TL;DR – Last Week’s Container News (04/20/18-04/27/18)

Interview with OCI’s Michael Crosby

Docker has shared an interview with Michael Crosby, OCI Technical Oversight Board Chairman. Among the topics covered: 

  • Downloading and installing Git Bash
  • Generating SSH keys
  • Uploading the public SSH key to Triton
  • Downloading and installing Node.js
  • Installing Triton CLI
  • Configuring environment variables
  • Configuring Triton profiles
  • Creating an instance
  • Connecting to the new instance

…and many more. Follow the link for the complete interview with Michael Crosby.

How to Choose a Service Mesh

For those who already know why they need a service mesh, The New Stack has shared a great how-to for picking the right service mesh. The article explores “common attributes of a service mesh,” the differences between services meshes and other message management solutions, as well as eight considerations when choosing the right mesh for you. Follow the links for more information.

Quali Provides Self-Service Dev and Test Environments

Last week, The New Stack shared a great writeup about Quali, one of InfoSiftr’s partner companies.

Quali can provide cloud sandbox environments that “are authentic replicas of those used in production.” According to The New Stack, Quali’s goal is to, “make setting up development and test environments as easy as choosing a movie on Netflix.”

With Quali, a solutions architect can create blueprints and templates that, “include business context as well the domain expertise,” and place them in a catalog for self-service by DevOps or testing teams.

Azure Service Fabric Now Supports RHEL

Microsoft’s Azure Service Fabric now supports Red Hat Linux clusters, according to an article in eWeek. This is part of the version 6.2 of the Azure Service Fabric runtime, announced April 19. Windows and Ubuntu are also supported.

Heptio Open Sources Gimbal for Load Balancing in Kubernetes, OpenStack

Along with Yahoo Japan subsidiary Actapio, Heptio has announced an open source project called Gimbal. This is meant to “help enterprises load balance network traffic in hybrid environments, including Kubernetes clusters and OpenStack deployments,” according to VentureBeat.

Microsoft Azure Container Instances Now Production Ready

Microsoft Azure Container Instances (ACI), which previewed last year, are now ready for production usage, according to a recent article in The New Stack. According to the article, Microsoft is calling ACI a “serverless” service, as the Linux / Windows containers are offered “as a basic compute primitive. The end user “does not have to worry about provisioning or managing the underlying infrastructure.”

For more information, see also VentureBeat’s excellent coverage and the article in eWeek.

Site Reliability Engineering for Microservices 101

A recent article in The New Stack provides an overview of Site Reliability Engineering (SRE) in a microservices environment. The article explores “the role of site reliability engineering,” tips for successful SRE (including taking availability, reliability, and visibility as seriously as velocity and innovation), and some new tools recently released by Google (Stackdriver Trace, Stackdriver Debugger, Stackdriver Profiler).

Docker EE 2.0 Includes Tigera’s “Project Calico” For Networking

Announced earlier this month, Docker Enterprise Edition 2.0 integrates Tigera’s Project Calico as the “‘batteries included’ Kubernetes CNI plug-in for a highly scalable, industry-leading networking and routing solution.” According to Docker, choosing Project Calico supports their objectives of providing “choice & flexibility for different deployment models,” and a “highly scalable and battle-hardened” solution with a “policy-driven security model with close integration to Kubernetes.”

Case Study: Giant Swarm’s Kubernetes Journey

A recent article in The New Stack explores Giant Swarm’s “bittersweet road to Kubernetes production.” The company has been running Kubernetes in production for a while, and has experienced “global traffic, Black Friday and Christmas sales, stringent security guidelines and multi-country teams,” in that context. In other words: they’ve had their share of “trials and tribulations” with the platform. The article explores security, updates, installations, load tests, and authentication. A great primer for any organization looking to embark on their own “road to Kubernetes production.

Triton CLI on Windows Subsystem for Linux (WSL)

As part of last week’s TL;DR, we summarized Joyent’s tutorial on how to install Triton CLI on Windows. This past week, Joyent shared a similar tutorial for Triton CLI on Windows Subsystem for Linux (WSL). The article first explains what WSL is, then walks through the steps to getting it installed. Follow the link for the complete walkthrough.

“Continuous Hacking” for Improved Container Security

A recent article in The New Stack introduces the idea of “continuous hacking,” which involves checking security in the build/deploy pipeline. The authors share a STRIDE acronym (which stands for “Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Escalation of Privilege”), and explore remedies for each aspect of STRIDE. Follow the link for more information.

Cloud Foundry + Kubernetes

SUSE (an enterprise Linux distributor) has bundled Cloud Foundry (a platform-as-a-service software) with Kubernetes, according to a recent article in The New Stack. This is to provide “an integrated package” that “allows people to get the best of both worlds.” It’s meant to “bring the advanced productivity of Cloud Foundry to a modern infrastructure represented by Kubernetes.” 

Docker Desktop Kubernetes Conformant

Docker for Windows and Docker for Mac have passed the Kubernetes conformance tests. This means that they (along with Docker Enterprise Edition) conform to standards for typical Kubernetes behavior. This standardization helps ensure portability / interoperability between distributions. Check out Docker’s complete blog post.

Google Cloud Simplifies Cloud Service – Kubernetes Connection

Google has announced two new tools (in beta) to “simplify the process of integrating its cloud services with applications that are managed by a Kubernetes cluster.” The tools are called the Kubernetes Service Catalog and Google Cloud Platform Service Broker API. The Kubernetes Service Catalog lists ” all the Google Cloud services customers can connect their clusters to,” while the GCP Open Service Broker “helps manage the connections between a cluster and those services.” Check out the VentureBeat article for more information. 

Learn Docker at DockerCon

DockerCon 2018 will feature workshops and hands-on labs covering Docker best practices, according to a recent Docker blog post. Among the available workshops:

    • Migrating a .NET App to Docker EE
    • Migrating a Java App to Docker EE
    • Introduction to Istio
    • Monitoring and Logging
    • Docker Storage Concepts
    • Networking for Swarm and Kubernetes in Docker Enterprise Edition
    • Container Troubleshooting Workshop with Sysdig
    • Secure, Automated Software Supply Chain

About the Author: