Securing Microservices with Docker from Adrian Mouat – Part 1

Last week, the excellent Adrian Mouat, Docker captain & author of “Using Docker” gave a webinar on how to use Docker to secure your microservice containers. The webinar was a teaser for a 2 day training session by Adrian and Sam Newman (author of “Building Microservices”) in Amsterdam on the 31 July and London on the 30 August. I’ll include booking links below, there are still a [...]
4 step plan for securing microservices;

Securing Microservices by Sam Newman

This is a write up of the excellent webinar on securing microservices given by Sam Newman, author of “Building Microservices” last week. The webinar was a teaser for a new 2-day course from Sam and Adrian Mouat (author of “Using Docker”) and Container Solutions that debuts this month in Amsterdam. Pretty much all the clever observations in this post I pre-attribute to Sam. Are [...]

Hacking it with Microsoft

Recently I had the opportunity to participate in a hackathon organized by Microsoft with a colleague of mine. The format of this hackathon found us partnering up with developers from Microsoft, in this case Alessandro and David, who were fantastic help during the course of the hackathon. The purpose of this hackathon was to help developers familiarize themselves with Microsoft Azure, while at the [...]

Microservice Insecurity

So here's the thing. Microservices are everywhere right now. You see them mentioned at talks, they have their own conferences, vendors are tripping over themselves to brand their products 'microservice ready'. Beneath this hype lies a useful architectural style - not a universal cure for all ills. Microservice architectures can provide a number of benefits. Increasing autonomy of teams, [...]

Microservices. What’s Really Going On?

As part of my investigation into all things Microservice and Cloud Nativish I’ve been interviewing folk and have bags of interesting case studies and observations to share. The first interview I’m going to talk about is the closest to home - Container Solutions (CS), which was formed in 2014 to provide specialist analysis and engineering around the new technologies of microservices, [...]

5 Mindbending Microservice Dilemmas

Dilemma 1 - Does Size Matter? A question I often hear asked is “how many microservices should I have?" or “how big should a microservice be?” So, what is better, 10 microservices or 300? 300! If the main motivation for Cloud Native is deploying code faster then presumably the smaller the microservice the better. Small services are individually easier to understand, write, deploy, and [...]
banksy robot;

The Cloud Native 101 Cribsheet

For the past few weeks we’ve been posting a blog series on Cloud Native, which in true tech style has been bunged full of buzzwords. We’ve tried to explain them as we went along but probably poorly so let’s step back and review them with a quick Cloud Native Glossary. Container Image - A package containing an application and all the dependencies required to run it down to the [...]

Microservices – Thinking Outside the Lines

In our last few posts we’ve talked about two of the architectural and operational weapons of Cloud Native: containers & dynamic management. However, when I go out and talk to Cloud Native users I find that containers and orchestrators aren’t always where they started. Many companies begin with microservices and don’t adopt containers until later. In this post we are going to look [...]

Is Dynamic Management the Real Ops Disruptor?

In our last post we looked closely at container packaging - what it means and why everyone’s going crazy about it. In this post, we're going to look at another aspect of Cloud Native - dynamic management. Dynamic Management Dynamic infrastructure management is sometimes called programmable infrastructure and its purpose is to automate data centre tasks currently done by ops folk. This [...]

Are Containers the Best Cloud Native Tool?

Earlier in this blog series we described how every strategy comprises a goal and the actions we take or tools we use to accomplish it. We’re now going to consider some of the tools that Cloud Native uses, including container packaging, dynamic management, and a microservices-oriented architecture. In this post we’ll consider container packaging - what it is and the effect it has. But [...]

The 3 Most Common Cloud Native Goals & What Kind of Company Are You?

Cloud Native Goals In our earlier posts in this series we described a Cloud Native Strategy as a way to achieve business goals by taking a particular set of actions: using IaaS or PaaS a microservice(ish) architecture containers orchestrators. Now let’s talk about the most common of those business goals: speed, scale and margin. The Goals of Speed, Scale & Margin First [...]

What is a Cloud Native Strategy?

In the last two blogs on this subject we talked about Cloud Native computing and about strategy. In this blog, we'll put the two together and consider Cloud Native Strategy - what it means and how to do it. In our first post we defined Cloud Native as a toolbox of approaches (IaaS or PaaS, microservices, containerisation and orchestration) for helping with three potential business [...]

The Seven Elements of Strategy (Which You’ll Need To Know If You Are Creating a Cloud Native Strategy)

In the first post in this series, my colleague Anne Currie said that cloud native was about speed, scale and costs. We discovered that cloud native helps you get your ideas to market quickly; that cloud native helps you scale as more users consume your services; and that cloud native lets you spread costs out over the lifetime of a product, and it does this by matching demand for services with [...]

What is Cloud Native?

  According to the Cloud Native Computing Foundation (CNCF) a Cloud Native strategy is about scale and resilience: “distributed systems capable of scaling to tens of thousands of self healing multi-tenant nodes”. This is incredibly useful for folk like Uber or Netflix who want to hyperscale an existing product, reduce their operating costs, and improve their margins. So is Cloud [...]

How To Secure Your DC/OS Packet Cluster with IP Whitelisting using ipset

Recently I wanted to run DC/OS on Packet, the bare metal cloud. However, the Terraform scripts do not setup any firewall rules. This leaves the cluster exposed to internet traffic. To fix this I setup an IP whitelist to block undesirable external traffic. In this blog I will show you how this works using the ipset and iptables commands. DC/OS on Packet First let's create a small development [...]