I’m super excited to unveil Project Longhorn, a new way to build distributed block storage for cloud- and container-based deployments. Following the principles of microservices, we have leveraged containers to build distributed block storage out of small independent components, and use container orchestration to coordinate these components to form a resilient distributed system.
To keep up with the growing scale of cloud- and container-based deployments, distributed block storage systems are becoming increasingly sophisticated. The number of volumes a storage controller serves continues to increase. While storage controllers in the early 2000s served no more than a few dozen volumes, modern cloud environments require tens of thousands to millions of distributed block storage volumes. Storage controllers have therefore become highly complex distributed systems. Read more
As a relatively new technology, Docker containers may seem like a risk when it comes to security — and it’s true that, in some ways, Docker creates new security challenges. But if implemented in a secure way, containers can actually help to make your entire environment more secure overall than it would be if you stuck with legacy infrastructure technologies.
This article builds on existing container security resources, like Security for your Container, to explain how a secured containerized environment can harden your entire infrastructure against attack.
Some Background on Container Security
When you’re thinking about containers and security, it’s always good to have some history on why containers work the way they do and what that means for security. Aqua Security, one of the firms that specializes in container security, offers A Brief History of Containers to provide some context.
As is visible in the evolution from chroot to Docker and the Open Container Initiative, it is obvious that isolation between services coexisting on shared servers was always the leading goal—not necessarily well thought-out, hardened security practices. Isolation is a good counter-measure, but, as shown in this Security for your Container article, there are a lot more things that can and should be done.
Here are three examples of easy first steps that can be taken use containers to make your environment more secure: Read more
Modern microservices applications span multiple containers, and sometimes a single app may use thousands of containers. When operating at this scale, you need a container orchestration tool to manage all of those containers. Managing them by hand is simply not feasible.
This is where Kubernetes comes in. Kubernetes manages Docker containers that are used to package applications at scale. Since its launch in 2014, Kubernetes has enjoyed widespread adoption within the container ecosystem. It is fast becoming the de facto tool for orchestrating containers at scale.
What are the reasons for the meteoric rise of Kubernetes, and what are the factors that will shape its future? Let’s take a look by examining the major milestones in Kubernetes’ history. Read more
This article is essentially a guide to getting started with Docker for people who, like me, have a strong IT background but feel a little behind the curve when it comes to containers. We live in an age where new and wondrous technologies are being introduced into the market regularly. If you’re an IT professional, part of your job is to identify which technologies are going to make it into the toolbox for the average developer, and which will be relegated to the annals of history.
Docker is one of those technologies that sounded interesting when it first debuted in 2013, but was easy to ignore because at the time it was not clear whether Docker would ever graduate beyond something that developers liked to play with in their spare time. Personally, I didn’t pay close attention to Docker containers in Docker’s early days. They got lost amid all the other noise in the IT world.
That’s why, in 2016, as Docker continued to rise in prominence, I realized that I’d missed the container boat. Docker was becoming a must-know technology, and I was behind the curve.
If you’re reading this, you may well be in a similar position. But there’s good news: Read more
2017 Predictions: Rapid Adoption and Innovation to Come
Rapid adoption of container orchestration frameworks
As more companies use containers in production, adoption of orchestration frameworks like Kubernetes, Mesos, Cattle and Docker Swarm will increase as well. These projects have evolved quickly in terms of stability, community and partner ecosystem, and will act as necessary and enabling technologies for enterprises using containers more widely in production. Read more
Registries are one of the key components that make working with containers, primarily Docker, so appealing to the masses. A registry hosts images that are downloaded and run on hosts in a container engine. A container is simply a running instance of a specific image. Think of an image as a ready-to-go package, like an MSI on Microsoft Windows or an RPM on Red Hat Enterprise Linux. I won’t go into the details of how registries work here, but if you want to learn more, this article is a great read.
Instead, what I’d like to do in this post is highlight some of the container registries that currently remain under the radar. While the big-name registries are already familiar to most people who work with Docker, there are smaller registries worth considering, too, when you are deciding where to host your images.
Keep reading for a discussion of these lesser-known container registries.