Hello from all of us here at Sysdig! Quite a few things happened in the last weeks, first KubeCon/CloudNative EU in Berlin and just last week DockerCon in Austin. That’s why we have aggregated our March and April into a slightly longer newsletter than usual, covering also these 2 events.
We hope you enjoy this! Ping us at @sysdig
or on our open source slack group #sysdig
to share anything you feel we should include here, we are looking forward your contributions!
Just last week, Docker run its annual conference in Austin (Texas) with around 5500 attendees. A few interesting announcements from DockerCon:
– Docker as the upstream open source project has been renamed to Moby, and from now on Docker will refer exclusively to the commercial versions (well, binary versions because Docker community edition will still be called Docker. Confusing, but we saw it before with the RHEL/Fedora/CentOS split, similarly now we got Docker EE/Docker CE/Moby). Further discussion here.
, a project by Docker providing a framework to build Linux based operating system as a host for running containers. Quite cool although there is some overlapping with CoreOS and RancherOS.
– Videos of the talks are not yet online, will keep you posted when available but Docker has already published their highlights of the event: Day 1
and Day 2
Back in the end of March, with 1200+ attendees and over 100 sessions, this was the first massive Kubernetes event in Europe. A few interesting announces took place in Berlin:
– Both containerd from Docker and rkt from CoreOS are now CloudNative Foundation projects, that makes 9 projects under the CloudNative umbrella.
– Kubernetes 1.6 highlights: increased scalability (thanks to etcd3), RBAC (Role Based Access Control), mostly contributed by Openshift; Controlled Scheduling (affinity/anti-affinity and taints) and Dynamic Storage Provisioning, between multiple bugfixes and smaller features.
– All the talks are available in the CloudNative KubeCon EU YouTube playlist
, and some speakers have uploaded slides to the schedule
too. But if you want to get into the shoes of someone who was there, we liked Massimo’s personal notes
on the event.
2017 Docker Usage Report
How are people using Docker in their application environments right now? As the premier container monitoring solution, Sysdig has some answers to this question. Find out here!
Experimental feature that allows you to create different images (stages) defined in a single Dockerfile. Specially useful to automate the build process
, producing a smaller image containing just the binaries.
Container performance analysis
Exhaustive set of slides analyzing performance and tracing processes
over the massive ‘Titus’ Netflix’s container platform.
We liked the U.S.E. (Utilization, Saturation, Errors) methodology that can be both applied to hardware and software resources.
From macro to micro
One of the main misconceptions about Docker is that it is an all-or-nothing IT solution, this post
describes how to gradually migrate your components, starting with the front facing proxy.
Docker Cloud and Swarm mode
Docker Cloud and Swarm mode elegantly integrated
, deploying a scalable WordPress installation with just a few clicks and a straightforward YAML file.
Docker daemon socket
Some deployments require you to bind-mount the /var/run/docker.sock file. Explore
what is happening behind the scenes.
OpenVPN with docker-compose
Nice and simple tutorial
on how to get your OpenVPN server up and running just in a few minutes using docker-compose.
Microservices architecture retail
You have heard about microservices a thousand times already. This article
has a well-though-out set of checklists covering: why this is exciting, advantages, challenges and migration strategies.
Kubernetes 1.6 What’s new?
Kubernetes 1.6 is here. This series of 5 articles
showcases highlighted features using practical examples. We especially liked the beta release of RBAC
and the Advanced Scheduling
. A must-read to start planning ahead.
Microsoft acquires Deis
Microsoft has acquired Deis
, a company focused on open source management tools for Kubernetes, the birthplace of popular k8s projects like Helm, Workflow or Steward.
Monitoring Kubernetes series
In-depth series covering Kubernetes monitoring using Sysdig Monitor, delivered in 4 chapters. From the basics and rationale
of cloud monitoring, alerting
configuration best practices, troubleshooting and service discovery
to a real-world use case
scenario at WayBlazer.
Kubernetes pod autohealing
A clever take on k8s liveness/readiness probes, demonstrated on real use case scenario
. We liked the thorough description of how the probes exactly behave and attention to caveats.
GPU offloading, deep learning and k8s scaling. Quite an impressive combo of all the really exciting technologies happening now. This project
models a TensorFlow deployment using scalable Helm Charts.
Linkerd ingress controller
Series of articles about Linkerd, Kubernetes and services meshes. This
installment will show you how to use Linkerd as a full-fledged ingress controller, including TLS terminations and dynamic routing.
Kube apply: declarative, automatic
CPU intensive tasks like multimedia encoding
may greatly benefit from a custom CPU per container allocation and concurrency model design.
Just modifying your YAML files by hand and running “kubectl apply” is good enough for most teams, but wouldn’t be great to have more traceability, code review and diff history? Meet kube-applier
, a git-backed tool that tracks and implicitly applies cluster configuration changes.
OpenShift 3.5 was just released! Don’t miss this
series of articles covering improvements in usability
and GUI capabilities, security updates like rolling upgrade of certs or fine-grained pod network policies
, cluster management and storage
capabilities like dynamic provisioning for Azure block storage.
Hitting the wall
Article discussing the eventualities of running several thousand application instances over the Mesosphere Marathon platform. Very methodical, the guys have been battling against every caveat and performance limitation of the system and it shows
Mesosphere DC/OS 1.9
Highlighted new features
include a click-and-deploy catalog for data services like Elastic or CouchBase, troubleshooting and GPU-offload improvements.
How to monitor Docker Swarm
Sysdig Monitor can now leverage Docker Swarm metadata that together with its container visibility provides best int class Swarm monitoring
Four essential Docker security aspects
Checklist addressing four container features that can help you secure your Docker environment
and understanding the security challenges of your new software ecosystem.
An user’s view of Sysdig
Kris reviewed Sysdig and Sysdig Monitor writing an article
about its internals, pros and cons.
Sysdig @ KubeCon EU
Sysdig team gave 3 talks at KubeCon / CloudNativeCon EU, check out them here:
– Kubernetes-Defined Monitoring
– 50 Shades of System Calls
– Lightning Talk: The Top 5 Kubernetes Metrics to Monitor