Kraken – p2p Docker registry

Kraken by Uber:

Kraken is a P2P-powered Docker registry that focuses on scalability and availability. It is designed for Docker image management, replication and distribution in a hybrid cloud environment. With pluggable backend support, Kraken can easily integrate into existing Docker registry setups as the distribution layer.
Kraken has been in production at Uber since early 2018. In our busiest cluster, Kraken distributes more than 1 million blobs per day, including 100k 1G+ blobs. At its peak production load, Kraken distributes 20K 100MB-1G blobs in under 30 sec.

htrace.sh – HTTP/HTTPS troubleshooting and profiling tool

htrace.sh is a handy command-line tool for HTTP/HTTPS troubleshooting and profiling. It also integrates with a number of other security tools, like nmap, SSL Labs, subfinder, etc.

F5 acquires NGINX

NGINX, the company behind one of the most popular web servers, has been acquired by F5. Of course, I’m glad for the NGINX team and founders, for who this is quite an accomplishment. But at the same time, much like many of the recent acquisitions, this one worries me. NGINX and F5 were competing in certain areas. That competition is now gone.

As always, they say that they will keep NGINX brand, team, technology, and even invest more in the Open Source side of things. But I’m not holding my breath. We’ve seen way too many screw ups on that front in the last few years.

Having the Open Source offering is good though. If it continues to grow and develop – even better. But if not, at least there is an option of forking, rebranding, and building on top.

Cloud Irregular: IAM Is The Real Cloud Lock-In

Vendor lock-in is an old and well discussed issue. Some people don’t care about it all, jump right in. Others avoid it like a plague. And then there are those who allow it, with some very careful considerations.

I have always been on the side of avoiding vendor lock-in by all costs. But lately, with all the SaaS offerings and cloud providers, I feel like the line becomes a lot more blurred.

Initially, when I started using Amazon AWS, I approached it exclusively as an IaaS, setting up my own servers in such a way that I would be able to move to another vendor in a heartbeat. These days, I’ve grown to trust Amazon a lot more. But I still feel uneasy about some of the lock-in.

Cloud Irregular: IAM Is The Real Cloud Lock-In” is an interesting take on the cloud lock-in. It found the comparison of the Amazon IAM (Identity and Access Management) to the Microsoft Active Directory particularly insightful.

To illustrate this point, we have to look no farther than the nine-hundred-pound gorilla of the IAM jungle, which continues to be Microsoft’s ActiveDirectory. I’m not sure I even know what ActiveDirectory is anymore, to be honest. Is it a cloud service? A “hybrid identity” provider? A flippin’ Linux domain controller? The answer to all of those questions appears to be “yes, if that is what you want”, which is why AD implementations will surely keep an army of Microsoft “IT Pros” busy for a couple more decades.
Here’s what ActiveDirectory is not: easy to migrate off of. 

On the future of Docker, containers, and serverless

I came across this blog post – “Goodbye Docker and Thanks for all the Fish” – which talks about the not-so-eminent, but very predictable death of Docker as both the technology, and the company. The gist of it is that container orchestration kicked in, and made Docker very replaceable with alternative container solutions. So much so, that in the upcoming release of the Red Hat Enterprise Linux 8 Docker has been replaced by Podman and a few other tools.

While I don’t know enough to have a strong opinion on the subject, the logic expressed in the blog post kind of makes sense to me.

All that reminded me of the recent interview with Simon Wardley, with the title providing the oversimplified summary:

Containers won the battle, but will lose the war to serverless.

Serverless concepts have been getting a lot of hype recently as well. And while I like where it’s going, I don’t think serverless will become a reality any time soon. Sure, it’s very applicable to smaller and simpler applications and well-engineered environments. But I think it’s more of a dream for the medium and large enterprise sector.

The thing is that the world moves at a much slower pace than we, in technology, would like to think. This Forbes article quotes some numbers from the study by IDG that shows that even the cloud adoption in the enterprise is far from complete yet.

The benefits of the cloud computing are obvious, but it takes time, and often a lot of it, to adopt the new technology and rip those benefits.

Once the cloud dust settles a bit, containers are the next on the list. I don’t have any hard numbers for container adoption in the enterprise, but my gut feeling is telling me that they are way below the cloud numbers (have a look at this study to get the feeling).

Serverless, in my mind, is the step after the containers. So even if that’s the future, it will take a long long time to get there.

Or maybe it won’t. Sometimes, the world gets so far behind the technology curve, that it jumps ahead by skipping steps. An example of that would be telephony in China, which went from almost nothing directly to mobile telephony, practically skipping the landlines.

How to Bootstrap Kubernetes the hard way!

In the “How to Bootstrap Kubernetes the hard way!” Yair Etziony shows how to setup a local Kubernetes cluster without using the tools like Minikube or Google Kubernetes Engine. He says it’s probably somewhat more difficult in the beginning, but eventually provides better understanding and knowledge, especially so for those who are just getting their feet wet in Kubernetes and container orchestration.

Learn Enough Docker to be Useful

“Learn Enough Docker to be Useful” is a series of articles (so far 6) that explains different parts of Docker in a very simple and straightforward way. Here are the parts so far:

7 Awesome CloudFormation Hacks

Amazon CloudFormation templates are a bit tricky to write, regardless of whether you are working on your first one or you have been doing it for years. Sure, there are plenty of examples online, tools that make it easier (thanks Ansible!), and copy-pasting sections from your own library. But any tips on how to make the life easier are always welcome.

Hence, here’s a very handy collection of “7 Awesome CloudFormation Hacks“. These include:

  1. Combine two sequent intrinsic functions
  2. Use exported values from other stacks in !Sub
  3. Changes in cfn-init don’t trigger redeployment in AutoScaling Group
  4. Get Stack name of sibling stack in nested stacks
  5. AccountIds with leading zero
  6. Use Dictionaries as Stack Parameter
  7. DependsOn with condition

How To Build a Serverless CI/CD Pipeline On AWS

How To Build a Serverless CI/CD Pipeline On AWS” is a nice guide to some of the newer Amazon AWS services, targeted at developers and DevOps. It shows how to tie together the following:

  • Amazon EC2 (server instances)
  • Docker (containers)
  • Amazon ECR (Elastic Container Registry)
  • Amazon S3 (storage)
  • Amazon IAM (Identity and Access Management)
  • Amazon CodeBuild (Continuous Integration)
  • Amazon CodePipeline (Continuous Delivery)
  • Amazon CloudWatch (monitoring)
  • Amazon CloudTail (logs)

The examples in the article are for setting up the CI/CD pipeline for .NET, but they are easily adoptable for other development stacks.