34 stories
·
1 follower

Running Docker on Docker Enterprise Edition 2.0

1 Comment and 2 Shares

Docker EE 2.0

Did you know that Docker Hub has millions of users pulling roughly one billion container images every two weeks — and it all runs on Docker Enterprise Edition?

Docker Enterprise Edition 2.0 may now be available to commercial customers who require an enterprise-ready container platform, but the Docker operations team has already been using it in production for some time. As part of our commitment to delivering high quality software that is ready to support your mission-critical applications, we leverage Docker Enterprise Edition 2.0 as the platform behind Docker Hub and our other SaaS services, Docker Store, and Docker Cloud.

Some organizations call it “dogfooding;” some call it “drinking your own champagne.” Whatever you call it, the importance of this program is to be fully invested in our own container platform and share in the same operational experiences as our customers.

Our Migration to Kubernetes

One of the main features of this latest release is the integration of Kubernetes so we wanted to make sure we are leveraging this capability. Working closely with our SaaS team leads, we chose a few services to migrate to Kubernetes while keeping others on Swarm.

For people already running Docker EE, upgrading to the latest version to get a Kubernetes cluster running is really easy. It only required running a single command to upgrade our existing Universal Control Plane (UCP) in Docker EE – for new users, simply swap “upgrade” with “install”. Yes, it’s this easy:

docker run --rm -it --name ucp -v /var/run/docker.sock:/var/run/docker.sock docker/ucp:3.0.0 upgrade --interactive

You don’t need to build your own etcd cluster or follow a detailed installation guide! A vanilla Kubernetes installation is built and managed by Docker EE 2.0 out of the box, removing the complexities of a Kubernetes deployment.

We then went to work on making sure our existing architecture and solutions worked with the Kubernetes services. Good news – if you’re already working with a Docker environment, introducing Kubernetes with Docker EE 2.0 integrates without any changes in your architecture or tools for your environment.  For instance, we were able to keep all of our existing logging and monitoring solutions. Only minor updates were made to our routing solution to support running Swarm and Kubernetes services in parallel, building on top of Project Calico networking components that come integrated with Docker EE 2.0.

From there, our application teams took over to move some applications into Kubernetes. No changes were needed in application code since we were only changing the container scheduler, and since we already had Compose files defining our Swarm services, it was simple to translate them for Kubernetes deployment.

This all happened before public release of Docker EE 2.0. If you pulled an image from Docker Hub in the past couple weeks, part of your request passed through a container orchestrated by Kubernetes in our Docker EE 2.0 cluster!

Secure Application Zones within the Docker Team

Our goal as an infrastructure team is to provide self-service infrastructure resources to our development teams. Because there are many teams and sets of applications that go into running Docker’s SaaS products, it’s critical that we are able to segregate the Docker EE workloads and permissions across our 100+ node production cluster. Docker EE handles this through the concept of Resource Sets, and with Docker EE 2.0, this concept has been extended into Kubernetes namespaces.

By adding nodes to Resource Sets and granting users access to that Set with the role-based access controls, we can guarantee that when a user on it will land on the correct nodes and have the correct permissions to other Kubernetes objects based on the namespace. This means we can provide infrastructure for many teams while keeping workloads secure and separate where required, and prevent resource contention between sets of applications and teams. This makes my life, and the lives of our developers, a lot easier!

Next Steps

To learn more about this release:


commitment to deliver the highest quality software to our customers starts with running #Docker Hub…
Click To Tweet


The post Running Docker on Docker Enterprise Edition 2.0 appeared first on Docker Blog.

Read the whole story
jheiss
111 days ago
reply
"Pulling roughly one billion container images every two weeks"? "Pulling 70 million container images a day" didn't sound good enough? Seems like an "enough basketballs to fill a football stadium" measurement.
Share this story
Delete

3D Touch Needs to Be Pervasive

2 Comments

Juli Clover, writing for MacRumors:

Kuo says that the 6.1-inch iPhone will use what he calls “Cover Glass Sensor” (CGS) technology, relocating the iPhone’s touch module from the display panel (in-cell technology) to the surface glass. The CGS method reportedly results in a display that’s lighter and more shock resistant.

With this display technology, Apple will add a thin-film sensor to the touch film sensor included in the CGS, but the purpose of the new layer is unknown. It will, however, result in a 15 percent increase in the cost of the touch panel, resulting in a higher purchase price of $23 to $26.

To offset the cost of the new display it plans to use, Kuo believes Apple will remove the 3D Touch functionality on the 6.1-inch iPhone, which would be a curious move as 3D Touch is well-integrated throughout the operating system that runs on the iPhone at this point.

I don’t generally link to rumors like this, but this one caught my eye because I’ve been thinking a lot about 3D touch lately. 3D touch is the sort of feature that either needs to be on all iPhones or else should be dropped. If it’s not pervasive across the entire platform, developers can’t count on it. I think that’s why it’s underutilized today. But it’s one thing to wait for older iPhones from the pre-3D touch era to drop out of usage. It’s another for Apple to sell a brand new phone in 2018 without it. I’m not going to rant and rave about something that’s only a rumor — but if September rolls around and Apple ships this new phone without 3D touch to save a few measly dollars, I’m going to rant and rave.

I also think it’s a serious problem that iPhones have 3D touch and iPads don’t, but iPads are stuck running an OS where 3D touch is the way to bring up a contextual shortcut menu, but that’s a different rant.

Read the whole story
jheiss
111 days ago
reply
I was kinda surprised and disappointed to find that my new iPad doesn't have 3D touch. Once I discovered on my phone that you can use 3D touch on top of the keyboard to move the cursor around I use that all the time. Having to go back to trying to directly place the cursor in text reminds me how much I think that UX fails.
invinciblegod
111 days ago
You can use multitouch to do that on ipad, just put two fingers on keyboard and you can place cursor anywhere.
jheiss
111 days ago
Well look at that. That's awesome. Thanks!
samuel
111 days ago
Good to know, I was wondering the same thing.
joelowrance
111 days ago
TIL
wreichard
110 days ago
I hate that that two-finger gesture isn't on my iPhone as well...especially with an SE, it is ridiculous to move the cursor around.
Share this story
Delete
1 public comment
WebWrangler
110 days ago
reply
Wow! Thanks! I didn’t know that either.
South Puget Sound

★ Company-Wide Apple Memo on ‘The Impact of Leaks’ Leaks

2 Comments and 3 Shares

Mark Gurman has obtained a copy of a company-wide memo on leaking, and published it at Bloomberg. I suggest skipping Gurman’s summary of the memo and scrolling down to the memo itself. Curiously, Gurman doesn’t say when the memo was posted and he omits its headline. I’ve heard the memo was posted on Monday this week, and the headline was “The Impact of Leaks”. Some observations, starting with the opening:

Last month, Apple caught and fired the employee responsible for leaking details from an internal, confidential meeting about Apple’s software roadmap. Hundreds of software engineers were in attendance, and thousands more within the organization received details of its proceedings. One person betrayed their trust.

The employee who leaked the meeting to a reporter later told Apple investigators that he did it because he thought he wouldn’t be discovered. But people who leak — whether they’re Apple employees, contractors or suppliers — do get caught and they’re getting caught faster than ever.

Gurman doesn’t mention that the meeting was leaked to Gurman himself — the person who leaked this story was caught and fired. I can see why Gurman and Bloomberg might not want to emphasize that.

Investments by Apple have had an enormous impact on the company’s ability to identify and catch leakers. Just before last September’s special event, an employee leaked a link to the gold master of iOS 11 to the press, again believing he wouldn’t be caught. The unreleased OS detailed soon-to-be-announced software and hardware including iPhone X. Within days, the leaker was identified through an internal investigation and fired.

The iOS 11 GM leak revealed the name “iPhone X”. It also confirmed features like Face ID and wireless charging, but the name was the big one. Face ID and wireless charging had been rumored for a year, but until that leak just three days before the event, we had no idea what Apple was going to call its new phones.

Global Security’s digital forensics also helped catch several employees who were feeding confidential details about new products including iPhone X, iPad Pro and AirPods to a blogger at 9to5Mac.

It’s unclear which stories at 9to5Mac this is about, but the AirPods story is probably this one, which was a huge scoop published 9 months before AirPods were announced — by none other than Mark Gurman. It seems possible that every single specific example cited by Apple in this memo was someone leaking to Mark Gurman. Makes you wonder who had the balls to send this memo to him. We’ll be getting into Inception territory if the leaker of the memo on leakers getting fired for leaking to Gurman gets fired for leaking it to Gurman.

Leakers do not simply lose their jobs at Apple. In some cases, they face jail time and massive fines for network intrusion and theft of trade secrets both classified as federal crimes. In 2017, Apple caught 29 leakers. 12 of those were arrested. Among those were Apple employees, contractors and some partners in Apple’s supply chain. These people not only lose their jobs, they can face extreme difficulty finding employment elsewhere. “The potential criminal consequences of leaking are real,” says Tom Moyer of Global Security, “and that can become part of your personal and professional identity forever.”

Getting fired for leaking — we all knew that happened. But this is the first I’ve heard of leakers being prosecuted criminally and going to jail. Apple is not fucking around regarding leaks.

Read the whole story
jheiss
125 days ago
reply
Since I had to Google it to find out, apparently "Global Security" is Apple's name for their security team, not a reference to a third party.
Share this story
Delete

Behind the Scenes of Spike Jonze’s ‘Welcome Home’ HomePod Music Video

1 Comment

Tim Nudd, writing for AdWeek:

Apple’s short film “Welcome Home,” directed by Spike Jonze and starring FKA twigs as a beleaguered city dweller whose drab apartment becomes a colorful, shape-shifting oasis thanks to her HomePod device, is easily one of 2018’s most captivating ads so far.

Now, we get a behind-the-scenes look at the film, which not only answers all of our questions about how it was made — it might just be the most engaging, comprehensive and flat-out best BTS video we’ve seen for an advertisement.

“It’s like a magic trick.”

Read the whole story
jheiss
147 days ago
reply
I still have no interest in buying a HomePod, but that was amazing.
Share this story
Delete

Maybe This Makes Sense in the Original French

1 Comment and 2 Shares

Gregory Viscusi, Marie Mawad, and Helene Fouquet, reporting for Bloomberg:

Finance Minister Bruno Le Maire said Wednesday France will take legal action against Google and Apple and fines could be in the “million of euros”. Fines are likely to be about 2 million euros ($2.5 million) per company, accused of taking advantage of local developers. This comes after a two-year investigation by the ministry’s fraud repression unit, according to an official in Le Maire’s office.

“I learned that when developers develop their applications, and sell to Google and Apple, their prices are imposed, Google and Apple take all their data, Google and Apple can unilaterally rewrite their contracts,” Le Maire said in an interview with RTL radio. “All that is unacceptable and it’s not the economy that we want. They can’t treat our startups and developers the way they do.”

What in the hell is he talking about? I guess the “imposed” prices could be something about the 30/70 percent split in the app stores, but it makes zero sense to argue that “Google and Apple take all their data”. Maybe this was mistranslated from French? But that seems highly unlikely given that at least one of the bylined reporters is fluent in the language.

And what’s the point of a $2 million fine? Last quarter Apple made $200 million in profit per day. It would take Apple about 15 minutes to generate $2 million in profit. This is some serious Dr. Evil math.

Read the whole story
jheiss
155 days ago
reply
Bruno Le Maire himself was on NPR last night and said in English basically the same thing about "taking all their data", so whatever he means it isn't a translation error.
Share this story
Delete

Apple KnowledgeBase: ‘iPhone Battery and Performance’

1 Comment

Alongside their letter to customers on the iPhone battery/performance controversy, Apple has released a detailed KnowledgeBase article with a technical overview of what’s going on and why:

When power is pulled from a battery with a higher level of impedance, the battery’s voltage will drop to a greater degree. Electronic components require a minimum voltage to operate. This includes the device’s internal storage, power circuits, and the battery itself. The power management system determines the capability of the battery to supply this power, and manages the loads in order to maintain operations. When the operations can no longer be supported with the full capabilities of the power management system, the system will perform a shutdown to preserve these electronic components. While this shutdown is intentional from the device perspective, it may be unexpected by the user.

I love that “may be”.

With a low battery state of charge, a higher chemical age, or colder temperatures, users are more likely to experience unexpected shutdowns. In extreme cases, shutdowns can occur more frequently, thereby rendering the device unreliable or unusable. iOS 10.2.1 (Released January 2017) includes updates for previous models of iPhone to prevent them from unexpectedly shutting down. This includes a feature for iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, and iPhone SE to dynamically manage the instantaneous performance peaks, only when needed, to prevent the device from unexpectedly shutting down. This capability was also extended to iPhone 7 and iPhone 7 Plus with iOS 11.2, and we will continue improving our power management feature in the future. This feature’s only intent is to prevent unexpected shutdowns so that the iPhone can still be used.

If you have an eligible iPhone (iPhone 6 or later), Apple’s upcoming $29 replacement program might be some of the best money you can spend. But again, if you have an iPhone that is really slow all the time, there’s a good chance there’s something wrong with it other than (or in addition to) the battery. A wipe and restore won’t cost you anything but some time, and seems to solve many “slow iPhone” problems.

Read the whole story
jheiss
230 days ago
reply
I did a wipe and restore last weekend and it fixed most of the slowness I had experienced with my 6S since upgrading to iOS 11. I'm disappointed that Apple hasn't figured out a better way to identify and solve whatever problem is behind that, but glad that my 6S is back to being a usable device. Now hopefully I can wait for the second generation of the iPhone X and Face ID. An iPhone XS sounds like a good next phone for me.
Share this story
Delete
Next Page of Stories