Kubernetes News, Entwicklungen, Updates, HowTos - Seite 140 von 177

The DockerCon Agenda builder is live! So grab a seat and a cup of coffee and take a look at the session lineup coming to San Francisco April 29th – May 2nd. This year’s DockerCon delivers the latest updates from the Docker product team, lots of how to sessions for developers and IT Infrastructure and Ops, and customer use cases. Search talks by tracks to build your agenda today.

Build Your Agenda
Use the agenda builder to select the sessions that work for you:

Using Docker for Developers: How to talks for Developers, from beginner to intermediate. You’ll get practical advice on how implement Docker into your current deployment.
Using Docker for IT Infrastructure and Ops: Practical sessions for IT teams and enterprise architects looking for how best to design and architect your Docker container platform environment.
Docker Tech Talks: Delivered by the Docker team, these talks share the latest tech on the Docker Platform. You’ll learn about new features, product roadmap and more.
Customer Case Studies: Looking to learn from companies who have been there and learned a few things along the way? In this track, industry leaders share how Docker transformed their organization – from business use cases,technical architecture, and organizational changes.
Black Belt: Deeply technical sessions on topics like application architecture, containers and related technologies.
Open Source: Innovative talks from the container and distributed systems open source ecosystem .
Transform: Inspiration sessions on the impact of change and digital transformation.

Don’t forget to register so you can start building out your agenda today. Once registered, login here to start adding session to your agenda.
Which breakout sessions will you be adding to your agenda this year?

#DockerCon has something for everyone! Check out our breakout sessions and build your agenda today! dockr.ly/2ELPuIa Click To Tweet

For more information:

Track descriptions
Breakout session catalog
Speakers

The post Build your Agenda for DockerCon 2019 appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

15. März 2019

da Agency

Happy Pi Day with Docker and Raspberry Pi

What better way to say “Happy Pi Day” than by installing Docker Engine – Community (CE) 18.09 on Raspberry Pi. This article will walk you through the process of installing Docker Engine 18.09 on a Raspberry Pi. There are many articles out there that show this process, but many failed due to older Engine versions and some syntax issues.
Special thanks to Docker Solutions Engineer, Stefan Scherer and his monitoring image (stefanscherer/monitor) along with the whoami image (stefanscherer/whoami) that allows Pimoroni Blinkt! LED’s to turn on/off when scaling an application within a Swarm Cluster.
Instructions
For this demo, I used 7 Raspberry Pi’s 3 (model B+) and 1 Pimoroni Blinkt! LED for each Pi.
1. Download the following Raspian image ‘2018-11-13-raspbian-stretch-full.img’ from https://www.raspberrypi.org/downloads/raspbian/
2. Use balenaEtcher to write the image to each of your microusb cards.
3. To make DNS hostname resolution a little easier, I setup local hostnames on each Pi device. Below is an example.
192.168.93.231 pi-mgr1 pi-mgr1.docker.cafe
192.168.93.232 pi-mgr2 pi-mgr2.docker.cafe
192.168.93.233 pi-mgr3 pi-mgr3.docker.cafe
192.168.93.241 pi-node1 pi-node1.docker.cafe
192.168.93.242 pi-node2 pi-node2.docker.cafe
192.168.93.243 pi-node3 pi-node3.docker.cafe
192.168.93.244 pi-node4 pi-node4.docker.cafe
4. On each of your Pi’s, install the following:
a. Install the following prerequisites.
sudo apt-get install apt-transport-https ca-certificates software-properties-common -y
b. Download and install Docker.
curl -fsSL get.docker.com -o get-docker.sh && sh get-docker.sh
c. Give the ‘pi’ user the ability to run Docker.
sudo usermod -aG docker pi
d. Import Docker CPG key.
sudo curl https://download.docker.com/linux/raspbian/gpg
e. Setup the Docker Repo.
vim /etc/apt/sources.list
Add the following line and save:
deb https://download.docker.com/linux/raspbian/ stretch stable
f. Patch and update your Pi.
sudo apt-get update
sudo apt-get upgrade
g. Start the Docker service.
systemctl start docker.service
h. To verify that Docker is installed and running.
docker info
i. You should now some information in regards to versioning, runtime,etc.
5. Now that Docker has been installed on all of your Pi’s, we can now setup Docker Swarm.
6. On one of your Pi devices that will be a master node, type the following:
docker swarm init
7. Once Docker initiates the swarm setup, you will be presented with a command to add additional worker nodes. Below is an example.
docker swarm join –token SWMTKN-1-<token-key> 192.168.93.231:2377
a. on each worker node paste the text in step 7
8. To add additional manager nodes, the token and string will be different than the worker string. In order to discover the correct string to add manager nodes, do the following command on an existing working manager node.
docker swarm join-token manager
a. copy and paste the output to each of your manager nodes
9. If you want to add additional worker nodes and don’t have the correct syntax, just type the following on any of the working manager nodes to retrieve it.
docker swarm join-token worker
10. To have a graphical representation of your current cluster, we will install the VIZ application. For more information, go to https://github.com/dockersamples/docker-swarm-visualizer. To install, type the following:
docker swarm join-token worker
–name=viz
–publish=9090:8080/tcp
–constraint=node.role==manager
–mount=type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock
alexellis2/visualizer-arm:latest
11. Using a browser, connect to one of your master services on port 9090. You should now see the Visualizer showing your worker and manager nodes.
12. Now we will install the monitor app that will be deployed on both the manager and worker nodes. Type the following on the one of the manager nodes.
docker service create –name monitor –mode global
–restart-condition any –mount type=bind,src=/sys,dst=/sys
–mount type=bind,src=/var/run/docker.sock,dst=/var/run/docker.sock
stefanscherer/monitor:1.2.0
13. Once the monitor app is install, we will now install the ‘whoami’ app. The ‘whoami’ app is a small application that will trigger the LED’s on/off by scaling the application up and down. For each running instance, you will get one LED turned on. As we scale the application up to 5, you will have 5 LEDs turn on. As you scale up and down the number of LEDs that turn on will depend on how many containers you have running in your cluster. To install the application, type the following.
docker service create –name whoami stefanscherer/whoami:1.1.0
14. Once deployed, you should have 1 LED turned on.
15. Now lets scale the application to 5. Type the following.
docker service scale whoami=5
16. You should now have 5 LEDs on. Please that this will take some time as the Pi devices are not very fast and require some time to properly deploy and bring up.
And there you go! We hope you have fun and enjoy some Pi(e) today! If you have feedback or suggestions on how to improve, please reach out to me on Twitter: @paulofrazao or on Github: paulofrazao.

Happy #PiDay! Celebrate by installing #Docker Engine – Community (CE) 18.09 on Raspberry Pi.Click To Tweet

To learn more:

Learn more about Docker Engine
Register for DockerCon

The post Happy Pi Day with Docker and Raspberry Pi appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

1. März 2019

da Agency

containerd Graduates Within the CNCF

We are happy to announce that as of today, containerd, an industry-standard runtime for building container solutions, graduates within the CNCF. The successful graduation demonstrates containerd has achieved the maturity, stability and community acceptance required for broad ecosystem adoption. containerd has already been deployed in tens of millions of production systems today, making it the most widely adopted runtime and an essential upstream component of the Docker platform. containerd was donated to the CNCF as a top-level project because of its strong alignment with Kubernetes, gRPC and Prometheus and is the fifth project to make it to this tier. Built to address the needs of modern container platforms like Docker Enterprise and orchestration systems like Kubernetes, containerd ensures users have a consistent dev to ops experience.
From Docker’s initial announcement that it was spinning out its core runtime to its donation to the CNCF in March 2017, the containerd project has experienced significant growth and progress over the last two years. The primary goal of Docker’s donation was to foster further innovation in the container ecosystem by providing a core container runtime that could be leveraged by container system vendors and orchestration projects such as Kubernetes, Swarm, etc. An important design principle for containerd was to have first-class support for Kubernetes without being exclusively tethered to it, opening the door for many use cases for containers such as developer desktop, CI/CD, single node deployments, edge and IoT.
For Docker, containerd is the runtime component of Docker Engine, which makes it available to mainstream developers without having to change their workflow; whether they use it from a laptop in Docker Desktop, a production Kubernetes cluster in Docker Enterprise, a mainframe where traditional applications are modernized with containers, or edge IoT devices for IoT scenarios. Regardless of which system they are using, developers and operators benefit from the application workflow portability that Docker Engine provides, enabling them to build and run containers using the same trusted codebase everywhere.
Community Contribution
Within both the Docker and Kubernetes communities, there has been a significant increase in contributions from independents and CNCF member companies including Docker, Google, Alibaba, NTT, IBM, Microsoft, AWS and ZTE. containerd’s focus on clean design and quality has attracted new contributions while the CNCF has provided a neutral home to instill confidence that contributions are accepted based on merit. The project has welcomed four new maintainers and eight reviewers since joining CNCF, allowing the project to scale as contributions have increased without compromising on quality or review time.
Evolution of containerd
The contributors and maintainers have been working to add key functionality to containerd since the initial donation, which provided users a seamless container experience including transferring container images, container execution and supervision. containerd 1.0 was released less than a year later providing users with a supported low level API along with cross-platform support, reliable resource management and an easy-to-use client interface. This was followed by containerd 1.1 which brought support for Kubernetes’ CRI built into containerd. As the user base expanded and the community grew, demand for a wider range of runtimes led to containerd stabilizing the low level runtime API in containerd 1.2, enabling support for VM runtimes like Kata, Firecracker, and Hyper-V. The upcoming 1.3 release will bring a supported Windows runtime.
Looking into the future, we anticipate even wider adoption as the core container runtime for any architecture and infrastructure. Follow the project and get involved.

Today @containerd, the industry-leading container runtime and core component of @Docker Engine, graduates from the @CloudNativeFdnClick To Tweet

For More Information:

Contribute to the containerd project
Learn more about containerd
For more information about Docker Engine

The post containerd Graduates Within the CNCF appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

26. Februar 2019

da Agency

Docker’s 6th Birthday: How do you #Docker?

Docker is turning 6 years old! Over the years, Docker Community members have found some amazing and innovative ways of using Docker technology and we’ve been blown away by all the use-cases we’ve seen from the community at DockerCon. From Docker for Space where NASA used Docker technology to build software to deflect asteroids to using “gloo” to glue together traditional apps, microservices and serverless, you all continue to amaze us year over year.
So this year, we want to celebrate you! From March 18th to the 31st, Docker User Groups all over the world will be hosting local birthday show-and-tell celebrations. Participants will each have 10-15 minutes of stage time to present how they’ve been using Docker. Think of these as lightning talks – your show-and-tell doesn’t need to be polished and it can absolutely be a fun hack and/or personal project. Everyone who presents their work will get a Docker Birthday #6 t-shirt and have the opportunity to submit their Docker Birthday Show-and-tell to present at DockerCon.
Are you new to Docker? Not sure you’d like to present? No worries! Join in the fun and come along to listen, learn, add to your sticker collection and eat cake. Everyone is welcome!

Find a Birthday meetup near you!
There are already Docker Birthday #6 celebrations scheduled around the world with more on the way! Check back as more events are announced.

Don’t see an event in your city?

Contact your local Community Leaders via their user group page and see if you can help them organize a celebration!

Want to sponsor a birthday event?

Contact the local Community Leaders via their user group page

#Docker is turning 6! Check out this blog post to find a #DockerBday Show-and-tell celebration near you.Click To Tweet

Can’t attend but still want to be involved and learn more about Docker?

Follow the fun on social media via #Dockerbday
Register for DockerCon SF.
Subscribe to the Docker Weekly newsletter
Join your local user group to be notified of future events

The post Docker’s 6th Birthday: How do you #Docker? appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

21. Februar 2019

da Agency

Docker Desktop Enterprise Preview: Version Packs

This is the first in a series of articles we are publishing to provide more details on Docker Desktop Enterprise, which we announced at DockerCon Barcelona. Keep up with the latest Docker Desktop Enterprise news and release updates by signing up for the Docker Desktop Enterprise announcement list.

Docker’s engineers have been hard at work completing features and getting everything in ship-shape (pun intended) following our announcement of Docker Desktop Enterprise, a new desktop product that is the easiest, fastest and most secure way to develop production-ready containerized applications and the easiest way for developers to get Kubernetes running on their own machine.
In the first post of this series I want to highlight how we are working to bridge the gap between development and production with Docker Desktop Enterprise using our new Version Packs feature. Version Packs let you easily swap your Docker Engine and Kubernetes orchestrator versions to match the versions running in production on your Docker Enterprise clusters. For example, imagine you have a production environment running Docker Enterprise 2.0. As a developer, in order to make sure you don’t use any APIs or incompatible features that will break when you push an application to production you would like to be certain your working environment exactly matches what’s running in Docker Enterprise production systems. With Docker Desktop Enterprise you can easily do that through the use of Version Packs. Later, when the platform operators decide to upgrade production systems to Docker Enterprise 2.1, all that needs to be done in Docker Desktop Enterprise is to add the Enterprise 2.1 version pack and easy as that, you’re in sync. If you have different environments, you can even switch back forth, all with a single click.

We’re building Docker Desktop Enterprise as a cohesive extension of the Docker Enterprise container platform that runs right on developers’ systems. Developers code and test locally using the same tools they use today and Docker Desktop Enterprise helps to quickly iterate and then produce a containerized service that is ready for their production Docker Enterprise clusters.

In future previews, we’ll share more details on how Docker Desktop Enterprise capabilities can be centrally administered and controlled; using the Application Designer to create an application with zero Docker CLI commands; and how to ensure developers start building with safe, approved templates. Sign up for the Docker Desktop Enterprise announcement list or keep watching this blog for more in the coming weeks.

#Docker Desktop Enterprise preview: Version PacksClick To Tweet

To learn more:

Sign up for Docker Desktop Enterprise announcements
Check out the Docker Desktop Enterprise demonstration from DockerCon Barcelona
Get started with the free Docker Desktop Community and run some containers [ Windows | macOS ]

The post Docker Desktop Enterprise Preview: Version Packs appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

13. Februar 2019

da Agency

Docker Security Update: CVE-2018-5736 and Container Security Best Practices

On Monday, February 11, Docker released an update to fix a privilege escalation vulnerability (CVE-2019-5736) in runC, the Open Container Initiative (OCI) runtime specification used in Docker Engine and containerd. This vulnerability makes it possible for a malicious actor that has created a specially-crafted container image to gain administrative privileges on the host. Docker engineering worked with runC maintainers on the OCI to issue a patch for this vulnerability.
Docker recommends immediately applying the update to avoid any potential security threats. For Docker Engine-Community, this means updating to 18.09.2 or 18.06.2. For Docker Engine- Enterprise, this means updating to 18.09.2, 18.03.1-ee-6, or 17.06.2-ee-19. Read the release notes before applying the update due to specific instructions for Ubuntu and RHEL operating systems.
Summary of the Docker Engine versions that address the vulnerability:

Docker Engine Community

Docker Engine Enterprise

18.09.2

18.06.2

18.03.1-ee-6

17.06.2-ee-19

To better protect the container images run by Docker Engine, here are some additional recommendations and best practices:
Use Docker Official Images
Official Images are a curated set of Docker repositories hosted on Docker Hub that are designed to:

Provide essential base OS repositories (for example, ubuntu, centos) that serve as the starting point for the majority of users.
Provide drop-in solutions for popular programming language runtimes, data stores and other services.
Exemplify Dockerfile best practices and provide clear documentation to serve as a reference for other Dockerfile authors. Specific to this vulnerability, running containers as a non-privileged user, as outlined in the section on USER practices within the Dockerfile can mitigate this issue.
Ensure that security updates are applied in a timely manner. Security updates should be applied immediately and as a result, users should rebuild and publish their images. This is particularly important as many Official Images are some of the most popular on Docker Hub.

Docker sponsors a dedicated team that is responsible for reviewing and publishing all content in the Official Images. This team works in collaboration with upstream software maintainers, security experts, and the broader Docker community to ensure the security of these images.
Use Docker Certified Containers
The Docker Enterprise container platform enables you to ensure the integrity of your images. Security is not a static, one-time activity but a continuous process that follows the application across the different stages of the application pipeline. To prevent systems from being compromised, Docker Enterprise provides integrated security across the supply chain. Docker Enterprise users that follow security best practices and run trusted code based on Docker Certified images can be assured that their software images:

Have been tested and are supported on the Docker Enterprise container platform by verified publishers
Adhere to Docker’s container best practices for building dockerfiles/images
Pass a functional API test suite
Complete a vulnerability scanning assessment

Docker Certification gives users and enterprises a trusted way to run more technology in containers with support from both Docker and the publisher. Customers can quickly identify the certified content with visible badges and be confident that they were built with best practices, tested to operate smoothly on Docker Enterprise.
Leverage Docker Enterprise Features for Additional Protection
Docker Enterprise provides additional layers of protection across the software supply chain through content validation and runtime application security. This includes role-based access control (RBAC) for flexible and granular access privileges across multiple teams to determine who in the organization can run a container. Administrators can also set a policy restricting the ability for any user to run a privileged container on a cluster.
Additionally, Docker Content Trust enables cryptographic digital signing to confirm container image provenance and authenticity – in effect providing your operations team with details about the author of an application and confirming that it hasn’t been tampered with or modified in any way. With policy enforcement at runtime, Docker Enterprise ensures that only container images signed by trusted teams can run in a cluster.
For more information:
Find out how to upgrade Docker Engine – Enterprise
Learn how to upgrade Docker Engine – Community
Get more information on Docker Enterprise
Learn more about Docker Security.

#Docker #Security Update: CVE-2018-5736 and #Container Security Best PracticesClick To Tweet

The post Docker Security Update: CVE-2018-5736 and Container Security Best Practices appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

30. Januar 2019

da Agency

Announcing Support for Windows Server 2019 within Docker Enterprise

Docker is pleased to announce support within the Docker Enterprise container platform for the Windows Server 2019 Long Term Servicing Channel (LTSC) release and the Server 1809 Semi-Annual Channel (SAC) release. Windows Server 2019 brings the range of improvements that debuted in the Windows Server 1709 and 1803 SAC releases into a LTSC release preferred by most customers for production use. The addition of Windows Server 1809 brings support for the latest release for customers who prefer to work with the Semi-Annual Channel. As with all supported Windows Server versions, Docker Enterprise enables Windows Server 2019 and Server 1809 to be used in a mixed cluster alongside Linux nodes.
Windows Server 2019 includes the following improvements:

Ingress routing
VIP service discovery
Named pipe mounting
Relaxed image compatibility requirements
Smaller base image sizes

Docker and Microsoft: A Rich History of Advancing Containers
Docker and Microsoft have been working together since 2014 to bring containers to Windows Server applications, along with the benefits of isolation, portability and security. Docker and Microsoft first brought container technology to Windows Server 2016 which ships with a Docker Enterprise Engine, ensuring consistency for the same Docker Compose file and CLI commands across both Linux and Windows Server environments. Recognizing that most enterprise organizations have both Windows Server and Linux applications in their environment, we followed that up in 2017 with the ability to manage mixed Windows Server and Linux clusters in the same Docker Enterprise environment with Docker Swarm, enabling support for hybrid applications and driving higher efficiencies and lower overhead for organizations. In 2018 we extended customer choice by adding support for the Semi-Annual Channel (SAC) Windows Server 1709 and 1803 releases.
Delivering Choice of Container Orchestration
Docker Enterprise 2.1 supports both Swarm and Kubernetes orchestrators interchangeably in the same cluster. Docker and Microsoft are now working together to let you deploy Windows workloads with Kubernetes while leveraging all the advanced application management and security features of Docker Enterprise. While the Kubernetes community work to support Windows Server 2019 is still in beta, investments made today using Docker Enterprise to containerize Windows applications using Swarm can translate to Kubernetes when available.
Accelerating Your Legacy Windows Server Migration
Docker Enterprise’s Support for Windows Server 2019 also provides customers with more options for migrating their legacy Windows Server workloads from Windows Server 2008, which is facing end-of-life, to a modern OS. The Docker Windows Server Application Migration Program represents the best and only way to containerize and secure legacy Windows Server applications while enabling software-driven business transformation. By containerizing legacy applications and their dependencies with the Docker Enterprise container platform, they can be moved to Windows Server 2019, without code changes, saving millions in development costs. Docker Enterprise is the only container platform to support Windows Global Managed Service Accounts (gMSAs) – a crucial component in containerizing applications that require the ability to work with external services via Integrated Windows Authentication.
Next Steps

Read more about Getting started with Windows containers
Try the new Windows container experience today, using a Windows Server 2019 machine or Windows 10 with Microsoft’s latest 1809 update.
All the Docker labs for Windows containers are being updated to use Windows Server 2019 – you can follow along with the labs, and see how Docker containers on Windows continue to advance.

Announcing support for Windows Server 2019 within #Docker Enterprise:Click To Tweet

The post Announcing Support for Windows Server 2019 within Docker Enterprise appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/

28. Januar 2019

da Agency

5 Reasons to Attend DockerCon SF 2019

If you can only attend one conference this year – make it matter. DockerCon is the one-stop event for practitioners, contributors, maintainers, developers, and the container ecosystem to learn, network and innovate. And this year, we will continue to bring you all the things you love about DockerCon like Docker Pals, the Hallway Track and roundtables, and the sessions and content you wanted more of – including open source, transformational, and practical how-to talks. Take advantage of our lowest ticket price when you register by January 31, 2019. No codes required.
<Register Now>

And in case you are still not convinced, here are a few more reasons you shouldn’t miss this year’s DockerCon

Belong. The Docker Community is one of a kind and the best way to feel a part of it is at DockerCon. Take advantage the Docker Pals Program, Hallway Track, roundables and social events to meet new people and make lasting connections.

2. Think big. Docker containers and our container platform are being used everywhere for everything – from sending rockets to space to literally saving the earth from asteroids to keeping e-commerce running smoothly for black friday shoppers. Come to DockerCon and imagine your digital future.

Build your skills. DockerCon’s sessions prioritize learning with actionable takeaways – from tips and tricks for devs, to real-world best practices for ops, from customer stories to the latest innovations from the Docker Team.

Be the expert. Dive into topics such as machine learning, CI/CD, Kubernetes, developer tools, security, and more through Hallway Track – a one-of-a-kind meeting tool that allows attendees to easily schedule one-on-one & group conversations about topics of their choosing.

5. Experience Unparalleled Networking. We know that one of the main reasons to attend a conference is who you will meet and DockerCon brings together industry experts and practitioners at every stage of the container journey. So grow your network, meet with other attendees, and get to know the Docker team!

5 reasons to attend #DockerCon SF 2019:Click To Tweet

The post 5 Reasons to Attend DockerCon SF 2019 appeared first on Docker Blog.
Quelle: https://blog.docker.com/feed/