1 Aug 2016 in Docker, Mac

Docker for Mac

Developers love Docker. You can see this from the amount of attention Docker has got the last couple of years. But, one of the biggest issues developers faced was the non-availability of Docker on platforms other than Linux.

There were options like Boot2Docker (which we previously covered) that made working with Docker possible on a non-Linux machine, but the experience was sub-optimal.

Now with the general availability of Docker for Mac and Windows, developers no longer need to have a Linux box to experience Docker in it's full glory.

Docker for Mac is a native Mac application, built from scratch. With a native user interface and auto-update capability, it is deeply integrated with OS X native virtualization, Hypervisor Framework, networking, and file system. This makes Docker for Mac faster and more reliable than previous ways of getting Docker on a Mac.

In this post, we'll take a look at Docker for Mac and see how to get up and running with the stable release.

For some intros to Docker, check part one and part two of our Docker overview. You can also check this post on how to create and share your first Docker image.

Read More
27 Jul 2016 in Kubernetes, scheduler, Elixir

Scheduling Your Kubernetes Pods With Elixir

Kelsey Hightower gave a really interesting talk at ContainerSched about how to create your own scheduler using the Kubernetes HTTP API.

The talk was awesome. It's incredible to see what kind of things you can do with a base system as good as Kubernetes.

However, I missed one thing. The example provided by Kelsey was a Go application. Which is the main language used with Kubernetes. So, if you look at that code without any context, you might think it's using some kind of Kubernetes internal packages. But it's not! It's a standalone piece of code that happens to make some HTTP calls.

To illustrate this point, I decided to write my own scheduler, in a different language. In my case, Elixir, because that's the language I happen to be learning at the moment.

This post isn't an intro to Elixir, but the code should be easy to follow.

Also, I'm going to use localhost when accessing the Kubernetes API. Why? For simplicity. If we run kubectl proxy on a computer connected to the Kubernetes master, we will not need to deal with authorization, hosts, and so on. The proxy command will do it for us.

So, let's dive in.

Read More
25 Jul 2016 in Workflow, Release, Announcement

Deis Workflow 2.2 Release

It may be the hottest July on record but we've got some new cool stuff in the latest release of Deis Workflow. Sit back, grab a cold drink, and check out the latest Workflow release.

Read More
22 Jul 2016 in Docker, storage, file system, drivers, volumes

Docker Storage: An Introduction

There are lots of places inside Docker (both at the engine level and container level) that use or work with storage.

In this post, I'll take a broad look at a few of them, including: image storage, the copy-on-write mechanism, union file systems, storage drivers, and volumes.

You'll need Docker installed locally on your machine if you want to try out some of the commands in this post. Check out the official docs for how to install Docker on Linux, or our previous post showing how to install Docker on a non-Linux machine.

Let's dive in.

Read More
15 Jul 2016 in Docker, Tutorial

Deploying a Simple and Secure Docker Registry

There comes a time in everybody's life where they realize they have to run their own Docker Registry. Unfortunately there's not a lot of good information on how to run one. Docker's documentation is pretty good, but is verbose and spread across a lot of different pages. This means having half a dozen tabs open and searching for the right information.

It's common to run the Docker Registry with little to no security settings, and fronting it with NGINX or Apache to provide this security. But there is another way.

In this post, I will show how to run the Docker Registry securely by itself with both TLS certificate backed encryption and certificate based endpoint authorization.

If you need to do advanced stuff like authenticate against LDAP, you'll still want to go down the reverse proxy road.

For simplicity, I will will assume a single registry running on the local filesystem and will avoid using OS specific init systems by focusing just on the docker commands themselves. This should work on any system capable of running Docker.

Read More