Meetup: Enterprise Docker and DevOps

This week, Tuesday the 16th,  was the first meetup organized by Amazic. The nice thing for me is that Amazic is located in Nieuw-Vennep which is also my hometown. After the food and drinks, Luke Hasty started the evening. Mohamed Yassini, the founder of Amazic told us a bit about the background of this meetup. His goal is to have meeeup sessions with a focus on security. This session was around Twistlock. Next session will have as topic Sonatype.

This meetup will look at how to apply automated security policies for every stage of the DevOps workflow, including seamless CI integration, extensive API support, and dev-to-production security controls that enforce consistent policies across the container lifecycle, be that on premise, virtualised or in the cloud.

 

Ashley Ward (Solutions Architect) at Twistlock told us his vision of security in general and after went into the possibilities that Twistlock offers. The presentation of the meetup can be found here under Twistlock.

Very good session with an enthousiatic speaker and also an interesting product. I liked the fact that the product scans all the layers of the docker file. I also liked the fact that you put the responsibility for the security of the container application on the level of the developer, as part of you build it, you run it. All in all a good meetup. Thanks Amazic for arranging it.

vSphere Docker Volume Service is now Docker…

vSphere Docker Volume Service is now Docker Certified! [blogs.vmware.com/virtualblocks]

vSphere Docker Volume Service is now Docker…

We are happy to announce that VMware has joined Docker Certification Program and vSphere Docker Volume Service (vDVS) plugin is now available on Docker Store!


VMware Social Media Advocacy

Docker for the Virtualization Admin

logo-dockerUnderstand the differences between containers and VMs

A natural response when first working with Docker containers is to try and frame them in terms of virtual machines. Oftentimes we hear people describe Docker containers as “lightweight VMs”.

This is completely understandable, and many people have done the exact same thing when they first started working with Docker. It’s easy to connect those dots as both technologies share some characteristics, but the key is that the underlying architecture is fundamentally different between containers and virtual machines.

This Ebook Covers:

  • Why Containers are not VMs
  • How Containers and VMs can be used together for capacity optimization
  • Running containers on physical servers vs virtual machines
  • Getting started with Docker and containers

You can get the ebook here 

Docker Randstad Meetup: June 2016

Yesterday I was together with two KPN colleagues  at the meetup from Docker Randstad. The meetup was hosted by Blendle in the center of Utrecht. Blendle also arranged the food and drinks. After everybody had some time to eat a slice of pizza, the official part of the evening started. Before the sessions started, Blendle was given the opportunity to tell how they use Docker.

IMG_20160628_192832

First presenter was Stijn Polfliet, founder and ceo of CoScale. Stijn had a presentation which consisted of two parts. First part was about Anomaly detection. He explained the different challenges you face if you want to apply anomaly detection and which methods you can use. He also explained the pro’s and cons of the different methods. The second part of the presentation was about Performance monitoring for Docker environments. He mentioned some of the most commonly used tools like CAdvisor, Datadog, Scoutapp and Sysdig. For each of these tools he also mentioned the pro’s and the cons. He also talked about tools like New Relic, which was in his opinion more suited for the monitoring of more monolithic environments. Stijn also showed a demo of the monitoring tool of CoScale.

highres_451624434

After the break Pini Reznik, cto of Container Solutions, presented the Docker State of the Union. Pini gave an update about the announcements that were made on DockerCon 2016 in Seattle. The announcements on DockerCon were split up in the non commercial/open source on the first day and the commercial on the second day.

The non commercial announcements are:

  • Public beta Docker for Windows and Mac
  • Docker for AWS and Azure
  • Experimental Distribution Application bundles
  • Docker engine with built-in orchestration

The commercial announcements:

  • Docker Datacenter on AWS and Azure
  • Docker Store

IMG_20160628_205829

Again an interesting Docker meetup session.  Thanks to the speakers for the interesting and informative talks and thanks Catalin and Blendle for hosting it.

 

Book: Docker

Bocover_3ok Description

So hot off the presses, the latest buzz that has been on the tip of everyone’s tongues and the topic of almost any conversation that includes containers these days is Docker! Docker has been a game-changer when it comes to virtualization. With this course, you will go from just being the person in the office who hears that buzz to the one who is tooting it around every day. This course will be a smooth journey covering Docker from scratch to finish! By sequentially working through each steps in this course, you will quickly master Docker and be ready to ship your applications without needing to spend sleepless nights for deployment.

Beginning with the Learning Docker module, get yourself familiarized with the fundamentals of Docker. This module would be a step-by-step guide that will walk you through the various features of Docker from Docker software installation to knowing Docker in detail. The aim is to make you fluent with Docker basics.

You’ll then dive a little deeper into Docker. The second module, Networking Docker, will show you how to create, deploy, and manage a virtual network for connecting containers spanning single or multiple hosts.

In the third module, Monitoring Docker, you will get to grips with monitoring your Docker apps and containers – this will show you how monitoring containers and keeping a keen eye on the working of applications helps improve the overall performance of the applications that run on Docker.

With the rising integration and adoption of Docker containers, there is a growing need to ensure their security. The purpose of our fourth module, Securing Docker, is to provide techniques and enhance your skills to secure Docker containers easily and efficiently.

Now that you’ve learned the nitty-gritty of Docker, it’s time to take a step ahead and learn some advanced topics. The final module, Mastering Docker, will help you deploy Docker in production. You will also learn three interesting GUI applications: Shipyard, Panamax, and Tutum.

Table of Contents

1: GETTING STARTED WITH DOCKER
2: UP AND RUNNING
3: CONTAINER IMAGE STORAGE
4: WORKING WITH DOCKER CONTAINERS AND IMAGES
5: PUBLISHING IMAGES
6: RUNNING YOUR PRIVATE DOCKER INFRASTRUCTURE
7: RUNNING SERVICES IN A CONTAINER
8: SHARING DATA WITH CONTAINERS
9: DOCKER MACHINE
10: DOCKER COMPOSE
11: DOCKER SWARM
12: TESTING WITH DOCKER
13: DEBUGGING CONTAINERS
14: DOCKER NETWORKING PRIMER
15: DOCKER NETWORKING INTERNALS
16: BUILDING YOUR FIRST DOCKER NETWORK
17: NETWORKING IN A DOCKER CLUSTER
18: NEXT GENERATION NETWORKING STACK FOR DOCKER – LIBNETWORK
19: INTRODUCTION TO DOCKER MONITORING
20: USING THE BUILT-IN TOOLS
21: ADVANCED CONTAINER RESOURCE ANALYSIS
22: A TRADITIONAL APPROACH TO MONITORING CONTAINERS
23: QUERYING WITH SYSDIG
24: EXPLORING THIRD PARTY OPTIONS
25: COLLECTING APPLICATION LOGS FROM WITHIN THE CONTAINER
26: WHAT ARE THE NEXT STEPS?
27: SECURING DOCKER HOSTS
28: SECURING DOCKER COMPONENTS
29: SECURING AND HARDENING LINUX KERNELS
30: DOCKER BENCH FOR SECURITY
31: MONITORING AND REPORTING DOCKER SECURITY INCIDENTS
32: USING DOCKER’S BUILT-IN SECURITY FEATURES
33: SECURING DOCKER WITH THIRD-PARTY TOOLS
34: KEEPING UP SECURITY
35: DOCKER IN PRODUCTION
36: SHIPYARD
37: PANAMAX
38: TUTUM
39: ADVANCED DOCKER

What You Will Learn

  • Learn how to install Docker across all the platforms along with a few troubleshooting techniques
  • Build, push, and publish images on Docker Hub
  • Create and run services inside a container to deploy your applications with ease
  • Orchestrate multiple containers with Docker Compose
  • Test and debug applications inside a Docker container
  • Get to know the basics of networking and see how Docker networking works
  • Observe the pitfalls of Docker networking and how to overcome them
  • Discover the tools built into Docker to gain an insight into your container’s performance
  • Take advantage of the various SaaS offerings from third parties to move monitoring away from your local infrastructure and into the cloud
  • Get the most out of your application and resources with the right implementation of your monitoring method
  • Familiarize yourself with third-party tools such as Traffic Authorization, Summon, sVirt, and SELinux to secure your Docker environment
  • Stay up-to-date on Docker-related security issues that arise with its version updates
  • Integrate Docker with a wide range of cloud and configuration tools to fully realize its potential

Authors

Pethuru Raj

Pethuru Raj, PhD, works as a cloud architect at the IBM Global Cloud Center of Excellence (CoE) in Bangalore, India. He completed his CSIR-sponsored PhD degree at Anna University, Chennai, and continued his UGC-sponsored postdoctoral research at the Department of Computer Science and Automation of IISc, Bangalore. Thereafter, he was granted a couple of international research fellowships (JSPS and JST) to work as a research scientist for 3 years at two leading Japanese universities.

Pethuru has contributed to a number of high-quality technology books that are edited by internationally acclaimed professionals. In association with another IBMer, he has recently submitted the complete manuscript for a book called Smart Cities: the Enabling Technologies and Tools, to be published by the CRC Press in the USA in May 2015. He has collaborated with a few established authors to publish a book called High-Performance Big Data Analytics, which will be published by Springer-Verlag, UK, in 2015. He maintains an IT portal athttp://www.peterindia.net, and his LinkedIn profile can be found athttps://www.linkedin.com/in/peterindia.

Jeeva S. Chelladhurai

Jeeva S. Chelladhurai has been working as a technical project manager at the IBM Global Cloud Center of Excellence (CoE) in India for the last 8 years. He has more than 18 years of experience in the IT industry. In various capacities, he has technically managed and mentored diverse teams across the globe in envisaging and building pioneering telecommunication products. He specializes in cloud solution delivery, with a focus on data center optimization, software-defined environments (SDEs), and distributed application development, deployment, and delivery using the newest Docker technology. Jeeva is also a strong proponent of Agile methodologies, DevOps, and IT automation. He holds a master’s degree in computer science from Manonmaniam Sundaranar University and a graduation certificate in project management from Boston University. He has been instrumental in crafting reusable assets for IBM solution architects and consultants in Docker-inspired containerization technology.

Vinod Singh

Vinod Singh is a lead architect for IBM’s cloud computing offerings. He has more than 18 years of experience in the cloud computing, networking, and data communication domains. Currently, he works for IBM’s cloud application services and partner marketplace offerings. Vinod has worked on architecting, deploying, and running IBM’s PaaS offering (BlueMix) on the SoftLayer infrastructure cloud. He also provides consultancy and advisory services to clients across the globe on the adoption of cloud technologies. He is currently focusing on various applications and services on the IBM Marketplace/BlueMix/SoftLayer platform. He is a graduate engineer from the National Institute of Technology, Jaipur, and completed his master’s degree at BITS, Pilani.

Shrikrishna Holla

Shrikrishna Holla is a full-stack developer based in Bangalore and Chennai, India. He loves biking, listening to music, and occasionally, sketching. You can find him frequently in hackathons, wearing a hoodie and sipping Red Bull, preparing for an all-nighter.

He currently works as a product developer for Freshdesk, a cloud-based customer support platform.

You can get in touch with him on Twitter (@srikrishnaholla) or find him at the Docker IRC channel (#docker on Freenode) with the shrikrishna handle.

Oskar Hane

Oskar Hane is a full stack developer, with 15 years of experience in the development and deployment of web applications. During this period, he mostly worked with start-ups and small, fast-moving companies. He is the cofounder of several companies and has been working as an independent contractor for the past few years. These days, Oskar works with Neo4j, the world’s leading graph database, where he spends most of his time on the frontend, writing JavaScript.

He lives in Sweden with his wife and daughter. He enjoys programming as well as all kinds of sports and outdoor activities, such as hunting and fishing.

Neependra Khare

Neependra Khare is currently working as a principal performance engineer in Red Hat’s system design and engineering team. He has more than 11 years of IT experience. Earlier, he worked as a system administrator, support engineer, and filesystem developer. He loves teaching. He has conducted a few corporate training sessions and taught full semester courses. He is also a co-organizer of the Docker Meetup Group, in Bangalore, India.

He lives with his wife and two-year-old daughter in Bangalore, India. His Twitter handle is @neependra and his personal website is http://neependra.net/. He has also created a website for the book, which you can visit at http://dockercookbook.github.io/.

Rajdeep Dua

Rajdeep Dua has over 16 years of experience in the Cloud and Big Data space. He worked in the advocacy team for Google’s Big Data tools, BigQuery. He worked on the Greenplum big data platform at VMware in the developer evangelist team. He worked closely with a team on porting Spark to run on VMware’s public and private cloud as a feature set. He has taught Spark and Big Data at some of the most prestigious tech schools in India.

Currently, he leads Developer Relations team at Salesforce India. He also works with the Data Pipeline team at Salesforce, which uses Hadoop and Spark to expose big data processing tools for developers.

He has published Big Data and Spark tutorials at http://www.clouddatalab.com. His LinkedIn profile is https://www.linkedin.com/in/rajdeepd. He has also presented BigQuery and Google App Engine at W3C conference in Hyderabad (http://wwwconference.org/proceedings/www2011/schedule/www2011_Program.pdf). He led Developer Relations teams at Google, VMware, and Microsoft. He has spoken at hundreds of other conferences on the cloud. Some of the other references of his work can be seen at http://yourstory.com/2012/06/vmware-hires-rajdeep-dua-to-lead-the-developer-relations-in-india/ and http://dl.acm.org/citation.cfm?id=2624641.

His contributions to the open source community are related to Docker, Kubernetes, Android, OpenStack, and cloudfoundry. He has teaching experience in big data at IIIT Hyderabad, ISB, IIIT Delhi, and College of Engineering Pune.

Vaibhav Kohli

Vaibhav Kohli has around 3 years of working experience in the research and development department of VMware, and he has been teaching computer engineering for a year at the esteemed Mumbai University. He has published many research papers and filed three patents from VMware in the container domain. He has also conducted workshops in various companies and meetups on container technology (Docker) and Kubernetes.

Santosh Kumar Konduri

Santosh Kumar Konduri has around 5 years of IT experience. He is an expert OpenStack administrator with 3 years of experience.

Russ McKendrick

Russ McKendrick is an experienced solution architect who has been working in IT and related industries for the better part of 23 years. During his career, he has had varied responsibilities in a number of industries, ranging from looking after an entire IT infrastructure to providing first-line, second-line, and senior support in client-facing and internal teams for corporate organizations.

Russ works almost exclusively with Linux, using open source systems and tools across dedicated hardware, virtual machines to public and private clouds at Node4 Limited, where he heads up the Open Source solutions team.

Allan Espinosa

Allan Espinosa is a DevOps practitioner living in Tokyo. He is an active open source contributor to various distributed systems tools, such as Docker and Chef. Allan maintains several Docker images for popular open source software that were popular even before their official release from the upstream open source groups.

In his career, Allan has worked on large distributed systems containing hundreds to thousands of servers in production. He has built scalable applications on various platforms ranging from large supercomputing centers in the U.S. to production enterprise systems in Japan.

Allan can be contacted through his Twitter handle @AllanEspinosa. His personal website at http://aespinosa.github.io contains several blog posts on Docker and distributed systems in general.

Scott Gallagher

Scott Gallagher has been fascinated with technology since he was in elementary school, when he used to play Oregon Trail. His love continued through middle school, working on more Apple IIe computers. In high school, he learned how to build computers and program in BASIC!. His college years were all about server technologies such as Novell, Microsoft, and Red Hat. After college, he continued to work on Novell, all while keeping an interest in technologies. He then moved on to managing Microsoft environments and eventually into what he is the most passionate about: Linux environments. Now, his focus is on Docker and cloud environments.

You can get the book here

Docker Randstad Meetup: March 2016

Yesterday was the 3rd birthday of Docker. Docker Randstand Meetup organised two meetup sessions. I attended both of the sessions.docker

  • Docker 3rd birthday celebration – Introduction to Docker
  • Docker 3rd birthday plus book signing with Adrian Mouat

 

IMG_20160324_135955

The meetups were in the W in Amsterdam and sponsored by Microsoft. The Introduction to Docker meetup was basically a hands-on workshop where you were you the tutorials provide by Docker to create the birthday app. If you were not familiar with Docker, there was also a getting started tutorial in which you could get acquainted with Docker and the basic commands. After you had created the app you could upload it to Docker and show that you had participated in the birthday event. During the meetup there were also pastries and good coffee available. Overall a good organized meetup.

IMG_20160324_135629

The second meetup consisted of two presentations. First presentations was by Arjan Schaaf – DevOps Architect and was about Docker Network performance in the public cloud. Arjan performed different tests onMicrosoft Azure and Amazone Web Services regarding network performance.
The second presentation was by Adrian Mouat – Chief Scientist @ Container Solutions and had as subject Container Orchestration with Kubernetes, Docker Swarm and Mesos/ Marathon. Adrian discussed the features of the different products and also showed a demo of each of the products in which he showed the advantages and disadvantages of the different solutions
After the presentations there was the possibility to get your book Using Docker, signed by Adrian Mouat. And of course there were drinks, snacks and the cutting of the birthday cake. All in all two very good meetups, well organized.

IMG_20160324_151859

 

 

Docker Datacenter (installation)

When you want to apply for the Docker Datacenter trial, you first have to create a Docker ID accoun tand then you can register for the trial. After you have completed your trial subscription, you get access to the installation pages for the Datacenter suite.
The installation is split up in four steps
1 Install Commercial Engine
2 Install DTR + UCP
3 Add license
4 Secure and Configure

In this post I want to adress the first three steps. The commercial engine is supported on the following operating systems:

In my setup is chose Ubuntu 14.04 LTS. The commands that you need to install the commercial engine are provided on the Docker site. When you are finished installing the Docker engine, your can proceed with installing the Docker Trusted Registry and after that Docker Universal Control Plane (UCP) . Before you start installing UCP, make sure that the required firewall ports are opened. If you are running Docker Trusted Registry and UCP on the same machine, like I did, you have to specify a different management port for UCP as both are default using 443. You can do this by adding the following option to the command –controller-port “port nummer”

dockerucp

 

 

When you are finished installing you can logon to the management portal, upload your license and start using Docker Datacenter. If you subscribe for the Docker Datacenter trial, Docker sends you in the days after 6 Docker Datacenter Challenges which help you with getting value out of Docker Datacenter.

 

Docker Datacenter

Last week, Docker released the Docker Datacenter suite. Docker Datacenter is based on the commercial engine of Docker and contains Docker Trusted Registry and Docker Universal Control Plane. This solution is meant to run in your own datacenter or in your own virtual private cloud. Docker Trusted Registry is used to store the images and support security or regulatory compliance requirements. Docker Universal Control Plane provides a containter management platform for your on premise docker environment or for your virtual private cloud container environment.  two days ago Docker released Docker Universal Control Plane 1.01.
Docker offers a 30 day trial of their Docker Datacenter suite. I coming weeks I will post my findings regarding the installation and configuration of this suite.

%d bloggers like this: