Rancher Blog

Beyond Kubernetes Container Orchestration

March 23, 2017

If you’re going to successfully deploy containers in production, you need more than just container orchestration

Kubernetes is a valuable tool

Kubernetes is an open-source container orchestrator for deploying and managing containerized applications. Building on 15 years of experience running production workloads at Google, it provides the advantages inherent to containers, while enabling DevOps teams to build container-ready environments which are customized to their needs.

The Kubernetes architecture is comprised of loosely coupled components combined with a rich set of APIs, making Kubernetes well-suited for running highly distributed application architectures, including  microservices, monolithic web applications and batch applications.  In production, these applications typically span multiple containers across multiple server hosts, which are networked together to form a cluster.

Kubernetes provides the orchestration and management capabilities required to deploy containers for distributed application workloads. It enables users to build multi-container application services and schedule the containers across a cluster, as well as manage the health of the containers.  Because these operational tasks are automated, DevOps team can now do many of the same things that other application platforms enable them to do, but using containers.

But configuring and deploying Kubernetes can be hard

It’s commonly believed that Kubernetes is the key to successfully operationalizing containers at scale.  This may be true if you are running a single Kubernetes cluster in the cloud or have reasonably homogenous infrastructure. However, many organizations have a diverse application portfolio and user requirements, and therefore have more expansive and diverse needs. Read more


Rancher Labs and NeuVector Partner to Deliver Management and Security for Containers

March 21, 2017

DevOps can now efficiently and securely deploy containers for enterprise applications

As more enterprises move to a container-based application deployment model, DevOps teams are discovering the need for management and orchestration tools to automate container deployments. At the same time, production deployments of containers for business critical applications require specialized container-intelligent security tools.

To address this, Rancher Labs and NeuVector today announced that they have partnered to make container security as easy to deploy as application containers. You can now easily deploy the NeuVector container network security solution with the Rancher container management platform. The first and only container network security solution in the Rancher application catalog, the addition of NeuVector provides simple deployment of the NeuVector containers into an enterprise container environment. Read more


AWS and Rancher: Building a Resilient Stack

March 16, 2017

In my prior posts, I’ve written about how to ensure a highly resilient workloads using Docker, Rancher, and various open source tools. For this post, I will build on this prior knowledge, and to setup an AWS infrastructure for Rancher with some commonly used tools. If you check out the repository here, you should be able to follow along and setup the same infrastructure.

The final output of our AWS infrastructure will look like the following picture:
cloudcraft

In case you missed the prior posts, they’re available on the Rancher blog and cover some reliability talking points. Lets use those learning and create a running stack.
Read more


DevOps and Containers, On-Prem or in the Cloud

March 14, 2017

The cloud vs. on-premises debate is an old one. It goes back to the days when the cloud was new and people were trying to decide whether to keep workloads in on-premises datacenters or migrate to cloud hosts.

But the Docker revolution has introduced a new dimension to the debate. As more and more organizations adopt containers, they are now asking themselves whether the best place to host containers is on-premises or in the cloud.

As you might imagine, there’s no single answer that fits everyone. In this post, we’ll consider the pros and cons of both cloud and on-premises container deployment and consider which factors can make one option or the other the right choice for your organization. Read more


Securing a Containerized Instance of MongoDB

March 9, 2017

Securing MongoDBMongoDB, the popular open source NoSQL database, has been in the news a lot recently—and not for reasons that are good for MongoDB admins. Early this year, reports began appearing of MongoDB databases being “taken hostage” by attackers who delete all of the data stored inside the databases, then demand ransoms to restore it.

Security is always important, no matter which type of database you’re using. But the recent spate of MongoDB attacks makes it especially crucial to secure any MongoDB databases that you may use as part of your container stack.

This article explains what you need to know to keep MongoDB secure when it is running as a container. We’ll go over how to close the vulnerability behind the recent ransomware attacks using a MongoDB container while the container is running—as well as how to modify a MongoDB Dockerfile to change the default behavior permanently. Read more