DC/OS;

How To Secure Your DC/OS Packet Cluster with IP Whitelisting using ipset

Recently I wanted to run DC/OS on Packet, the bare metal cloud. However, the Terraform scripts do not setup any firewall rules. This leaves the cluster exposed to internet traffic. To fix this I setup an IP whitelist to block undesirable external traffic. In this blog I will show you how this works using the ipset and iptables commands. DC/OS on Packet First let's create a small development [...]

Docker Swarm with Azure Container Services and Azure Resource Manager

Docker Swarm with Azure Container Services and Azure Resource Manager In an earlier post we explained how easy it is to setup a Docker Swarm cluster in Azure using Azure Container Services and Terraform. We understand that not everybody is ready to adopt Terraform in their companies and, even though we can help you get there, we have written this other guide to achieve exactly the same [...]
;

Docker Swarm with Azure Container Services

Docker Swarm with Azure Container Services As part of setting up a Docker Swarm cluster for one of our customers in their public cloud provider, Microsoft Azure, we learned how easy it was to set it up with Terraform. In this blog post we're going to show and provide you with the tools for doing it yourself. Background Setting up a HA Docker Swarm Cluster in Azure is much easier than one [...]

Tricks of the Captains – DockerCon Talk

At DockerCon 2017 in Austin, Texas, I gave a talk entitled "Tricks of the Captains" in the community theatre track. The talk covered various tips and tricks for using Docker, compiled from the brains in the Docker Captains program. The tricks included: Configuring docker ps output Don't bust the build cache Cleaning up with docker prune Properly starting and stopping [...]

The Average Dev, Containers and Security

At the recent #INGLovesIT event in Bucharest, I gave a talk about Container Security. I went into details about features of Docker and the Linux kernel. This led Simon Brown (who gave a great keynote on the relationship between Agile and software architecture) to tweet: Listening to @adrianmouat talking about Docker and security; scary stuff, another reason why your average dev shouldn’t [...]

Running Habitat Supervisors on top of Kubernetes

In the last two months, I've worked together with Chef to evaluate Habitat from a cloud native developer perspective. This is the second blog in a series of three where I'll share my experiences. The first blog is about the build system, and the last will be about how to create a High Available Redis cluster with automatic failover on top of kubernetes. TL;WR: Setting up habitat supervisors [...]

Working with Habitat as a cloud native developer, part 1

In the last two months, I've worked together with Chef (the company) to evaluate Habitat from a cloud native developer perspective. This is the first blog in a series of three where I'll share my experiences. The other two blogs will be about how to run the Habitat supervisor on top of Kubernetes, and how to create a Highly Available Redis cluster with automatic failover on top of [...]

Anne Currie Teams Up With Container Solutions

LONDON — 21 March 2017 — Anne Currie and Container Solutions to join forces to further their aim of helping SMEs and Enterprises reap the benefits of Cloud Native. Anne Currie will be working with Container Solutions on a public project to encapsulate the current state of Cloud Native and Programmable Infrastructure. They'll be talking to Enterprises across Europe and the US about their [...]
;

Monitoring Kubernetes with DataDog

Monitoring is a crucial part of any production application, and it’s importance is increasing as we move towards cloud native. For all the benefits of distributed, microservice applications, there are challenges which come along as well. The complexity of the system has increased considerably. The number of pieces involved (applications, datastores, services, etc) has multiplied, and they are [...]
minimesos;

minimesos 0.13.0 – Support for Marathon application groups

Today we released minimesos 0.13.0. In this version we have added support for Marathon group deployments. With this change you can quickly deploy application groups using the minimesos install command. Deploying an application group In minimesos the install command is used to deploy applications on the cluster. With this version you can install entire groups using the --group flag. See the [...]

Accidental Rewrite of a Microservice

This is a guest post by Robert Hensing. In this blog post, I describe my experience adapting a microservice for use with AWS' DynamoDB. Background The Sock Shop is Weave Works' reference microservice implementation. For their customers, they want to demonstrate that their cloud solutions for deployment, monitoring and more work well on Amazon Web Services. Therefore the task is to [...]
;

Introduction to gRPC

The hot new buzz in tech is gRPC.  It is a super-fast, super-efficient Remote Procedure Call (RPC) system that will make your microservices talk to each other at lightspeed, or at least that’s what people say.  So this article will take a quick look at what it is, and how or when it can fit into your services. What is gRPC gRPC is a RPC platform developed by Google which was announced and [...]
minimesos;

minimesos 0.12.0 – Local DNS for development with the .mm domain

Today we released minimesos 0.12.0. In this version we have added support for Mesos DNS and an integration with dnsmasq. With this change the minimesos containers and Marathon apps are available on the .mm domain. You can install the new version using the usual installer command: curl -sSL https://minimesos.org/install | sh. The Docker images are available on Docker Hub and the jar is [...]
minimesos;

minimesos 0.11.1 – Docker on Mac and improved default resources

Today we released minimesos 0.11.1. In this version we made a couple of improvements. Docker on Mac is now supported, the default resources of a new minimesos cluster are increased and the Marathon command is now configurable. You can install the new version using the usual installer command: curl -sSL https://minimesos.org/install | sh. The Docker images are available on Docker Hub and the [...]
;

Kubernetes Quick Tip: Whitelisting source IP with Ingress in Kubertenes

If you are using Ingress on your Kubernetes cluster it is possible to restrict access to your application based on dedicated IP addresses. One possible use case would be that you have a development setup and don't want to make all the fancy new features available to everyone, especially competitors. In such cases, IP whitelisting to restrict access can be used .This can be done with specifying [...]