Hello from all of us here at Sysdig
! Even after the hectic last weeks at DockerCon and KubeCon EU the container tech world is not slowing down, so here it is again: a monthly newsletter to share the latest happenings in the container ecosystem across vendors and open source projects like Docker, Kubernetes, DC/OS Mesos, Openshift, etc.
We hope you enjoy this! Ping us at @sysdig
or on our open source slack group #sysdig
to share anything you feel we should include here, we are looking forward your contributions!
What is the Moby Project?
Admittedly, the Docker and Moby redefinitions have been somewhat confusing, but maybe it’s all for the better! The former Docker monolith has been broken into smaller, more modular pieces. Learn how everything fits together
Along with Moby, we have another newcomer: LinuxKit, a tool to build minimal Linux distributions. Following this
tutorial you can build your own lean base container image.
Multi-stage Dockerfile for Go
We already mentioned the new multi-stage Docker feature that helps you avoid the cumbersome 2-container Builder Pattern. This is a working Go compilation example
demonstrating this technique.
Docker overlay networks
Blog post delivered in two installments that goes into deep detail on how the Docker network overlay works: network namespaces, VXLAN, Netlink and the internal distributed key-value store. Part 1
, Part 2
Best practices Docker template for NodeJS
A seasoned NodeJS developer shares his best practices
, sane defaults and general advice as a GitHub repository, Docker template and documentation included.
Monster list of Docker tips
From general advice, Consul, security, managing secrets, Docker Swarm… it’s certainly a huge compilation
of tips. Feel free to cherry pick the bits most relevant for your use case.
How the Docker CLI talks to the host
Docker is a client/server architecture and the Docker CLI does not need to be in the same host as the daemon. This
article decomposes the different parts of this interaction: Docker daemon, REST API, CLI.
Moving your app to Docker, 5 steps to plan ahead
So, you have finally decided you need to get on board and containerize your application. This
article will help you write down your requirements and initial migration plan.
Showcase your Docker apps in a single click
Using Play-with-Docker you can embed a button in your Docker Hub or Github sites to setup a PWD environment
and deploy a stack right away.
Four useful Kubernetes tools
kube-applier for automated deployment, kubetop to check resource utilization, kubectx for quick context switch, kubeadm-dind-cluster for development and testing clusters. How they could miss Sysdig opensource troubleshooting tool
in this toolkit
Upgrade your Kubernetes cluster with kubeadm
Upgrading a distributed system is a complex task, specially if you don’t want to miss a beat in your production environment. The fully automated kubeadm
upgrade is not here yet, but you can do it with a little bit of tinkering
Fighting service latency
Moving from monolithic to microservices, now you realize you have to consider all the latencies introduced by internal container communication. Keep them in check
using features like node affinity.
Run once DaemonSet
What if you need to execute a task exactly once in every container of a deployment? There is a planned feature called CronJob DaemonSet that will address this case, but until then, here
is a clever workaround to achieve this behavior.
Write you own Kubernetes scheduler in Python
One of the core components of the Kubernetes head node is the Pod scheduler. You can specify a custom scheduler in your Pod definition. This
article illustrates how you can create a basic Python scheduler.
Testing Helm Chart reliability
You probably know Helm already, aka the Kubernetes package manager. It’s time to do a little bit of stress testing to detect possible limitations and caveats. Part 1
and Part 2
Buoyant has released version 1.0
of Linkerd, the scalable service mesh for cloud-native applications. Apart for the usual bug fixing and optimization, it features finer grained per-service and per-client configurations.
Kubernetes, the smart person’s guide
An executive summary of Kubernetes, listing all the entities, fundamental questions and links to additional resources. A concise cheat sheet
for anyone starting with this topic.
feature allows you to keep a consistent pointer to your images, tracking a known-good version and avoiding breaking your application when an incorrectly tagged image is updated.
Storing Openshift secrets in Vault
article starts by describing default secret
items and their current limitations, then it offers HashiCorp’s Vault as a security enhancement, deploying a running example.
Is my Openshift overbooked?
If you are new to Openshift administration, this is not a trivial question. With this article
you will learn about the basic resource management entities and how to monitor them.MESOS
Free O’Reilly DC/OS book
The development model of new applications is rapidly shifting from VMs to microservices and containers. This ebook
outlines how DC/OS can be used to effectively build and run these applications.
Deep learning with DC/OS GPU-based scheduling
GPU offloading, machine learning and Google’s Tensorflow libraries are all the rage. Now is the turn of DC/OS to demonstrate these technologies in its distributed environment. Part 1
and Part 2
Marathon and DC/OS by example
Feeling a bit overwhelmed by all the options and configurations required for Service Discovery and Load Balancing on DC/OS? This
detailed and thorough blog post will get you started.
Sysdig Monitor spring 2017 release
Our last Sysdig Monitor release new features and improvements: Docker Swarm integration, Kubernetes 1.6, usability improvements and UI redesign, new types of alerts, security enhancements… Don’t miss this
How to monitor Nginx
Take advantage of the many possibilities of monitoring Nginx with container platform metadata
: HTTP application metrics, top or slowest URIs. No code instrumentation or log parsing required.
Linkerd, the microservices proxy
Learn how to monitor its backend balancer, aggregated service metrics and circuit breaking capabilities, along with alarms that benefit from all this Linkerd specific metadata
A user’s view of Sysdig
Kris reviewed Sysdig and Sysdig Monitor writing an article
about its internals, pros and cons.
Monitoring Azure containers with Sysdig
Sysdig loves Azure, and we can prove
it. This is how Sysdig automatically aggregates your monitoring metrics and generate the relevant views.