Re: r u familiar with Docker?
> How many variables can there be? Normally not something you consider, but under attack, this comes down to standard networking tuples. Source ip, source port, destination ip, destination port, and protocol (tcp, udp, icmp, etc). Sadly most folks don't think about it like this, but anyone that admins security, firewalls, or cloud acls does. Again, this to that. Those 5-step tuples of info are primarily for things like netflow reporting and others that do network management, reporting, and the like. Add in things like firewall or ddos prevention (think cloudflare, prolexic, like), this is what they act upon volumetrically. Thread the needle port to port to get public to your resource, verify integrity in-path. Working for service providers years ago taught me about what DDoS can do to you, and how to prevent such things if possible volumetrically. It's really just a matter of making sure dns, port access, and whatever inspection you want works on ingress. If something else blasts you, redirect accordingly. Take for example Microsoft was getting DDoS'd across all services last week <https://go.theregister.com/feed/www.theregister.com/2023/06/13/microsoft_azure_ddos/>, they're literally blasting destination port/protocol services to deny service to take Azure entirely down at the management portal level. Blast a destination port/ip/dns service enough, it all crumbles, but this is what is required to run public services these days. -mb On Tue, Jun 13, 2023 at 10:17 PM Michael Butash wrote: > One cannot downplay the importance of things like this today, particularly > with k8s and various iterations of it around docker. NAT is not a foreign > concept, or shouldn't be in 2023. > > I remember working in Silicon Valley circa 1999 and no one had firewalls. > Our call center was on public ip's, and then we were getting hacked because > the company at the time had no clue of security. I led an effort to > install blackice pirated (not for commercial use!) across all call center > computers to affect change, but gave up and left the company shortly > thereafter as they obviously didn't "get it". > > Docker is meant to separate network environments via nat for very good > reason. It creates a controllable ingress point, and can thus be run > through as stringent an inspection as desired, or not. This to That port > translations are meant to be a checkpoint of acknowledgement of traffic and > thus inspection, as much or little as you want at that point. > > Case in point, Fortigate firewalls are lit up this week for again exposing > their arse to the internet insecurely. Their sslvpn application that > expects to be publicly accessible is easily hacked, and thus every > fortigate that didn't patch in the first day is owned. > > If you forward ports, do so with reasonable intent and acknowledgement of > doing so in a secure fashion. Otherwise don't forward the goddamn port, or > let dumb things do so on your behalf without reasonable understanding. > > -mb > > > On Tue, Jun 13, 2023 at 8:55 PM David Schwartz via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > >> Thanks for the pep talk, Michael. :-) >> >> I was heavily involved in networking and all that stuff back in the 80’s >> and so I can say that I do understand it … or at least did at one point. >> But for the past 20 years I’ve worked in environments where there was an IT >> Dept that was always there handling things — even simple things. So I’ve >> lost touch with all of the different layers and levels of indirection that >> are involved today. >> >> I built this service following a guide laid out by a guy who I assume >> knows what he’s talking about, but he says it just connects to either >> localhost or a local IP (192.168.x.y). I’ve gotten lost in situations when >> people show examples or create tutorials that are really only designed to >> run within a local environment, and when you ask about “opening them up”, >> you’re told, “Oh, that’s outside the scope of this material”. This guy >> offered to let me hire him for his “typical hourly rate” to help get the >> service I built — following his detailed instructions — working on a remote >> host. He said, “there are just too many variables involved”. In my mind, >> it’s a vanilla Windows Server 2016 running on a VPN hosting a service built >> according to his plans. How many variables can there be? >> >> -David Schwartz >> >> >> >> >> On Jun 13, 2023, at 5:32 PM, Michael Butash via PLUG-discuss < >> plug-discuss@lists.phxlinux.org> wrote: >> >> As a "network guy", i.e. someone operating at layer 1-4 mostly, I would >> say you need to understand networkin
Re: r u familiar with Docker?
One cannot downplay the importance of things like this today, particularly with k8s and various iterations of it around docker. NAT is not a foreign concept, or shouldn't be in 2023. I remember working in Silicon Valley circa 1999 and no one had firewalls. Our call center was on public ip's, and then we were getting hacked because the company at the time had no clue of security. I led an effort to install blackice pirated (not for commercial use!) across all call center computers to affect change, but gave up and left the company shortly thereafter as they obviously didn't "get it". Docker is meant to separate network environments via nat for very good reason. It creates a controllable ingress point, and can thus be run through as stringent an inspection as desired, or not. This to That port translations are meant to be a checkpoint of acknowledgement of traffic and thus inspection, as much or little as you want at that point. Case in point, Fortigate firewalls are lit up this week for again exposing their arse to the internet insecurely. Their sslvpn application that expects to be publicly accessible is easily hacked, and thus every fortigate that didn't patch in the first day is owned. If you forward ports, do so with reasonable intent and acknowledgement of doing so in a secure fashion. Otherwise don't forward the goddamn port, or let dumb things do so on your behalf without reasonable understanding. -mb On Tue, Jun 13, 2023 at 8:55 PM David Schwartz via PLUG-discuss < plug-discuss@lists.phxlinux.org> wrote: > Thanks for the pep talk, Michael. :-) > > I was heavily involved in networking and all that stuff back in the 80’s > and so I can say that I do understand it … or at least did at one point. > But for the past 20 years I’ve worked in environments where there was an IT > Dept that was always there handling things — even simple things. So I’ve > lost touch with all of the different layers and levels of indirection that > are involved today. > > I built this service following a guide laid out by a guy who I assume > knows what he’s talking about, but he says it just connects to either > localhost or a local IP (192.168.x.y). I’ve gotten lost in situations when > people show examples or create tutorials that are really only designed to > run within a local environment, and when you ask about “opening them up”, > you’re told, “Oh, that’s outside the scope of this material”. This guy > offered to let me hire him for his “typical hourly rate” to help get the > service I built — following his detailed instructions — working on a remote > host. He said, “there are just too many variables involved”. In my mind, > it’s a vanilla Windows Server 2016 running on a VPN hosting a service built > according to his plans. How many variables can there be? > > -David Schwartz > > > > > On Jun 13, 2023, at 5:32 PM, Michael Butash via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > > As a "network guy", i.e. someone operating at layer 1-4 mostly, I would > say you need to understand networking first. So few developers and system > folk do, and thus struggle in today's day and age around basic networking > functions in a cloud world. It's some basic tradition of "when a packet in > a pocket hits a socket" like a childhood rhyme that goes unheard, and > really should if you call yourself a self-respecting developer today or the > past 20 years. > > Understanding basic Layer 1-7 of the network OSI model is the key. > > Docker relies heavily on NAT and IP routing between systems. Even > installing a typical web/app/db stack requires local socket interaction > between devices using the same networking - perhaps start with this first > and understand local socket connections to 127.0.0.1 first. Then move into > docker and IProute2 namespace separation with Docker and like > technologies. If you understand how a firewall works, this isn't that much > more complex. > > Keeping a consistent control plane between applications (again web/app/db) > and basic ip reachability isn't too hard when you understand vlans and > networking, maybe extending into overlay tech like Zerotier and Tailscale > for apps to talk to each other, securely, and across > clouds/networks/domains in general. > > I could give a whole "In the beginning.." speech, but best you simply > learn some networking first. > > -mb > > > On Tue, Jun 13, 2023 at 3:19 PM David Schwartz via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > >> Right now I just want to be able to run my web app on my phone and have >> it access my back-end service remotely. >> >> I’m just having a challenge getting that "signal chain” set up and >> working. I know what it’
Re: r u familiar with Docker?
Thanks for the pep talk, Michael. :-) I was heavily involved in networking and all that stuff back in the 80’s and so I can say that I do understand it … or at least did at one point. But for the past 20 years I’ve worked in environments where there was an IT Dept that was always there handling things — even simple things. So I’ve lost touch with all of the different layers and levels of indirection that are involved today. I built this service following a guide laid out by a guy who I assume knows what he’s talking about, but he says it just connects to either localhost or a local IP (192.168.x.y). I’ve gotten lost in situations when people show examples or create tutorials that are really only designed to run within a local environment, and when you ask about “opening them up”, you’re told, “Oh, that’s outside the scope of this material”. This guy offered to let me hire him for his “typical hourly rate” to help get the service I built — following his detailed instructions — working on a remote host. He said, “there are just too many variables involved”. In my mind, it’s a vanilla Windows Server 2016 running on a VPN hosting a service built according to his plans. How many variables can there be? -David Schwartz > On Jun 13, 2023, at 5:32 PM, Michael Butash via PLUG-discuss > wrote: > > As a "network guy", i.e. someone operating at layer 1-4 mostly, I would say > you need to understand networking first. So few developers and system folk > do, and thus struggle in today's day and age around basic networking > functions in a cloud world. It's some basic tradition of "when a packet in a > pocket hits a socket" like a childhood rhyme that goes unheard, and really > should if you call yourself a self-respecting developer today or the past 20 > years. > > Understanding basic Layer 1-7 of the network OSI model is the key. > > Docker relies heavily on NAT and IP routing between systems. Even installing > a typical web/app/db stack requires local socket interaction between devices > using the same networking - perhaps start with this first and understand > local socket connections to 127.0.0.1 first. Then move into docker and > IProute2 namespace separation with Docker and like technologies. If you > understand how a firewall works, this isn't that much more complex. > > Keeping a consistent control plane between applications (again web/app/db) > and basic ip reachability isn't too hard when you understand vlans and > networking, maybe extending into overlay tech like Zerotier and Tailscale for > apps to talk to each other, securely, and across clouds/networks/domains in > general. > > I could give a whole "In the beginning.." speech, but best you simply learn > some networking first. > > -mb > > > On Tue, Jun 13, 2023 at 3:19 PM David Schwartz via PLUG-discuss > mailto:plug-discuss@lists.phxlinux.org>> > wrote: > Right now I just want to be able to run my web app on my phone and have it > access my back-end service remotely. > > I’m just having a challenge getting that "signal chain” set up and working. I > know what it’s supposed to be in theory; it’s just not as easy as plugging a > wire between a couple of sockets. > > Docker is optional. > > How can I do something like a "signal trace” in Windows? > > -David Schwartz > > > > >> On Jun 13, 2023, at 2:19 PM, Michael Butash via PLUG-discuss >> mailto:plug-discuss@lists.phxlinux.org>> >> wrote: >> >> Docker should be an inside to outside port mapping for your application. >> The outside port maps needs to reflect your firewall, load balancer, or >> whatever forwards traffic to it as the destination. >> >> [internet]-[firewall]-[host]-[docker] - you want to thread the needle of >> ports. This to That. >> >> If you don't want public facing ports for security reasons, vpn like openvpn >> or an overlay like zerotier/tailscale is recommended. >> >> -mb >> >> >> >> On Tue, Jun 13, 2023 at 2:03 PM David Schwartz via PLUG-discuss >> mailto:plug-discuss@lists.phxlinux.org>> >> wrote: >> I’m looking for someone familiar with Docker who can help me out a little >> bit. >> >> I’m working on an app with a REST-based web service that I’ve been building >> inside of a VM (VirtualBox) running Win 10. I’m having trouble getting the >> service part working on a remote server, and someone suggested using Docker >> to isolate it and get it running inside of the VM first, then copy it to the >> remote server. The remote server is also Windows based, obviously. >> >> I’m having trouble getting all of
Re: r u familiar with Docker?
Agreed, Docker is a runtime isolation for applications with a fully containerized approach for things running within them. Networking is entirely integral to this, so you need to understand ip addressing, nat, tcp/udp ports, route table isolation (namespaces), things like that if playing. That said, port forwarding is something as old as the internet and the advent of firewalls. In theory you have a full stack of software you launch in the same container and network namespace, they all communicate internally, and you only present a web UI or interface layer outside said namespace to the world despite whatever ports the applications use within the container openly. Web to app, app to db, like conversations are open, but only the public web port pokes its head outside via docker nat. Those ports need to be forwarded accordingly via whatever means, either internally routable IP space, or port forwarding via firewall/load-balancer means. If you've ever had to wrapper a web app on a weird port with apache/nginx for ssl access via a standard 443 port, or ever done load-balancers, similar approach. I can draw countless examples, but will fall short without an understanding of basic tcp/udp sockets and port forwarding. Portainer, minikube, things like that make docker a bit more manageable for us layfolk, but you still need to grok the concepts in play. Personally it helped to deploy and see how it worked, not unlike network VRF's in use for the past 20 years with firewall/nat layers between, but I also came from a network background vs. system/app folks working backward. -mb On Tue, Jun 13, 2023 at 6:13 PM Stephen Partington wrote: > Docker is not a true VM. And to Mike's point it has a very tight network > layer to keep the containers from pooping on each other. > > If you want a visual, portainer was a Handy tool for this. > > There is some really solid docker documentation out there and walk > throughs. > > > On Tue, Jun 13, 2023, 8:33 PM Michael Butash via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > >> As a "network guy", i.e. someone operating at layer 1-4 mostly, I would >> say you need to understand networking first. So few developers and system >> folk do, and thus struggle in today's day and age around basic networking >> functions in a cloud world. It's some basic tradition of "when a packet in >> a pocket hits a socket" like a childhood rhyme that goes unheard, and >> really should if you call yourself a self-respecting developer today or the >> past 20 years. >> >> Understanding basic Layer 1-7 of the network OSI model is the key. >> >> Docker relies heavily on NAT and IP routing between systems. Even >> installing a typical web/app/db stack requires local socket interaction >> between devices using the same networking - perhaps start with this first >> and understand local socket connections to 127.0.0.1 first. Then move into >> docker and IProute2 namespace separation with Docker and like >> technologies. If you understand how a firewall works, this isn't that much >> more complex. >> >> Keeping a consistent control plane between applications (again >> web/app/db) and basic ip reachability isn't too hard when you understand >> vlans and networking, maybe extending into overlay tech like Zerotier and >> Tailscale for apps to talk to each other, securely, and across >> clouds/networks/domains in general. >> >> I could give a whole "In the beginning.." speech, but best you simply >> learn some networking first. >> >> -mb >> >> >> On Tue, Jun 13, 2023 at 3:19 PM David Schwartz via PLUG-discuss < >> plug-discuss@lists.phxlinux.org> wrote: >> >>> Right now I just want to be able to run my web app on my phone and have >>> it access my back-end service remotely. >>> >>> I’m just having a challenge getting that "signal chain” set up and >>> working. I know what it’s supposed to be in theory; it’s just not as easy >>> as plugging a wire between a couple of sockets. >>> >>> Docker is optional. >>> >>> How can I do something like a "signal trace” in Windows? >>> >>> -David Schwartz >>> >>> >>> >>> >>> On Jun 13, 2023, at 2:19 PM, Michael Butash via PLUG-discuss < >>> plug-discuss@lists.phxlinux.org> wrote: >>> >>> Docker should be an inside to outside port mapping for your >>> application. The outside port maps needs to reflect your firewall, load >>> balancer, or whatever forwards traffic to it as the destination. >>> >>> [internet]-[firewall]-[host]-[docker] - y
Re: r u familiar with Docker?
Docker is not a true VM. And to Mike's point it has a very tight network layer to keep the containers from pooping on each other. If you want a visual, portainer was a Handy tool for this. There is some really solid docker documentation out there and walk throughs. On Tue, Jun 13, 2023, 8:33 PM Michael Butash via PLUG-discuss < plug-discuss@lists.phxlinux.org> wrote: > As a "network guy", i.e. someone operating at layer 1-4 mostly, I would > say you need to understand networking first. So few developers and system > folk do, and thus struggle in today's day and age around basic networking > functions in a cloud world. It's some basic tradition of "when a packet in > a pocket hits a socket" like a childhood rhyme that goes unheard, and > really should if you call yourself a self-respecting developer today or the > past 20 years. > > Understanding basic Layer 1-7 of the network OSI model is the key. > > Docker relies heavily on NAT and IP routing between systems. Even > installing a typical web/app/db stack requires local socket interaction > between devices using the same networking - perhaps start with this first > and understand local socket connections to 127.0.0.1 first. Then move into > docker and IProute2 namespace separation with Docker and like > technologies. If you understand how a firewall works, this isn't that much > more complex. > > Keeping a consistent control plane between applications (again web/app/db) > and basic ip reachability isn't too hard when you understand vlans and > networking, maybe extending into overlay tech like Zerotier and Tailscale > for apps to talk to each other, securely, and across > clouds/networks/domains in general. > > I could give a whole "In the beginning.." speech, but best you simply > learn some networking first. > > -mb > > > On Tue, Jun 13, 2023 at 3:19 PM David Schwartz via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > >> Right now I just want to be able to run my web app on my phone and have >> it access my back-end service remotely. >> >> I’m just having a challenge getting that "signal chain” set up and >> working. I know what it’s supposed to be in theory; it’s just not as easy >> as plugging a wire between a couple of sockets. >> >> Docker is optional. >> >> How can I do something like a "signal trace” in Windows? >> >> -David Schwartz >> >> >> >> >> On Jun 13, 2023, at 2:19 PM, Michael Butash via PLUG-discuss < >> plug-discuss@lists.phxlinux.org> wrote: >> >> Docker should be an inside to outside port mapping for your application. >> The outside port maps needs to reflect your firewall, load balancer, or >> whatever forwards traffic to it as the destination. >> >> [internet]-[firewall]-[host]-[docker] - you want to thread the needle of >> ports. This to That. >> >> If you don't want public facing ports for security reasons, vpn like >> openvpn or an overlay like zerotier/tailscale is recommended. >> >> -mb >> >> >> >> On Tue, Jun 13, 2023 at 2:03 PM David Schwartz via PLUG-discuss < >> plug-discuss@lists.phxlinux.org> wrote: >> >>> I’m looking for someone familiar with Docker who can help me out a >>> little bit. >>> >>> I’m working on an app with a REST-based web service that I’ve been >>> building inside of a VM (VirtualBox) running Win 10. I’m having trouble >>> getting the service part working on a remote server, and someone suggested >>> using Docker to isolate it and get it running inside of the VM first, then >>> copy it to the remote server. The remote server is also Windows based, >>> obviously. >>> >>> I’m having trouble getting all of the IPs and ports and holes in the >>> firewall aligned so I can reach it from outside the server. >>> >>> Right now I probably don’t _need_ Docker, although it could be helpful >>> at some point when I’ll need to scale-up, so I’m not even really committed >>> to using it other than it might be easier to set it up inside of the VM and >>> make everything work there first. >>> >>> (As much as I’d like to build the service to run on Linux, one of the >>> libraries I’m using is not set up for Linux yet, so it’s not an option at >>> this time. The vendor says they might support Linux at some point in the >>> future.) >>> >>> Anyway, I’m just looking to see if anybody might be able to help me get >>> my service code running on a remote Windows server that’s accessible from >>> elsew
Re: r u familiar with Docker?
As a "network guy", i.e. someone operating at layer 1-4 mostly, I would say you need to understand networking first. So few developers and system folk do, and thus struggle in today's day and age around basic networking functions in a cloud world. It's some basic tradition of "when a packet in a pocket hits a socket" like a childhood rhyme that goes unheard, and really should if you call yourself a self-respecting developer today or the past 20 years. Understanding basic Layer 1-7 of the network OSI model is the key. Docker relies heavily on NAT and IP routing between systems. Even installing a typical web/app/db stack requires local socket interaction between devices using the same networking - perhaps start with this first and understand local socket connections to 127.0.0.1 first. Then move into docker and IProute2 namespace separation with Docker and like technologies. If you understand how a firewall works, this isn't that much more complex. Keeping a consistent control plane between applications (again web/app/db) and basic ip reachability isn't too hard when you understand vlans and networking, maybe extending into overlay tech like Zerotier and Tailscale for apps to talk to each other, securely, and across clouds/networks/domains in general. I could give a whole "In the beginning.." speech, but best you simply learn some networking first. -mb On Tue, Jun 13, 2023 at 3:19 PM David Schwartz via PLUG-discuss < plug-discuss@lists.phxlinux.org> wrote: > Right now I just want to be able to run my web app on my phone and have it > access my back-end service remotely. > > I’m just having a challenge getting that "signal chain” set up and > working. I know what it’s supposed to be in theory; it’s just not as easy > as plugging a wire between a couple of sockets. > > Docker is optional. > > How can I do something like a "signal trace” in Windows? > > -David Schwartz > > > > > On Jun 13, 2023, at 2:19 PM, Michael Butash via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > > Docker should be an inside to outside port mapping for your application. > The outside port maps needs to reflect your firewall, load balancer, or > whatever forwards traffic to it as the destination. > > [internet]-[firewall]-[host]-[docker] - you want to thread the needle of > ports. This to That. > > If you don't want public facing ports for security reasons, vpn like > openvpn or an overlay like zerotier/tailscale is recommended. > > -mb > > > > On Tue, Jun 13, 2023 at 2:03 PM David Schwartz via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > >> I’m looking for someone familiar with Docker who can help me out a little >> bit. >> >> I’m working on an app with a REST-based web service that I’ve been >> building inside of a VM (VirtualBox) running Win 10. I’m having trouble >> getting the service part working on a remote server, and someone suggested >> using Docker to isolate it and get it running inside of the VM first, then >> copy it to the remote server. The remote server is also Windows based, >> obviously. >> >> I’m having trouble getting all of the IPs and ports and holes in the >> firewall aligned so I can reach it from outside the server. >> >> Right now I probably don’t _need_ Docker, although it could be helpful at >> some point when I’ll need to scale-up, so I’m not even really committed to >> using it other than it might be easier to set it up inside of the VM and >> make everything work there first. >> >> (As much as I’d like to build the service to run on Linux, one of the >> libraries I’m using is not set up for Linux yet, so it’s not an option at >> this time. The vendor says they might support Linux at some point in the >> future.) >> >> Anyway, I’m just looking to see if anybody might be able to help me get >> my service code running on a remote Windows server that’s accessible from >> elsewhere. (The code itself runs on the server, I just can’t reach it from >> the outside, which is the whole point of having it there.) >> >> >> -David Schwartz >> >> >> >> >> --- >> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >> > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > > > --
Re: r u familiar with Docker?
Right now I just want to be able to run my web app on my phone and have it access my back-end service remotely. I’m just having a challenge getting that "signal chain” set up and working. I know what it’s supposed to be in theory; it’s just not as easy as plugging a wire between a couple of sockets. Docker is optional. How can I do something like a "signal trace” in Windows? -David Schwartz > On Jun 13, 2023, at 2:19 PM, Michael Butash via PLUG-discuss > wrote: > > Docker should be an inside to outside port mapping for your application. The > outside port maps needs to reflect your firewall, load balancer, or whatever > forwards traffic to it as the destination. > > [internet]-[firewall]-[host]-[docker] - you want to thread the needle of > ports. This to That. > > If you don't want public facing ports for security reasons, vpn like openvpn > or an overlay like zerotier/tailscale is recommended. > > -mb > > > > On Tue, Jun 13, 2023 at 2:03 PM David Schwartz via PLUG-discuss > mailto:plug-discuss@lists.phxlinux.org>> > wrote: > I’m looking for someone familiar with Docker who can help me out a little bit. > > I’m working on an app with a REST-based web service that I’ve been building > inside of a VM (VirtualBox) running Win 10. I’m having trouble getting the > service part working on a remote server, and someone suggested using Docker > to isolate it and get it running inside of the VM first, then copy it to the > remote server. The remote server is also Windows based, obviously. > > I’m having trouble getting all of the IPs and ports and holes in the firewall > aligned so I can reach it from outside the server. > > Right now I probably don’t _need_ Docker, although it could be helpful at > some point when I’ll need to scale-up, so I’m not even really committed to > using it other than it might be easier to set it up inside of the VM and make > everything work there first. > > (As much as I’d like to build the service to run on Linux, one of the > libraries I’m using is not set up for Linux yet, so it’s not an option at > this time. The vendor says they might support Linux at some point in the > future.) > > Anyway, I’m just looking to see if anybody might be able to help me get my > service code running on a remote Windows server that’s accessible from > elsewhere. (The code itself runs on the server, I just can’t reach it from > the outside, which is the whole point of having it there.) > > > -David Schwartz > > > > > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > <mailto:PLUG-discuss@lists.phxlinux.org> > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > <https://lists.phxlinux.org/mailman/listinfo/plug-discuss> > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss
Re: r u familiar with Docker?
Docker should be an inside to outside port mapping for your application. The outside port maps needs to reflect your firewall, load balancer, or whatever forwards traffic to it as the destination. [internet]-[firewall]-[host]-[docker] - you want to thread the needle of ports. This to That. If you don't want public facing ports for security reasons, vpn like openvpn or an overlay like zerotier/tailscale is recommended. -mb On Tue, Jun 13, 2023 at 2:03 PM David Schwartz via PLUG-discuss < plug-discuss@lists.phxlinux.org> wrote: > I’m looking for someone familiar with Docker who can help me out a little > bit. > > I’m working on an app with a REST-based web service that I’ve been > building inside of a VM (VirtualBox) running Win 10. I’m having trouble > getting the service part working on a remote server, and someone suggested > using Docker to isolate it and get it running inside of the VM first, then > copy it to the remote server. The remote server is also Windows based, > obviously. > > I’m having trouble getting all of the IPs and ports and holes in the > firewall aligned so I can reach it from outside the server. > > Right now I probably don’t _need_ Docker, although it could be helpful at > some point when I’ll need to scale-up, so I’m not even really committed to > using it other than it might be easier to set it up inside of the VM and > make everything work there first. > > (As much as I’d like to build the service to run on Linux, one of the > libraries I’m using is not set up for Linux yet, so it’s not an option at > this time. The vendor says they might support Linux at some point in the > future.) > > Anyway, I’m just looking to see if anybody might be able to help me get my > service code running on a remote Windows server that’s accessible from > elsewhere. (The code itself runs on the server, I just can’t reach it from > the outside, which is the whole point of having it there.) > > > -David Schwartz > > > > > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss
r u familiar with Docker?
I’m looking for someone familiar with Docker who can help me out a little bit. I’m working on an app with a REST-based web service that I’ve been building inside of a VM (VirtualBox) running Win 10. I’m having trouble getting the service part working on a remote server, and someone suggested using Docker to isolate it and get it running inside of the VM first, then copy it to the remote server. The remote server is also Windows based, obviously. I’m having trouble getting all of the IPs and ports and holes in the firewall aligned so I can reach it from outside the server. Right now I probably don’t _need_ Docker, although it could be helpful at some point when I’ll need to scale-up, so I’m not even really committed to using it other than it might be easier to set it up inside of the VM and make everything work there first. (As much as I’d like to build the service to run on Linux, one of the libraries I’m using is not set up for Linux yet, so it’s not an option at this time. The vendor says they might support Linux at some point in the future.) Anyway, I’m just looking to see if anybody might be able to help me get my service code running on a remote Windows server that’s accessible from elsewhere. (The code itself runs on the server, I just can’t reach it from the outside, which is the whole point of having it there.) -David Schwartz --- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss
Re: Docker
Also for kubernetes deployments the Dockershim has been deprecated and the move to containerd for your CRI runtime is a good option. Nice thing about podman is that all your Docker files still work - plug & play 8) On Thu, May 4, 2023 at 11:08 AM Snyder, Alexander J via PLUG-discuss wrote: > > Well, I'm already a RHEL groupie, so this is excellent news! > -- > Thanks, > Alex. > > > > > On Thu, May 4, 2023 at 10:20 AM Ryan Petris via PLUG-discuss > wrote: >> >> podman is free and available in most distributions now. >> >> One of the advantages of podman, even if you're still running containers as >> root, is that is plays nicely with systemd/cgroups. Docker containers would >> end up running in whatever cgroup the docker daemon was running in rather >> than the one the docker command was run from. >> >> So in a way, podman can be made even more secure than Docker as it can be >> run in a cgroup with restricted permissions just for that application. >> >> On Thu, May 4, 2023, at 9:57 AM, Snyder, Alexander J via PLUG-discuss wrote: >> >> Is podman free? I assumed it was locked up behind a rhel subscription >> pay-wall. >> -- >> Thanks, >> Alex. >> >> >> >> >> On Mon, Apr 3, 2023 at 1:49 PM Shaun Anderson via PLUG-discuss >> wrote: >> >> Some churn going on in the Docker space right now. >> https://github.com/docker/hub-feedback/issues/2314#issuecomment-1468633085 >> >> Organizations that host their images are having to convert their free legacy >> accounts to newer organization accounts and sounds like it's not going >> smoothly. This could mean that one day you do a 'docker pull' and it can't >> find that image anymore because the account/repo has been shutdown. >> >> I'm converting my things to podman since you can run it rootless, and >> because I do a lot in RHEL anyways so why not. >> >> Might not affect what you're looking to do but something to keep an eye on. >> >> -Shaun >> >> On Mon, Apr 3, 2023 at 12:37 PM Stephen Partington via PLUG-discuss >> wrote: >> >> I have used RHEL, Ubuntu (Preferred), and Amazon Linux (RHEL/Cent related) >> >> Docker doesn't care too much, choose the Distro you trust and go from there. >> >> On Mon, Apr 3, 2023 at 3:34 PM Steve B via PLUG-discuss >> wrote: >> >> I"m looking to dip my toes into Docker for use on my home network. Reading >> up on what to consider for running atop the bare metal it seems like two of >> the most mentioned have been discontinued - CoreOS and RancherOS, and Atomic >> supposedly is not quite ready for production. At least according to some >> articles. >> >> What are others using to host their Docker containers on their home networks? >> >> Steve >> --- >> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >> >> >> >> -- >> A mouse trap, placed on top of your alarm clock, will prevent you from >> rolling over and going back to sleep after you hit the snooze button. >> >> Stephen >> --- >> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >> >> --- >> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >> >> --- >> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >> >> >> --- >> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss > > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss --- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss
Re: Docker
Well, I'm already a RHEL groupie, so this is excellent news! -- Thanks, Alex. On Thu, May 4, 2023 at 10:20 AM Ryan Petris via PLUG-discuss < plug-discuss@lists.phxlinux.org> wrote: > podman is free and available in most distributions now. > > One of the advantages of podman, even if you're still running containers > as root, is that is plays nicely with systemd/cgroups. Docker containers > would end up running in whatever cgroup the docker daemon was running in > rather than the one the docker command was run from. > > So in a way, podman can be made even more secure than Docker as it can be > run in a cgroup with restricted permissions just for that application. > > On Thu, May 4, 2023, at 9:57 AM, Snyder, Alexander J via PLUG-discuss > wrote: > > Is podman free? I assumed it was locked up behind a rhel subscription > pay-wall. > -- > Thanks, > Alex. > > > > > On Mon, Apr 3, 2023 at 1:49 PM Shaun Anderson via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > > Some churn going on in the Docker space right now. > https://github.com/docker/hub-feedback/issues/2314#issuecomment-1468633085 > > Organizations that host their images are having to convert their free > legacy accounts to newer organization accounts and sounds like it's not > going smoothly. This could mean that one day you do a 'docker pull' and it > can't find that image anymore because the account/repo has been shutdown. > > I'm converting my things to podman since you can run it rootless, and > because I do a lot in RHEL anyways so why not. > > Might not affect what you're looking to do but something to keep an eye on. > > -Shaun > > On Mon, Apr 3, 2023 at 12:37 PM Stephen Partington via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > > I have used RHEL, Ubuntu (Preferred), and Amazon Linux (RHEL/Cent related) > > Docker doesn't care too much, choose the Distro you trust and go from > there. > > On Mon, Apr 3, 2023 at 3:34 PM Steve B via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > > I"m looking to dip my toes into Docker for use on my home network. Reading > up on what to consider for running atop the bare metal it seems like two of > the most mentioned have been discontinued - CoreOS and RancherOS, and > Atomic supposedly is not quite ready for production. At least according to > some articles. > > What are others using to host their Docker containers on their home > networks? > > Steve > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > > > > -- > A mouse trap, placed on top of your alarm clock, will prevent you from > rolling over and going back to sleep after you hit the snooze button. > > Stephen > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > > > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss
Re: Docker
podman is free and available in most distributions now. One of the advantages of podman, even if you're still running containers as root, is that is plays nicely with systemd/cgroups. Docker containers would end up running in whatever cgroup the docker daemon was running in rather than the one the docker command was run from. So in a way, podman can be made even more secure than Docker as it can be run in a cgroup with restricted permissions just for that application. On Thu, May 4, 2023, at 9:57 AM, Snyder, Alexander J via PLUG-discuss wrote: > Is podman free? I assumed it was locked up behind a rhel subscription > pay-wall. > -- > Thanks, > Alex. > > > > > On Mon, Apr 3, 2023 at 1:49 PM Shaun Anderson via PLUG-discuss > wrote: >> Some churn going on in the Docker space right now. >> https://github.com/docker/hub-feedback/issues/2314#issuecomment-1468633085 >> >> Organizations that host their images are having to convert their free legacy >> accounts to newer organization accounts and sounds like it's not going >> smoothly. This could mean that one day you do a 'docker pull' and it can't >> find that image anymore because the account/repo has been shutdown. >> >> I'm converting my things to podman since you can run it rootless, and >> because I do a lot in RHEL anyways so why not. >> >> Might not affect what you're looking to do but something to keep an eye on. >> >> -Shaun >> >> On Mon, Apr 3, 2023 at 12:37 PM Stephen Partington via PLUG-discuss >> wrote: >>> I have used RHEL, Ubuntu (Preferred), and Amazon Linux (RHEL/Cent related) >>> >>> Docker doesn't care too much, choose the Distro you trust and go from there. >>> >>> On Mon, Apr 3, 2023 at 3:34 PM Steve B via PLUG-discuss >>> wrote: >>>> I"m looking to dip my toes into Docker for use on my home network. Reading >>>> up on what to consider for running atop the bare metal it seems like two >>>> of the most mentioned have been discontinued - CoreOS and RancherOS, and >>>> Atomic supposedly is not quite ready for production. At least according to >>>> some articles. >>>> >>>> What are others using to host their Docker containers on their home >>>> networks? >>>> >>>> Steve >>>> --- >>>> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >>>> To subscribe, unsubscribe, or to change your mail settings: >>>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >>> >>> >>> -- >>> A mouse trap, placed on top of your alarm clock, will prevent you from >>> rolling over and going back to sleep after you hit the snooze button. >>> >>> Stephen >>> --- >>> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >>> To subscribe, unsubscribe, or to change your mail settings: >>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >> --- >> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss
Re: Docker
It's avail on any redhat derivative that i've used. I actively use podman on Rocky. On Thu, May 4, 2023 at 9:58 AM Snyder, Alexander J via PLUG-discuss < plug-discuss@lists.phxlinux.org> wrote: > Is podman free? I assumed it was locked up behind a rhel subscription > pay-wall. > -- > Thanks, > Alex. > > > > > On Mon, Apr 3, 2023 at 1:49 PM Shaun Anderson via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > >> Some churn going on in the Docker space right now. >> https://github.com/docker/hub-feedback/issues/2314#issuecomment-1468633085 >> >> Organizations that host their images are having to convert their free >> legacy accounts to newer organization accounts and sounds like it's not >> going smoothly. This could mean that one day you do a 'docker pull' and it >> can't find that image anymore because the account/repo has been shutdown. >> >> I'm converting my things to podman since you can run it rootless, and >> because I do a lot in RHEL anyways so why not. >> >> Might not affect what you're looking to do but something to keep an eye >> on. >> >> -Shaun >> >> On Mon, Apr 3, 2023 at 12:37 PM Stephen Partington via PLUG-discuss < >> plug-discuss@lists.phxlinux.org> wrote: >> >>> I have used RHEL, Ubuntu (Preferred), and Amazon Linux (RHEL/Cent >>> related) >>> >>> Docker doesn't care too much, choose the Distro you trust and go from >>> there. >>> >>> On Mon, Apr 3, 2023 at 3:34 PM Steve B via PLUG-discuss < >>> plug-discuss@lists.phxlinux.org> wrote: >>> >>>> I"m looking to dip my toes into Docker for use on my home network. >>>> Reading up on what to consider for running atop the bare metal it seems >>>> like two of the most mentioned have been discontinued - CoreOS and >>>> RancherOS, and Atomic supposedly is not quite ready for production. At >>>> least according to some articles. >>>> >>>> What are others using to host their Docker containers on their home >>>> networks? >>>> >>>> Steve >>>> --- >>>> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >>>> To subscribe, unsubscribe, or to change your mail settings: >>>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >>>> >>> >>> >>> -- >>> A mouse trap, placed on top of your alarm clock, will prevent you from >>> rolling over and going back to sleep after you hit the snooze button. >>> >>> Stephen >>> >>> --- >>> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >>> To subscribe, unsubscribe, or to change your mail settings: >>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >>> >> --- >> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >> > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > -- James McPhee jmc...@gmail.com --- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss
Re: Docker
Is podman free? I assumed it was locked up behind a rhel subscription pay-wall. -- Thanks, Alex. On Mon, Apr 3, 2023 at 1:49 PM Shaun Anderson via PLUG-discuss < plug-discuss@lists.phxlinux.org> wrote: > Some churn going on in the Docker space right now. > https://github.com/docker/hub-feedback/issues/2314#issuecomment-1468633085 > > Organizations that host their images are having to convert their free > legacy accounts to newer organization accounts and sounds like it's not > going smoothly. This could mean that one day you do a 'docker pull' and it > can't find that image anymore because the account/repo has been shutdown. > > I'm converting my things to podman since you can run it rootless, and > because I do a lot in RHEL anyways so why not. > > Might not affect what you're looking to do but something to keep an eye on. > > -Shaun > > On Mon, Apr 3, 2023 at 12:37 PM Stephen Partington via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > >> I have used RHEL, Ubuntu (Preferred), and Amazon Linux (RHEL/Cent related) >> >> Docker doesn't care too much, choose the Distro you trust and go from >> there. >> >> On Mon, Apr 3, 2023 at 3:34 PM Steve B via PLUG-discuss < >> plug-discuss@lists.phxlinux.org> wrote: >> >>> I"m looking to dip my toes into Docker for use on my home network. >>> Reading up on what to consider for running atop the bare metal it seems >>> like two of the most mentioned have been discontinued - CoreOS and >>> RancherOS, and Atomic supposedly is not quite ready for production. At >>> least according to some articles. >>> >>> What are others using to host their Docker containers on their home >>> networks? >>> >>> Steve >>> --- >>> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >>> To subscribe, unsubscribe, or to change your mail settings: >>> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >>> >> >> >> -- >> A mouse trap, placed on top of your alarm clock, will prevent you from >> rolling over and going back to sleep after you hit the snooze button. >> >> Stephen >> >> --- >> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >> > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss
Re: Docker
Some churn going on in the Docker space right now. https://github.com/docker/hub-feedback/issues/2314#issuecomment-1468633085 Organizations that host their images are having to convert their free legacy accounts to newer organization accounts and sounds like it's not going smoothly. This could mean that one day you do a 'docker pull' and it can't find that image anymore because the account/repo has been shutdown. I'm converting my things to podman since you can run it rootless, and because I do a lot in RHEL anyways so why not. Might not affect what you're looking to do but something to keep an eye on. -Shaun On Mon, Apr 3, 2023 at 12:37 PM Stephen Partington via PLUG-discuss < plug-discuss@lists.phxlinux.org> wrote: > I have used RHEL, Ubuntu (Preferred), and Amazon Linux (RHEL/Cent related) > > Docker doesn't care too much, choose the Distro you trust and go from > there. > > On Mon, Apr 3, 2023 at 3:34 PM Steve B via PLUG-discuss < > plug-discuss@lists.phxlinux.org> wrote: > >> I"m looking to dip my toes into Docker for use on my home network. >> Reading up on what to consider for running atop the bare metal it seems >> like two of the most mentioned have been discontinued - CoreOS and >> RancherOS, and Atomic supposedly is not quite ready for production. At >> least according to some articles. >> >> What are others using to host their Docker containers on their home >> networks? >> >> Steve >> --- >> PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> https://lists.phxlinux.org/mailman/listinfo/plug-discuss >> > > > -- > A mouse trap, placed on top of your alarm clock, will prevent you from > rolling over and going back to sleep after you hit the snooze button. > > Stephen > > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > --- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss
Re: Docker
I have used RHEL, Ubuntu (Preferred), and Amazon Linux (RHEL/Cent related) Docker doesn't care too much, choose the Distro you trust and go from there. On Mon, Apr 3, 2023 at 3:34 PM Steve B via PLUG-discuss < plug-discuss@lists.phxlinux.org> wrote: > I"m looking to dip my toes into Docker for use on my home network. Reading > up on what to consider for running atop the bare metal it seems like two of > the most mentioned have been discontinued - CoreOS and RancherOS, and > Atomic supposedly is not quite ready for production. At least according to > some articles. > > What are others using to host their Docker containers on their home > networks? > > Steve > --- > PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > https://lists.phxlinux.org/mailman/listinfo/plug-discuss > -- A mouse trap, placed on top of your alarm clock, will prevent you from rolling over and going back to sleep after you hit the snooze button. Stephen --- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss
Docker
I"m looking to dip my toes into Docker for use on my home network. Reading up on what to consider for running atop the bare metal it seems like two of the most mentioned have been discontinued - CoreOS and RancherOS, and Atomic supposedly is not quite ready for production. At least according to some articles. What are others using to host their Docker containers on their home networks? Steve --- PLUG-discuss mailing list: PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss
Docker and MINDS
Anyone have experience with deploying MINDS in docker and maybe some step by step instruction. I'm also using portainer\ -- Keith D. Miller --- PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: https://lists.phxlinux.org/mailman/listinfo/plug-discuss
Anybody see this announcement between MS and Docker?
This looks interesting: https://blog.docker.com/2014/10/docker-microsoft-partner-distributed-applications/ Not so much for the MS part, but the general concept that has been evolving within the Linux environment. I’m not sure I totally understand it, tho. I attended an Amazon “Big Data” presentation in Tempe a few weeks ago, and it was interesting to see how they’ve done something similar (if I’m getting the idea correctly) in the way they now allow you to provision and stand-up any number of nodes using HADOOP. They can be running many Linux variants as well as several Windows platforms, not to mention a bunch of databses. But I don’t think they’re “containerized” — just VMs that are allocated as-needed. Thoughts? -David --- PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: http://lists.phxlinux.org/mailman/listinfo/plug-discuss
