Tag Archive for docker

VMworld Europe 2015 Day Two Roundup

Doesn’t time fly by fast when you’re having fun?! Day two was frankly a full-on brain cram fest for me…

The morning started off with the keynotes, which (if I’m honest much like the US announcements) were interesting but not earth shattering for me.

It was nice to see Claranet featured for the second year running in the keynote speech though!

I will leave it to others this year to summarise the announcements, but the coolest new product which peaked my interest was vSphere Integrated Containers.

VIC is more than simply the ability to see containers running inside of a VM. In actual fact it allows you spin up containers within forked VM clones on a one to one basis, where the additional RAM and storage are copy-on-write. All this in about the same time it would normally take you to launch a standard container natively. As the VM is then subject to the usual features and benefits of a standard VM, you have the ability to control it’s access, security and performance at a very granular level.

To the developer this still uses the standard docker interface, but the infrastructure admin can manage things through vCenter as they always have done. Of course this means you are also subject to the usual limits on vSphere (for example up to 10k objects per vCenter), so this is not hyper scale, but lets be honest, how many of us are actually doing that? VMware also have a solution for this scale, Photon platform, but I’ll save that for another day.

I had a quick trip to the VMware Video Game Container System later in the day where I had the opportunity to spend 20 minutes chatting with one of the VMware CNA Product Managers about some of their roadmap developments, and suffice to say the future looks very impressive! They also demo’d the ability to containerise virtually any operating system; they were actually running MS-DOS containers and Prince of Persia inside of them! If you want to learn a bit more about CNA, check out the intro blog on the VMware website:

https://blogs.vmware.com/vsphere/2015/10/vsphere-integrated-containers-technology-walkthrough.html

Later in the morning, I was kindly invited to a vExpert vRA.next Workshop in the HoL where we were lead through the latest features and improvements in vRealize Automation. There certainly seemed to be something for everyone, significant improvements in the speed and method to deploy which made a lot of people very happy, as well as a rationalisation of the server roles. The only thing which was a slight downer for me was the fact that true multi tenancy is not quite there yet in the product.

After a quick bite to eat, including some English Bread Triangles, I managed to get a bit of time wandering round the fringes of the Solution Exchange. Hiding at the back of the hall I came across a really interesting new security startup who only recently came out of stealth and went GA just this week, called GuardiCore. Amongst many other nifty features, their software can monitor for any blocked / dropped packets from potential attackers, and immediately redirect the potentially malicious session to a honey pot machine, logging all further communications with and actions of the attacker.

GuardiCore leverage NSX in a big way, avoiding the need for agents within the guest OS, but can also work with vanilla vSphere if that’s your (more likely just now) platform. Their demo was excellent and I will definitely be keeping an eye on them in future. If you happen to be passing booth E149 I recommend you stop by for a chat, it will definitely be a good use of your time!

The afternoon was spent mostly in sessions, including the highly popular VAPP5129 – Database Virtualization: Doing IT Right with vSphere 6, presented by Michael Corey and Don Sullivan. This is a must see session if you manage DB infrastructure in any way, so check it out when it hopefully comes out on youtube or VMworld.com. Do prepare yourself to replay it several times over to capture all of the content as attending it was like being hit with a recommendation gatling gun, but the accompanying slide deck should be basic training for all new VMware admins in the field! Michael also provided the quote of the day for today:

Right sizing is everything.

 

VMworld Europe 2015 Day One Roundup – Partner Day

Well it has to be said that day one went off with a bang this year indeed (not least due to all the buzz about the Dell / EMC acquisition)!

Having arrived late on Sunday night, we still made it into the Fira Gran Via for 8.30am on Monday morning to register, have a wander round and hit the Hands on Labs before they started to get busy. I immediately got stuck into HOL-SDC-1630 Cloud-Native Apps: Bringing Microservices and Containers to the Software-Defined Data Centre. As the buzz on the street at this years event is all about Cloud Native Apps, I suspect this one will feature in the top 10 labs by the end of the week! For those people not attending VMworld, you should be able to get access to it soon after the event at http://labs.hol.vmware.com.

First lab out of the way, I headed along to Hall 8 for some of the partner event sessions. Obviously I can’t go into masses of detail but suffice to say that the first session was delivered by the inimitable orator, Joe Baguely on the subject of CNA. For me, he really brought things in to focus as he explained that his teenage daughter was already onto her 3rd bank, with the most recent being chosen based on the quality of the mobile banking app provided with her account. This really brings home the idea that many of the older companies around today need to start innovating, soon, or risk becoming irrelevant to the next generation!

After a pretty decent bit of lunch Chris Crafford talked us through some considerations and approaches for transforming legacy apps into something which looks a bit more cloudy / microservice-y. The key takeaway from this session for me was not to try to boil the ocean and redevelop your entire legacy application in one go unless you absolutely have to. Rather think about adding new features driven by business requirements and targeting existing performance bottlenecks using microservices instead, That way you can start to see more immediate benefits to your applications without running the risk of a massive redevelopment falling flat on its face!

My last session of the day was from Andy Kennedy, on the subject of “Factors to Consider as Part of a Holistic Security Architecture”. In summary this session gave some great insight into some of the challenges currently face in traditional security designs, and how NSX can help to solve them, with a liberal sprinkling of candour as to where NSX may not meet every requirement, and in those situations how to augment solutions with third party products. A refreshing view indeed! We also got a little insight into some of the announcements coming this week on the NSX front – interesting times indeed!

Finally I spent the evening catching up with new and old faces alike, at the VMware vExpert event at the Elephant bar & restaurant. The atmosphere was excellent, with many great conversations to be had. One of the most interesting to me was with CEO and co-founder of RuneCast, VCDX 74, and all round nice chap, Stanimir Markov. His company has come up with an idea which seems so incredibly simple I don’t know why nobody thought of it first, but these guys did and with any luck they will be very successful indeed!

Put simply, my understanding is that they monitor all of the latest KB articles from VMware, then via the use of their analyser appliance, they scan your environment configuration and logs to check whether you are potentially impacted by any emerging issues, faults or threats. This allows you to then mitigate them before they occur. What a great idea! If you want to find out more about them, I believe they have a booth at the Solutions Exchange, or you can check them out at https://www.runecast.biz. Well worth a conversation indeed, I’d say!

Anyway it’s getting late, so I’ll simply sign off with my favourite quote of the day today, curtesy of Mr Kennedy, which frankly sums up the optimum approach to IT Architecture IMHO:

A simple solution deployed well is far more effective than a complex solution deployed badly.

Docker Part 2 – HOWTO Remove / Delete Docker Containers

Docker Logo

So you have been messing with docker for a few minutes or hours, and now you have a bunch of either running or stopped containers you no longer need. How do you get rid of them?

Removing Single Containers

To remove a single docker container, you simply start by listing all of the docker containers (started or stopped) to ensure you know which one to delete:

$ sudo docker ps –a


Then remove the chosen container:

$ sudo docker rm <container name>


If the container is currently running you can simply add –f to stop and remove the container in a single command:

$ docker rm -f <container name>


Unless it’s paused, then you will get an error something like the following:

Error response from daemon: Could not kill running container, cannot remove - Container e4f28eccb0cbcfbf4d78104bfe3e84039f62c5073f7301f8a39bb77a9598ae72 is paused. Unpause the container before stopping


This is easy to resolve. The “docker pause” command was added as of Docker 1.0, allowing for better resource utilisation if you have containers you don’t currently need to be wasting CPU cycles. As of Docker 1.1, running containers are also paused during commit activities, to ensure a consistent file system. Simply check the ID of the VM (with a ps command), unpause it, then remove:

sudo docker ps
sudo docker unpause <container id>
sudo docker rm -f <container id>

 

Removing Multiple Containers

Sometimes we have built up a number of containers and we just want to scrub the lot in one go. If you want to remove all containers (running or not), first you need to generate a list of all of the container IDs, then you pass that list to the docker rm command as follows:

sudo docker rm -f $(sudo docker ps -aq)


Alternatively if you wish to remove only the non-running containers:

sudo docker rm $(sudo docker ps -q)

 

That’ll do for now, but in the next post I will go into how to install your first app…

Docker Part 3 – HOWTO Create a Simple Python Web App in Docker

Docker Part 1 – Introduction and HOWTO Install Docker on Ubuntu 14.04 LTS

Docker Logo

So my background is in VMware virtualisation, but I hear the buzz these days is that I may as well forget everything I know, and that it’s all about containers! 🙂

Joking aside, containers definitely compliment virtualisation, giving you more portability, granular control, and the flexibility to spin up new application instances in milliseconds. For an excellent introduction to docker and containers I recommend you check out Greg Ferro’s post here.  I decided it was about time I had a bit of a play with Docker, and at the same time I thought I may as well document my process and some of the basics for any others in the same position. I will try to keep each post as short as possible, breaking things down into manageable chunks (whilst avoiding the dreaded TLDR!).

Most of my recent Linux experience is with Ubuntu, which works out quite well as apparently this is the preferred distro for a very large proportion of Docker users and images. CoreOS is a very interesting proposition too, but one step at a time…

All of the examples in this post and series are based on:

  • Ubuntu 14.04.1 LTS
  • Docker 1.2.0

I find it very interesting to note the rate at which the docker development team are providing new releases.

  • Docker 1.2.0     22 Aug 2014
  • Docker 1.1.0     03 Jul 2014
  • Docker 1.0       09 Jun 2014
  • Docker 0.9       10 Mar 2014
  • Docker 0.8       04 Feb 2014
  • Docker 0.7       26 Nov 2013
  • Docker 0.6       23 Aug 2013

Not only are they very often, but that appear to be accelerating, with a new point release every month for the last three! This is great as it means more features, bug fixes etc, but it also means that anything you develop and test today may already be out of date by the time you come to deploy it to production next month! Docker’s official line on long term support can be found here, but from the look of it you will never be allowed to fall more than 12 months behind. This suggests that the aggressive release schedule to date is likely a pattern that will continue for the foreseeable:
https://www.docker.com/enterprise/support/

Before you follow any of the steps below, I also highly recommend you check out the link below for your first taste of using the Docker CLI:
https://www.docker.com/tryit

If like me, you like to look up a decent book on a subject to help you get your head around it, I also suggest checking out one of the first publications on the subject (I’m reading it at the moment and will try to get a review done once finished):
The Docker Book: Containerization is the new virtualization

So as for the install, it really is incredibly simple. Personally I like to always create my Ubuntu Server VMs as “Minimal” installs. This is simply done by hitting F4 during base OS install. I’ll assume you can do the basic config of your Ubuntu VM by configuring a static IP address, hostname, DNS, installing VMware tools, completing the latest system updates, etc.

The install process is also detailed here:
https://docs.docker.com/installation/ubuntulinux/

To ensure you have your repositories fully up to date:

sudo apt-get update


One you have docker installed log into the console and run the following to install docker and its dependencies:

sudo apt-get install docker.io
sudo ln -sf /usr/bin/docker.io /usr/local/bin/docker
sudo sed -i '$acomplete -F _docker docker' /etc/bash_completion.d/docker.io


I would prefer using the latest version of docker, which means some extra commands:

sudo apt-get install apt-transport-https
sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 36A1D7869245C8950F966E92D8576A8BA88D21E9
sudo sh -c "echo deb https://get.docker.io/ubuntu docker main\ > /etc/apt/sources.list.d/docker.list"
sudo apt-get update
sudo apt-get install lxc-docker


As per my previous post you also need to do:

sudo apt-get install apparmor


Check your upgrade has worked by confirming the current version:

sudo docker version


Then you can test the install by creating your first container:

sudo docker run -i -t ubuntu /bin/bash


That’s it!

In the next post I will describe the ways to remove all of the containers you will inevitably create now that you can see the awesome power of Docker! 🙂

Docker Part 2 – HOWTO Remove / Delete Docker Containers

%d bloggers like this: