Deep dive into Windows Server Containers and Docker – Part 3 – Underlying implementation of Hyper-V Containers

Last April I visited DockerCon 2017 and while they announced many new great things like the LinuxKit and the Moby Project, one of the most appealing announcements for me definitely was the announcement of John Gossman that Microsoft and Docker made it possible to run Linux containers natively on Windows Hosts by using the same Hyper-V isolation layer as Hyper-V containers. So, time for me to create a blogpost about Hyper-V containers and to explain how this Hyper-V container virtualization layer works.

Read more →

Kubernetes and on-demand CI builders

Let's say you've got a CI/CD pipeline and you would like to run builds in containers. You could just configure Docker on one of your machines and point your builds there, but why not use something a bit more scalable? Enter Kubernetes, a leading container orchestration platform, which luckily offers several options for using its self-contained pods as on-demand CI builders. Things like sharing sources between containers and networking will be handled for you, so all you'll have to worry about is specifying the desired image.

In this blog, I'll be exploring two of those options in commonly used CI tools, namely Gitlab and Jenkins, and will explain how to configure the Gitlab-runner or Jenkins Kubernetes plugin to run on-demand CI builders on a Kubernetes (or "K8s") cluster.

Read more →

Running Kubernetes locally with Docker on Mac OS X

Fast feedback loops are instrumental to gaining confidence in changes and achieving a steady pace of delivery. In many teams, Docker has been an important force behind removing delays in the pipeline to production. Taking control of your environments is a powerful move to make as a scrum team.

Seeing that Kubernetes appears to be becoming the leading orchestration platform, chances are that the containerized applications you and your team are working on will land on a Kubernetes cluster. That is why I was excited to see that in the latest version of Docker it is now possible to run a local Kubernetes cluster. In this blog you will learn how to start a local Kubernetes cluster with the latest Docker version.

Read more →

Refactoring to Microservices – Introducing Docker Swarm

In my [previous blog] I used local images wired together with a docker-compose.yml file. This was an improvement over stand alone containers. Networking is now more robust because code in images uses names instead of IP addresses to access services. This time my goal is to introduce Swarm so I can distribute components over multiple hosts and run more instances if necessary. Next, I'll describe step one: migrate the docker-compose-single-host setup to a Docker Swarm multi-host version. [More].

Refactoring to Microservices – Using Docker Compose

In the previous version of the shop landscape (see tag 'document_v2' in this [repository]) services were started with a shell script. Each depended on Rabbit MQ to run, so there was a URL with an IP address that depended on whatever address the host it runs on got from its DHCP server. This was brittle, so I decided to introduce docker-compose. Actually, I should say 're-introduce' because my colleague Pavel Goultiaev built a previous version using compose. In this version, I copied and finished his code.

read more

This blog is part of my Trying-to-understand-Microservices-Quest, you can find the previous [installment here].

Production ready AWS ECS (EC2 Container Service)

Are you looking to run Docker containers on AWS? Or are you looking to use AWS ECS (EC2 Container Service)? Does it need to be production ready?

If so, then speed up your process and be ready today by looking at my GitHub repository on ECS. It contains infrastructure as code with Terraform for a quick production ready setup. But most importantly it contains information on how the infrastructure is setup. It explains why things are done in a certain way and where to watch for. And finally, shows how to do simple but fully automatic deployments.

If you live in the Netherlands then join me at the Open Kitchen: Simplify DevOps with AWS ECS

Refactoring to Microservices – Using a Document as State

In a previous installment of our Microservice refactoring effort, I’ve introduced a ShopManager and a Clerk to implement the shopping process (see this blog). I ended up with a JSON document transferred between services. To make life easy for myself I just parsed all of the document using Spring magic. This time I will discuss the downside of this strategy and show an alternative.

read more

Why microservices fail

Gianna has joined Avidoo Inc., a productivity platform, as a senior software engineer. In a kick-off meeting with the rest of her team, she brings up the subject of microservices and whether the team has adopted them in any way. She immediately gets a strong reaction.
“We have tried adopting microservices, but they don’t work”, Byron offers.
“It became a terrible mess!”, Kary adds.
Gianna blinked her eyes three times expecting some kind of elaboration, but none followed.
After an uncomfortable silence, Gianna asks: “So what happened?”
“At first it was great. Every time we were asked to create something new we had the opportunity to add a service and use whatever languages and frameworks we wanted to experiment with. We exposed REST APIs on systems it needed to collaborate with or worked on their databases directly. But after a while, things started to break more and more often and development slowed to a crawl.”
Gianna sighs. It sounds to her like her team had been building a distributed monolith, while what they had meant to build were microservices.
Read more →

Docker containers vulnerability scan with Clair

When you work with containers (Docker) you are not only packaging your application but also part of the OS. Therefore it is crucial to know what kind of libraries might be vulnerable in you container. One way to find this information is to use and look at the Docker Hub or Quay.io security scan. The problem whit these scans is that they are only showing you the information but are not part of your CI/CD that actually blocks your container when it contains vulnerabilities.
Read more →

Monitoring a Kubernetes Environment

This post is part 3 in a 4-part series about Container Monitoring. Post 1 dives into some of the new challenges containers and microservices create and the information you should focus on. Post 2 describes how you can monitor your Mesos cluster. This article describes the challenges of monitoring Kubernetes, how it works and what this means for your monitoring strategy.
 
What is Kubernetes?
Kubernetes is a powerful orchestration system, developed by Google, for managing containerized applications in a (private) cloud environment. Kubernetes is able to automate the deployment, management and scaling of containerized applications and services. Kubernetes provides the infrastructure to build a truly container-centric development and operations environment.