Continue reading
Technology Short Take #70
Welcome to Technology Short Take #70! In this post you’ll find a collection of links to articles discussing the major data center technologies—networking, hardware, security, cloud computing, applications, virtualization…you name it! (If there’s a topic you think I’m missing, I’d love to hear from you.)
Networking
- MTU in OpenStack Neutron has been, as this article by Sam Yaple points out, a bit of a touchy subject. Fortunately, it looks like progress has been made on that front, so check out Sam’s post for more details.
- Jason Edelman has an article from back in January that describes the use of Big Switch’s Big Cloud Fabric (BCF) and Big Monitoring Fabric (BMF) in conjunction with Ansible (via some Ansible modules that Jason himself developed).
- Dwayne Sinclair covers the basics of SpoofGuard in NSX, and how to interact with SpoofGuard via API, in this article.
- This article is a bit more OpenStack-focused, but given that it focuses pretty heavily on Neutron I thought it’d fit better here in the “Networking” section. The article talks about how to use the
--allowed_address_pairsextension to build a highly-available proxy server instead of using LBaaS. - Numan Siddique describes the native DHCP support available in OVN (Open Continue reading
Docker Hub Hits 5 Billion Pulls
Last week, the total number of image pulls from the Docker Hub Repository Service reached 5 billion. That’s an increase of 150% since just February. It’s pretty amazing for a three year old project. Docker Hub has become a part of the daily life of developers because it
Docker Online Meetup # 41: Docker Captains Share their Tips and Tricks for Built In Docker Orchestration
It’s been nearly two weeks since Docker released Docker 1.12 as generally available for production environments, introducing a number of new features and concepts to the Docker project. Our #DockerCaptain team has already started to dig in and share their learnings with the community via blog posts, talks and peer-to-peer help. Docker Captains are technology experts who have been awarded the distinction of being a Docker Captain in part because of their passion for sharing their Docker knowledge with others. So, we’ve invited three of our Docker Captains to speak at the next Docker Online Meetup on August 31st and share their tips and tricks for using Docker 1.12. Continue reading
Notes from the 2016 Ansible Community Survey
We recently ran the 2016 version of our Ansible Community Survey. This is a survey of Ansible users and community members, regarding how they're using Ansible in their environments. We thought it would be useful to share some of the aggregate results. (As we did not ask for permission to distribute individual responses, we cannot make the raw data public.)
We had over 1,600 survey respondents, up from 1,300 when we last ran the survey in March of 2015.
| How long have you been using Ansible? |
||
| Answer Options |
Response Percent |
|
| A month or less |
7.8% |
|
| 1-2 months |
7.3% |
|
| 2-6 months |
18.8% |
|
| 6-12 months |
18.6% |
|
| over a year |
47.4% |
|
| number of respondents |
1,625 |
|
Ansible continues to grow more veteran users - when surveyed in 2015, only 30% of respondents had used Ansible for more than a year.
| What version(s) of Ansible are you currently running? |
||
| Answer Options |
Response Percent |
|
| pre-1.9.x |
5.0% |
|
| 1.9.x |
27.8% |
|
| 2.0.x |
41.6% |
|
| 2.1.x |
51.4% |
|
| 2.2/development |
6.7% |
|
| number of respondents |
1,623 |
|
Note that respondents could pick multiple versions. All told, 80% of respondents have at least some usage of Ansible 2. Continue reading
Open vSwitch Now a Linux Foundation Project
News emerged today that Open vSwitch (OVS) has formally moved over to the Linux Foundation. This is something that has been discussed within the OVS community for a while, and I for one am glad to see it happen.
Why am I glad to see it happen? The project can finally shed itself of the (unfair) claims that the governance under Nicira (and later VMware) wasn’t “open enough.” These accusations persisted despite numerous indications otherwise. Thomas Graf, an OVS committer—who does not work for VMware, for the record—came to this conclusion in his OVSCon 2015 presentation:
OVS is one of the most effective and well governed open source projects I’ve worked on.
Moving to the Linux Foundation allows OVS to continue to grow and flourish without continued accusations of unfair governance. The project intends to continue to use its existing governance model, in which technical leadership of the project is determined by the committers, and committer status is determined by your involvement in the project via code contributions and code reviews.
For more information, refer to the official Linux Foundation press release.
Docker SF Meetup #47; Docker 1.12, Docker for Mac and Tugbot
On Wednesday members of the Docker SF Meetup community joined us at Docker HQ for our 47th Docker meetup in San Francisco! It was a great evening with talks and demos from Docker’s own Ben Bonnefoy, Nishant Totla, as well as Neil Gehani from HPE.
Continuous Integration Testing on Docker Cloud
This is a guest post by Stephen Pope & Kevin Kaland from Project Ricochet
Docker Cloud is a SaaS solution hosted by Docker that gives teams the ability to easily manage, deploy, and scale their Dockerized applications.
Continue reading
Weekly Docker Roundup: 5 Stories You Don’t Want to Miss
This week, we take a look into the Docker 1.12 native integration of Swarm Mode, debug Dockerized .NET core apps with VS Code, and learn why Docker CEO Ben Golub is leading the charge as the #1 IT disruptor. As we begin a new week, let’s recap our top 5 most-read stories for the week of July 31, 2016:
Continue reading
Introducing Dockercast – the Docker Podcast
Today, we’re thrilled to introduce Dockercast the official Docker Podcast. The Docker and container ecosystem is moving fast and it can be hard to catch up with the latest projects or features. Podcasts is an efficient medium for getting up to the speed with the latest news from the ecosystem on-demand. Now you can catch up wherever you are by playing or downloading Docker podcast episodes directly to your phone, laptop or tablet.
Continue reading
Announcing Docker 1.12 Hackathon winners
The judges have deliberated, our community has voted, and the results are in! We are happy to announce the top 5 submissions of the Docker 1.12 Hackathon.
In case you missed it, the theme of the hackathon was to build, ship, and run a distributed software application using a release candidate of Docker 1.12. We encouraged participants to hack the new features included in Docker 1.12, such as: Swarm Mode, Cryptographic node identity, Service API, and Build-in routing mesh.