preload
Jun 08

Construction Containers (source: Hans).

Originally published on June 1st, 2017 by Brian Anderson of O’Reilly

I recently sat down with Lee Calcote, head of technology strategy at SolarWinds, to talk about the benefits of container networks. Here are some highlights from our chat.

What is container networking? How are people deploying container networks?

Much of what container networking is today revolves around core Linux network technologies, whether that be iptables for port-forwarding, firewalling and network address translation, or ipvs for load-balancing and service abstraction (virtual IP addressing). These battle-tested technologies are old friends of systems engineers, who have leveraged these kernel capabilities as they’ve built container engines and orchestrators.

To date, container networking has largely been focused on simple network services like connectivity, IP addressing (IPAM), (domain) name services, and load-balancing. Beyond connectivity, most higher-level network services—like quality of service (QoS), virtual private networking, security policy (complex and dynamic firewalling), and topology optimization—are still emerging. So far, connectivity has largely equated to use of Linux bridges and network overlays, with VXLAN being a popular protocol. These common choices are in the face of a style of networking that’s arguably more straightforward in its approach: layer 3 networking.

Layer 3 networking involves routing as the connectivity method; BGP is the most popular protocol. I see layer 3 routing selected far less often than overlays as the deployment approach of choice, in part because public clouds don’t necessarily make layer 3 routing an easy choice. The convenience of overlays being at the fingertips of developers means that their deployments outstrip underlay deployments, despite the higher scale and efficiency provided by routing. Continue reading »

Tagged with:
May 01

Being an Austinite, I enjoyed having DockerCon local and co-authored a guide to visiting Austin in the hopes that attendees would enjoy having DockerCon in Austin as well. During this installment of Dockercon, a few major announcements were made, including the Moby Project. So, what is the Moby Project? It’s a framework to assemble specialized container systems without reinventing the wheel.

The Moby Project is to Docker what Fedora is to Red Hat Enterprise Linux.
– Solomon Hykes, Docker CTO/Founder

Continue reading »

Tagged with:
Apr 30


A collection of industry analysts convened to share their thoughts on DockerCon 2017. From a technology perspective, certainly LinuxKit was one of the more significant announcements. It’s approach to the creation of small, custom Linux OS images seems heavily inspired from Project UniK‘s approach to the creation of unikernels – small, custom Linux OS images.

From a business perspective, the Moby Project was a key announcement refactoring the way in which docker as an open source project is structured.

Did you attend DockerCon or watch the keynotes remotely? What did you think of DockerCon 2017?

Watch and listen to the virtual panel debriefing on DockerCon 2017.

 

Tagged with:
Mar 11

Ship with tug (source: tpsdave via Pixabay).

Cloud-native applications are designed to draw upon the performance, scalability, and reliability benefits of distributed systems. Unfortunately, distributed systems often come at the cost of added complexity. As individual components of your application are distributed across networks, and those networks have communication gaps or experience degraded performance, your distributed application components need to continue to function independently.

To avoid inconsistencies in application state, distributed systems should be designed with an understanding that components will fail. Nowhere is this more prominent than in the network. Consequently, at their core, distributed systems rely heavily on load balancing—the distribution of requests across two or more systems—in order to be resilient in the face of network disruption and horizontally scale as system load fluctuates. Continue reading »

Tagged with:
Oct 04

Presented at ContainerizeThis 2016 on Sept. 30th, 2016.

An introduction to container runtimes (engines) and an understanding of when container orchestrators enter and what role they play. We’ll look at what makes them alike, yet unique.

Tagged with:
Sep 17

Microservices present challenges of coordination, SSL termination and socket connection among others. Looking to different cloud providers to assist with their load-balancers leaves you wanting as features socket connection support, SSL termination and geo-distributed load-balancing are often absent.

Presented at Nginx Conference 2016 on Sept. 8th, 2016.

Tagged with:
Previous Entries