Category Archives: containers

containers, Docker, Miscellaneous IT

Running Docker on CentOS on ESXi

The post below was written by GreenPages Enterprise Consultant Chris Williams and was published on his Mistwire blog.

Recently I’ve been playing with containers a little bit in my lab. Today I’m going to show you how to get a Docker engine running on a CentOS 7 VM running on an ESXi host. It’s surprisingly easy!
First, what is Docker? It’s an engine that lays on top of an existing host OS and basically removes the “Guest OS” abstraction layer from the mix. This is good because the Guest OS is a big resource hog when you start having several of them per host.

So what does this mean? Is this (potentially) bad news for VMware and Microsoft?

Short answer: yes.

Long answer: Yeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeesssssssssssssssssssssssssssssssssssssssssssss*

*VMware and MS are working on projects to get in on the containery goodness, so I won’t speak about that here. Instead I’m going to walk through how to set up your first Docker engine ON CentOS ON ESXi in your existing vSphere environment.

 

To read the rest of Chris’ post, click here!

 

Looking for more information around Docker? Download this whitepaper, “10 Things to Know About Docker.”

 

containers, Mozilla Firefox, News & Analysis

Mozilla Firefox launches container feature for multiple online personas

FirefoxThe Mozilla Firefox team has announced it will integrate a new containers driven feature to allow users to sign into multiple accounts on the same site simultaneously.

While the concept of using technology to manage multiple accounts and different personas is not a new idea, the practicalities have been out of reach. With the new feature, users will be able to sign into multiple accounts in different contexts for such uses as personal emails, work accounts, banking, and shopping. Twitter is one of the most relevant examples in the immediate future, as it is not uncommon for individuals to have multiple twitter account for work and personal life.

“We all portray different characteristics of ourselves in different situations,” said Tanvi Vyas, one of the security engineers working on the project, on the company blog. “The way I speak with my son is much different than the way I communicate with my coworkers. The things I tell my friends are different than what I tell my parents. I’m much more guarded when withdrawing money from the bank than I am when shopping at the grocery store. I have the ability to use multiple identities in multiple contexts. But when I use the web, I can’t do that very well.

“The Containers feature attempts to solve this problem: empowering Firefox to help segregate my online identities in the same way I can segregate my real life identities.”

The Mozilla Firefox team are one of the first to have cracked the equation, though it does admit there are a number of challenges to come. Questions which the team now need to answer include:

  • How will users know what context they are operating in?
  • What if the user makes a mistake and uses the wrong context; can the user recover?
  • Can the browser assist by automatically assigning websites to Containers so that users don’t have to manage their identities by themselves?
  • What heuristics would the browser use for such assignments?

“We don’t have the answers to all of these questions yet, but hope to start uncovering some of them with user research and feedback,” said Vyas. “The Containers implementation in Nightly Firefox is a basic implementation that allows the user to manage identities with a minimal user interface.”

Containers for Web

applications, Chef, containers, News & Analysis

Chef boosts application IQ with Habitat launch

artificial intelligence, communication and futuristicChef has launched a new open source project called Habitat, which it claims introduces a new approach for application automation.

The team claim Habitat is a unique piece of software which enables applications to be freed from dependency on a company’s infrastructure. When applications are wrapped in Habitat the runtime environment is no longer the focus and does not constrain the application itself. Due to this USP applications can run across numerous environments such as containers, PaaS, cloud infrastructure and on premise data centres, but also has the intelligence to self-organize and self-configure, the company claims.

“We must free the application from its dependency on infrastructure to truly achieve the promise of DevOps,” said Adam Jacob, CTO at Chef. “There is so much open source software to be written in the world and we’re very excited to release Habitat into the wild. We believe application-centric automation can give modern development teams what they really want — to build new apps, not muck around in the plumbing.”

Chef would generally be considered a challenger to the technology industry’s giants having only been founded in 2008, though the company has made positive strides in recent years specializing in the DevOps and containers arenas, two of the more prominent growth areas. Although both of these areas are prominent in marketing campaigns and conference presentations, applications into the real-world have been more difficult.

The Habitat product is built on the idea that infrastructure dictated the design of an application. Chef claims by making the application and its automation the unit of deployment, developers can focus on business value and planning features that will make their products stand out rather than on the constraints of infrastructure and particular runtime environments.

“The launch of Habitat is a significant moment for both Chef and the entire DevOps community in the UK and EMEA,” said Joe Pynadath, ‎GM of EMEA for Chef Software, Chef. “It marks our next evolution and will provide an absolutely transformative, paradigm shift to how our community and customers can approach application management and automation. An approach that puts the application first and makes them independent of their underlying infrastructure.  I am extremely excited to see the positive impact that our Chef community and customers throughout Europe will gain from this revolutionary technology.”

containers, EMC, News & Analysis, Persistent Storage

EMC launches storage provisioning framework for containers

Empty road and containers in harbor at sunsetEMC has announced the launch of libStorage, an open source vendor and platform-agnostic storage framework released through the EMC {code} program.

Containers have been one of the biggest buzzwords to hit the IT industry through 2015 and 2016, complications surrounding unification of the individual containers has been a challenge for developers. While several container platforms may be running in an environment, each has its own language, requiring users to treat them as silos, though EMC believe libStorage is the solution.

The offering is claimed to provide orchestration through a common model and API, creating a centralized storage capabilities for a distributed, container-driven ecosystem. libStorage will create one storage language to speak with all container platforms and one common method of support.

“The benefits of container technology are widely recognized and gaining ground all the time,” Josh Bernstein, VP of Technology at EMC {code}. “That provides endless opportunity to optimize containers for IT’s most challenging use cases. Storage is a critical piece of any technology environment, and by focusing on storage within the context of open source, we’re able to offer users—and storage vendors—more functionality, choice and value from their container deployments.”

The offering, which is available on GitHub, will support Cloud Foundry, Apache Mesos, DC/OS, Docker and Kubernetes.

“DC/OS users—from startups to large enterprises—love the portable container-operations experience our technology offers, and it’s only natural they would desire a portable storage experience as well,” Tobias Knaup, CTO at Mesosphere. “libStorage promises just this, ensuring users a consistent experience for stateful applications via persistent storage, whatever container format they’re running.”

API, containers, developers, Mesos, News & Analysis, Open Source

Container Solutions brings production environment to the developers laptop

Global Container TradeLondon-based Container Solutions has released the latest version of its minimesos project, an open source testing and experiment tool for Apache Mesos, which it claims brings production orchestration testing to the development environment.

The new offering targets the challenge of moving microservice applications from a developer’s laptop to the production environment, which can prove to be complicated as the target platform is different than the local one. The offering allows developers to bring up a containerised Apache Mesos cluster on their laptop, creating a production-like environment on their desktops for building, experimenting and testing.

“When we started building a number of Mesos frameworks, we found it hard to run and test them locally,” said Jamie Dobson, CEO of Container Solutions. “So, we ended up writing a few scripts to solve the problem. Those scripts became minimesos, which lets you do everything on your laptop. We later integrated Scope so that developers could visualise their applications. This made minimesos even more useful for exploratory testing.”

The company claims developers can now start a Mesos cluster through the command line or via the Java API, which is logically isolated as each of the processes run in separate Docker containers. Minimesos is aslo integrated: it exposes framework, state and task information to its Cluster State API.

containers, hybrid, Joyent, News & Analysis, Public, Public Cloud

Joyent launches Container-Native offerings for public and hybrid cloud platform

JoyentJoyent has launched its next generation container-native (G4) and KVM-based (K4) instance package families, which are now available on its Triton-powered public cloud platform.

The company’s cloud platform runs on containers, as opposed to traditional VM’s which the majority of other cloud platforms run on, which it claims will notably improve efficiency. The software used to run the Triton Cloud service is 100% open source and available for customers to use to operate in their own private data centres within a hybrid cloud model.

“Workloads are more efficient on Triton Cloud,” said Bill Fine, Vice President Product and Marketing at Joyent. “This is because Triton allows you to run containers natively, without having to pre-provision (and pay for) virtual machine hosts. The result is less waste and more cost savings for you.

“Consider our recent blueprint to run WordPress in containers. A minimum running implementation requires six g4-highcpu-128M instances and costs just over $13 per month. That minimal site may be perfect for a small blog or staging a larger one. Should you need to scale it, you can resize the containers without restarting them or scale horizontally with Docker-compose scale (or another scheduler of your choice).”

Note: There is a poll embedded within this post, please visit the site to participate in this post’s poll.

Joyent’s value proposition and marketing campaigns are seemingly built on the claim it is cheaper and more efficient than AWS, as it would appear the team are set on taking the fight to the incumbent industry leader. The company claim there is a notable price-performance cost advantage, more specifically, Elasticsearch clusters on Triton complete query requests 50% to 70% faster, Sharded MongoDB clusters complete tasks 100% to 150% faster and Standard primary/replica Postgres configurations up to 200% faster, in comparison to AWS.

“The cost of running on Triton is about half the cost of running on AWS,” said Fine. “With enough experimentation and determination you might be able to narrow this cost gap by more efficiently bin-packing your containers into VMs on AWS, but on Triton those efficiencies are built in and the cost and complexity of VM host clustering is removed. Each container just runs (on bare metal) with the resources you specify.”

containers, Docker, News & Analysis

Docker bolsters security capabilities with Security Scanning launch

DockerDocker has announced the general availability of its Security Scanning product, an offering formerly known as Project Nautilus.

The service, which is available as add-on service to Docker Cloud private repositories and for Official Repositories located on Docker Hub, streamlines software compliance procedures by providing customers with a security profile of all their Docker images. The offering sits alongside Docker Cloud to automatically trigger a series of events as soon as an image is pushed to a repository, providing a complete security profile of the image itself.

“Docker Security Scanning conducts binary level scanning of your images before they are deployed, provides a detailed bill of materials (BOM) that lists out all the layers and components, continuously monitors for new vulnerabilities, and provides notifications when new vulnerabilities are found,” said Docker’s Toli Kuznets on the company’s blog.

“The primary concerns of app dev teams are to build the best software and get it to their customer as fast as possible. However, the software supply chain does not stop with developers, it is a continuous loop of iterations, sharing code with teams and moving across environments. Docker Security Scanning delivers secure content by providing deep insights into Docker images along with a security profile of its components. This information is then available at every stage of the app lifecycle.”

The offering itself splits each Docker image its respective layers and components, and evaluates the risk associated with each one. Risks are reported back to the CVE databases, linked to the specific layer and/or component, but are also monitored on an on-going basis.

New vulnerabilities found during the on-going monitoring process are reported to the CVE database, which will then assess all other software associated with that component/package to improve software compliance across the board. Docker believes software compliance and general risk management can be enhanced through the offering, but also throughout the lifecycle of the software itself.

“With this information, IT teams can proactively manage software compliance requirements by knowing what vulnerabilities impact what pieces of software, reviewing the severity of the vulnerability and making informed decisions on a course of action,” said Kuznets.

The offering is now available to all customers, with Docker currently offering a three month free trial.

Docker Security

containers, News & Analysis

Container adoption hindered by skills gap – survey

Empty road and containers in harbor at sunsetNew research from Shippable has highlighted the use of containers is increasing within the North American market, though the current skills gap is proving to be a glass ceiling for the moment.

Just over half of the respondents to the survey, said they were currently using containers in production and 14% confirmed they were using the technology in the development and testing stages. A healthy 89% believe the use of containers in their organization will increase over the next 12 months.

“Our research and personal experience shows that companies can experience exponential gains in software development productivity through the use of container technology and related tools,” said Avi Cavale, CEO at Shippable. “Companies are realizing the productivity and flexibility gains they were expecting, and use of container technology is clearly on the rise. That said, there are still hurdles to overcome. Companies can help themselves by training internal software teams and partnering with vendors and service providers that have worked with container technology extensively.”

Of those who are not using technology currently, a lack of in-house skills was listed as the main reason, however the survey highlighted security is still a concern, the ROI of the technology is still unproven, and also the company’s infrastructure is not designed to work with containers.

While the rise in awareness of containers has been relatively steady, there have been a number of reports which highlighted an unhealthy proportion of IT professionals do not understand how to use the technology, or what the business case is. The results here indicate there has at least been progress made in understanding the use case, as 74% of those who said they were using the technology are now shipping new software at least 10% faster using container technology, and eight% are shipping more than 50% faster than before.

“In the earlier years of computing, we had dedicated servers which later evolved with virtualisation,” say Giri Fox, Director of Technical Services at Rackspace. “Containers are part of the next evolution of servers, and have gained large media and technologist attention. In essence, containers are the lightest way to define an application and to transport it between servers. They enable an application to be sliced into small elements and distributed on one or more servers, which in turn improves resource usage and can even reduce costs.

“Containers are more responsive and can run the same task faster. They increase the velocity of application development, and can make continuous integration and deployment easier. They often offer reduced costs for IT; testing and production environments can be smaller than without containers. Plus, the density of applications on a server can be increased which leads to better utilisation.

“As a direct result of these two benefits, the scope for innovation is greater than its previous technologies. This can facilitate application modernisation and allow more room to experiment.”

The survey also showed us that while Docker maybe one of the foremost names in the containers world, this has not translated through to all aspects of usage. The most popular registry is Google Container Registry at 54%, followed by Amazon EC2 Container Registry on 45% and Docker Hub in third place with 34%. Public cloud was also the most popular platform, accounting for 31% of respondents. 52% of developers said they’re running containerized applications on Google Compute Engine, while 49% are running on Microsoft Azure and 43% on Amazon Web Services.

While containers are continuing to grow in popularity throughout the industry, the survey highlights the technology is not quite there yet. North America could be seen as more of a trend setting than Europe and the rest of the world, and the fact usage has only just tipped through 50%, there might still be some work before the technology could be considered mainstream. The results are positive, but there is still work to do.

AWS, containers, Enterprise IT, Google, Microsoft, News & Analysis

What did BCN readers say last week?

What do you think written on whiteboardOver the past week, we took the opportunity to gauge the opinion of the BCN readership on industry trends and issues, through a number of polls. Here’s what we found out:

Microsoft is unlikely to be successful? 58% say no

For the most part, Microsoft’s lawsuit has been keep out of the headlines. This is unlikely to indicate the whole episode is unimportant to the industry, but maybe more due to the fact the story has been overshadowed by the ongoing saga between Apple and the FBI.

In any case, Microsoft filed a lawsuit against the US government, citing the first and fourth amendment with regard to government agencies using secrecy orders to access its customer’s emails or records. From Microsoft’s perspective, the company should have the right to tell customers the government is accessing their data, aside from in exceptional circumstances. The government disagrees.

While the tech giant has taken it upon itself to fight the good fight alone, BCN readers are a bit more sceptical on the success of the venture. Only 42% believe Microsoft’s lawsuit will be successful, though this is a question which is unlikely to be answered for a substantial period of time. Any decision will be appealed by the despondent party, dragging out any decisions or changes in government practise.

When will containers hit mainstream? 21% say right now

Containers are one of the hottest trends in 2016. We recently ran a buzzword-buster article not only discussing what containers actually are, but more importantly what the value to enterprise actually is. Since then there have been numerous announcement focused around the technology, from Microsoft to Red Hat to Juniper, indicating containers are starting to get some traction.

But how much of the press is a smoke-screen and how much is reality? In short, it’s looking quite positive.

Cloud took a healthy amount of time to be trusted and understood by the mainstream market, and maybe it is this longer adoption time which has accelerated containers as a technology. 21% of BCN readers highlighted that they are currently using the technology in a meaningful way in their business currently, 50% believe it will be in the next 1-2 years, and only 29% said longer than three years.

Who is the best innovator in the cloud industry? 75% still say AWS

Last week AWS launched a host of new features at the AWS Chicago Summit, ranging from new security features, tools which simplify the movement of data around an organizations cloud, platforms for automatically deploying and running apps on Amazon’s cloud infrastructure, testing features, as well as authentication services.

Although this is the first major update from AWS in some time, Google and Microsoft have been feverishly bolstering their offerings over the last six months ranging from new hires, to new features and new acquisitions. Industry insiders have even told us at BCN that AWS could be seen to be sitting back to much, offering Google and Microsoft the opportunity to improve their own standing, and make up ground on the number one player in the cloud space.

BCN readers do not agree however. 75% believe AWS is still by far and away the industry leader, 10% believe AWS, Google and Microsoft are all on par, while 15% believe innovation has faltered at AWS, and the rest of the industry is catching up fast.

Is DevOps mainstream? 48% say no

DevOps is another of the buzzwords which has floated over from 2015 into 2016. However, as buzzwords go, few have captured the attention of the industry in the same manner. Such is the prominence of DevOps, it seems although every company is now a DevOps specialist, DevOps expert or DevOps orientated organization.

In fact, this isn’t only vendors who have adopted DevOps, but pretty much every enterprise decision maker has DevOps on the lips also. The main concern here is the definition of DevOps can be seen as lost on certain organizations. Yes, there are practitioners of the methodology, though there are also a host of people who have taken the phrase without fully understanding the implications and the means to implement such an idea.

And it would appear BCN readers also agree with that assumption. Despite DevOps being one of the most used words in the cloud industry, only 52% of our readers believe DevOps has hit the mainstream market.

containers, Juniper, News & Analysis

Juniper boosts security capabilities with two new product offerings

Secure cloudJuniper Networks has launched a number of new cloud and virtualised service offerings as part of its software-defined secure networks framework.

The new offerings include a new containerised virtual firewall called cSRX and a multi-core version of the Juniper Networks vSRX. The company claims the new vSRX version is ten times faster than the nearest competitor and creates new possibilities for using agile and flexible virtual firewalls, while cSRX is the first containerized offering for the industry.

“As the security landscape continues to evolve, it is more important than ever to work together to combat cyber threats,” Kevin Walker, Security CTO at Juniper Networks. “These key additions to our security portfolio will further our Software-Defined Secure Networks vision and greatly benefit our customers. Our products provide the best opportunity to create secure networks through policy, detection and enforcement. We are excited to be releasing the most flexible firewall solutions in the market and continue to showcase our commitment to bringing SDSN to organisations across the globe.”

Juniper believes the faster vSRX offering and the scalability of the containerized cSRX, combined with the higher density of services on the Intel Xeon processor family, will increase an organizations capability to detect threats.

“Juniper Networks is delivering significant scale and total cost of ownership advantages to its customers with the new cSRX, which fundamentally changes how security is deployed and illustrates the power of Software-Defined Secure Networks to provide a holistic network protection paradigm,” Mihir Maniar, VP of Security Product Management at Juniper Networks. “Moreover, with the addition of our 100 Gbps vSRX, our security portfolio is further advancing the industry’s highest performing virtual firewall.”