Running containerized applications securely in production
December 26, 2019
Research shows that 46% of deployed containers run for one hour and 27% run for about five minutes. In such a fast-paced, disposable computing environment, cloud operators struggle to keep their workloads and container environments under control. Giuseppe de Candia explains how to take the chaos out of these short-lived computing engines and the security implications to consider along the way.
Smart networking with service meshes
November 29, 2019
Over the past year, service meshes have gained significant interest. Most service meshes have two components: a control plane and a data plane. Anubhav Mishra explains what it takes to build a scalable control and data plane. Anubhav also discusses how HashiCorp Consul provides many features like a distributed key-value store and service discovery that make it ideal for a control plane.
Advanced Docker developer workflows on Mac OS and Windows
November 15, 2019
Most developers use a Mac or Windows host to develop Docker Linux containers, which complicates filesystem sharing between the host and the Linux container and requires replicating Linux networking configuration locally. Anil Madhavapeddy and Richard Mortier outline ways to make using Docker on a Mac or Windows transparent, thus enabling a rapid test/edit/deployment cycle for microservices.
Deployment and orchestration at scale with Docker Swarm
November 13, 2019
Jrme Petazzoni and AJ Bowen demonstrate building an app from development to production with Docker. Jrme and AJ run a sample app on a single node with Compose and add scaling and load balancing. They then provision a Swarm cluster with Docker Machine and implement multihost communication with overlay networking. The result will be a highly available, scalable deployment for the application.
Distributed computing powered with etcd: Overview and future
November 13, 2019
Etcd is an open source distributed consistent key-value store. It has become a mature cornerstone of a variety of systems in the container ecosystem for networking, service discovery, configuration management, and load balancing. Brandon Philips dives into etcd, exploring its history, its new v3 API, production use cases, and how it powers reliable distributed systems.
Lessons from writing HTraced: A high-performance network daemon in Go
November 8, 2019
HTraced is a new trace collection daemon for the Apache HTrace project, written in Golang. Colin McCabe shares his experiences with the Go programming language and explains the design of HTraced. Colin explores libraries, frameworks, and build systems and discusses what was fun, what was tricky, and how the team optimized overall system performance.
Multihost, multinetwork persistent containers
November 7, 2019
Containers are considered ephemeral: they can be thrown away, updated, or redeployed. But what if you need persistence or, heaven forbid, you use a database? With some live hacking, Alvin Richards showcases the core Docker componentsMachine, Engine, Swarm, and Composealong with integration with Aerospike so you can deploy persistent database containers across multiple hosts and networks.
Rethinking security from the ground up with a microservices mindset
November 6, 2019
Recent high-profile data breaches have made it clear that traditional security based on n-tier application partitioning is broken. As we move into the container era, there is a huge opportunity to revolutionize security by rendering developer intent directly into the network fabric. Andrew Randall presents an open source approach to this problem, leveraging proven IP networking and Linux concepts.
System software goes weird
November 5, 2019
System software has been a monoculture of C and a land of monoliths, but a new wave of open source system software has started to appear, in languages such as Rust, Go, Haskell, OCaml, and Lua. These projects are developing new sorts of applications and introducing new people to systems programming. Justin Cormack explores what's going on, where it's useful, and the new paths it's leading us down.
Big data-fueled feedback loops leveraging streaming data in SDN/NFV
October 27, 2019
Software-defined networking (SDN) and network functions virtualization (NFV) hold tremendous potential to enable efficiency and flexibility in service delivery, but SDN/NFV environments are also highly complex and multilayered. Matt Olson explains why effective support for SDN/NFV services requires leveraging the tremendous amount of service and data streaming from the platform.