Capacity planning with Kubernetes is a non-trivial challenge. How many nodes should we deploy? What should be their size? When should we add or remove nodes to accommodate variations in load? One solution is to not deploy nodes, and provision resources on-demand instead. Let’s see how to do that. » read more...
For anyone using containers, Docker is a wonderful development platform, and Kubernetes is an equally wonderful production platform. But how do we go from one to the other? Specifically, if we use Compose to describe our development environment, how do we transform our Compose files into Kubernetes resources? » read more...
Cette article est la suite du précédent. Aujourd’hui, on va entrer dans les détails pour voir comment adapter une application décrite par un fichier Compose afin de la faire tourner sur Kubernetes. » read more...
Dans le monde des conteneurs, Docker est une formidable plateforme de développement, et Kubernetes une tout aussi formidable plateforme de production. Comment passe-t-on de l’un à l’autre ? En particulier, si l’on utilise Compose pour décrire son environnement de développement, comment traduit-on ses fichiers Compose en ressources Kubernetes ? » read more...
I’m going to try to explain how I felt when I was struggling with depression. There will be gnomes and other lousy metaphors, but don’t let that distract you. » read more...
What’s the difference between a junior and a senior software engineer? Is it the responsibility of a company to provide learning resources (e.g. time or mentoring) to its engineers? What makes a good mentor anyway? » read more...
On parle souvent des conteneurs comme un moyen d’accélérer les cycles de développement, mais ils permettent aussi de dérisquer (ou réduire les risques, si le néologisme vous fait grincer des dents ☺) les opérations de déploiement. Comment donc ? Grâce à un pattern sûrement familier à certain·e·s d’entre vous : les « infrastructures immutables ». Nous allons voir comment ce pattern réduit les risques, et comment les conteneurs le rendent accessible à des structures de tailles et de compétences variées. » read more...
Depuis quelques années, l’industrie du logiciel parle énormément des containers ; notamment de deux projets phares de cet écosystème : Docker et Kubernetes. Cet article donne une introduction de haut niveau (à quoi servent les conteneurs?) et donne un exemple de feuille de route que vous pouvez utiliser dans votre “voyage” pour adopter cette technologie et en tirer le meilleur parti. » read more...
I was given the opportunity to test AppSwitch, a network stack for containers and hybrid setups that promises to be super easy to deploy and configure, while offering outstanding performance. Sounds too good to be true? Let’s find out. » read more...
This is a boring post about boring tax stuff. It’s boring but I wish I had known that when I moved to the US — it would have saved me more than $10K. » read more...
TL,DR: I have left Docker Inc. to take a sabbatical and recover from depression and burnout. I plan to dedicate the next six months to family, friends, meditation, music, and generally speaking, enjoy life to recharge for whatever will come next. » read more...
I want to share a few organizational tools that helped me to be more productive while dealing with stress, anxiety, and depression. They include post-it notes, Trello cards, calendars, and emojis (just to name a few). I’m sharing them in the hopes that they can be a source of ideas and inspiration for those struggling with similar conditions. » read more...
A few months ago, I started using a 2017 12” Macbook Air. This machine has only two ports: an audio jack, and one USB-C port. That USB-C port is the only thing you have to plug external storage and monitors, network connectivity, and of course, a power supply. I had to do some research to understand how USB-C works, and find the perfect adapters (at least, the perfect adapters for what I do). » read more...
A few months ago, I wrote and delivered a Kubernetes orchestration workshop, based on my Swarm orchestration workshop. While doing so, I hit a few snags; and since I’m attending KubeCon this week, I thought this would be the perfect occasion to track down Santa Kube and give them my wishlist for Christmas! 🎄🎅🏿❤️ » read more...
Just because we’re using containers doesn’t mean that we “do DevOps.” Docker is not some kind of fairy dust that you can sprinkle around your code and applications to deploy faster. It is only a tool, albeit a very powerful one. And like every tool, it can be misused. Guess what happens when we misuse a power tool? Power fuck-ups. Let’s talk about it. » read more...
You’ve accepted to be a “track host,” but you don’t know how to do it? Or you’ve done it before, but you’d love to swap a few tips, tricks, and new ideas to do it better next time? I got you covered! » read more...
I’d like to tell you a short story illustrating why training your employees is crucial to the success of your organization. » read more...
Have you heard about dotCloud? If you haven’t, I’m going to give you a hint: it is a PAAS company. Another hint: eventually, dotCloud open-sourced their container engine. That container engine became Docker. » read more...
If you are running apps in containers and are using Docker’s GELF logging driver (or are considering using it), the following musings might be relevant to your interests. » read more...
In conversations about sexism (in the tech industry or elsewhere), men are often surprised to hear how bad the situation is for some of their women coworkers and friends. We often are tempted to say “this wouldn’t happen in my company.” If you are an expatriate or travel abroad, there is also the variant “in my country, we treat women fairly!” I would like to share something that made me think twice about this. » read more...
I usually write in English, about container technology. This will be in French, and about very different topics. You’ve been warned! :-) » read more...
This is a short collection of tips and tricks showing how Docker can be useful when working with Go code. For instance, I’ll show you how to compile Go code with different versions of the Go toolchain, how to cross-compile to a different platform (and test the result!), or how to produce really small container images. » read more...
A while ago, I wrote about how to bind-mount the Docker control socket instead of running Docker-in-Docker. This is a huge win for CI use-cases, and many others. Here I want to talk about a more generic scenario: controlling any Docker setup (local or remote Engine, but also Swarm clusters) from a container, and the benefits that it brings us. » read more...
TL,DR: we all have different perceptions and experiences. Just because you’re fine with a picture, book, movie, etc., doesn’t mean that everybody will accept it equally well. Even if you are the nicest person in the world. Let’s accept it, and be aware of each other’s sensitivities. » read more...
Here are a few tips and tricks that I learned when building then delivering the Docker Fundamentals course at Docker Inc. This course is a 2 days training designed to be delivered to small groups (up to 20 people) but we also delivered the intro part many times at tech conferences, to groups of varying sizes (50 to 300). » read more...
The primary purpose of Docker-in-Docker was to help with the development of Docker itself. Many people use it to run CI (e.g. with Jenkins), which seems fine at first, but they run into many “interesting” problems that can be avoided by bind-mounting the Docker socket into your Jenkins container instead. » read more...
This number is wonderful. Not because it’s high or low, but because it exists. The fact that it is possible (and relatively easy) to compute this metric means that it will be possible (and relatively easy) to improve it, among other things. » read more...
In a Dockerfile, if you put data in a directory, and then declare that directory to be a volume, weird things can happen. Let’s see what exactly. » read more...
This morning, I watched AWS’ webinar presenting their container service. Here are some quick notes, for those of you who are as curious as I was about it! » read more...
It has been asked on #docker-dev recently if it was possible
to attach a volume to a container after it was started.
At first, I thought it would be difficult, because of how
the mnt
namespace works. Then I thought better :-)
»
read more...
This is my recipe for Gravlax (cured salmon). It makes a great appetizer. The only downside is that you must prepare it in advance, since it needs to cure 36 to 48 hours in the fridge. » read more...
This is a simple recipe showing how to run syslog in one container, and then send the syslog messages of multiple other containers to that one. » read more...
When they start using Docker, people often ask: “How do I get inside my containers?” and other people will tell them “Run an SSH server in your containers!” but that’s a very bad practice. We will see why it’s wrong, and what you should do instead. » read more...
If you build a lot of containers, and have a not-so-fast internet link, you might be spending a lot of time waiting for packages to download. It would be nice if all those downloads could be automatically cached, without tweaking your Dockerfiles, right? » read more...
If you upgraded your Docker installation to 0.9, you are now
using libcontainer to run your containers. And if you were
using lxc-attach
, you probably noticed that it doesn’t work
anymore. Here are two ways to recover the “attach” feature
with Docker containers.
»
read more...
If you’re using Docker on CentOS, RHEL, Fedora, or any other distro that doesn’t ship by default with AUFS support, you are probably using the Device Mapper storage plugin. By default, this plugin will store all your containers in a 100 GB sparse file, and each container will be limited to 10 GB. This article will explain how you can change that limit, and move container storage to a dedicated partition or LVM volume. » read more...
When you want to install a new machine, or boot in rescue mode, the usual method is to boot from a CD or USB stick. But virtually all modern computers with an Ethernet interface can also boot from the network. Here is how to setup a boot server super easily, by running it in a Docker container. » read more...
There are many ways to handle Python app dependencies with Docker. Here is an overview of the most common ones – with a twist. » read more...
Earlier this month, I attended the first Flynn meet-up in San Francisco, where the project was presented by its authors. Here’s what I have to say about it. » read more...
To help @EstelleDeau to refactor some code, I had a look at introspection and reflection features in IDL. It is a really weird language (especially when my primary languages are now Python and Go), but it was a fun ride. » read more...
A mimosa is half a mosa. A sesquimosa is one mosa and a half. If you like mimosas, you might like this beverage thrice as much :-) » read more...
By default, the Docker API is exposed over a local UNIX socket. If you want to control Docker from a remote host, you can configure Docker to expose its API over a TCP socket instead. However, Docker itself doesn’t implement authentication. We will see here how we can use SSL certificate authentication to encrypt and authenticate the Docker API. » read more...
A recurring question on the Docker mailing list and on the Docker IRC channel is “how can I change the network range used by Docker?”. While Docker itself doesn’t have a configuration option to change this network range (yet!), it is very easy to change it, and here is how. » read more...
Linux Containers rely on control groups which not only track groups of processes, but also expose a lot of metrics about CPU, memory, and block I/O usage. We will see how to access those metrics, and how to obtain network usage metrics as well. This is relevant for “pure” LXC containers, as well as for Docker containers. » read more...
When you install (or upgrade) a service, the package manager will try to
start (or restart) this service. If you are working on a normal server,
this is usually what you want. But if you are inside a chroot
environment,
or maintaining some kind of golden image, you don’t want to start services.
If you are using Debian/Ubuntu-based distros, there is a super easy way
to solve the problem: the /usr/sbin/policy-rc.d
script.
»
read more...
Gunsub means “GitHub Unsubscribe”. It lets you be aware of everything happening in a given Github repository (through GitHub’s e-mail notifications), without getting too much spam. It lets the first notification go through, then automatically unsubscribes you from further messages in the same thread (unless you comment or are mentioned in the thread). » read more...
This is the blog I should have setup 15 years ago. Here I will talk about cool hacks, cooking, cocktails, books I’ve read (or sometimes I haven’t), linguistics… And I decided to use Jekyll to run it. » read more...
This work by Jérôme Petazzoni is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.