【摘要】作者：Jérôme Petazzoni（ Docker 布道师）译者：Mark Shao（ EMC 中国高级工程师）如果在 CentOS 、 REHL 、 Fedor 或者其他默认没有 AUFS 支持的 Linux 发行版上使用 Docker ，你可能需要用到 Device Mapper 的存储插件… 阅读全文

【摘要】背景前段时间在测试docker的网络性能的时候，发现了一个veth的性能问题，后来给docker官方提交了一个PR，参考set tx_queuelen to 0 when create veth device，引起了一些讨论。再后来，RedHat的网络专家Jesper Brouer出来详细的讨论了一… 阅读全文

【摘要】docker启动时，会在宿主主机上创建一个名为docker0的虚拟网络接口，默认选择172.17.42.1/16，一个16位的子网掩码给容器提供了65534个IP地址。docker0只是一个在绑定到这上面的其他网卡间自动转发数据包的虚拟以太网桥，它可以使容器和主机相互通信,容器与容器间通信。问题是，… 阅读全文

【摘要】1. 前言Together we will ensure that Kubernetes is a strong and open container management framework for any application and in any environment, whether i… 阅读全文

【摘要】ansible简介ansible是与puppet、saltstack类似的集群管理工具，其优点是仅需要ssh和Python即可使用，而不像puppet、saltstack那样都需要客户端。与puppet类似，ansible也支持丰富的功能：批量执行支持模块化，支持playbook（相比puppet还… 阅读全文

layout: “post” title: “Kubernetes drain” date: “2016-02-17 18:57”

Kubernetes v1.2以前，如果想要对某个NODE（也就是Kubelet和Docker所在的机器）进行维护（比如升级Docker或者内核等）又不想影响运行中的Pod的话，需要手动做很多的步骤：

layout: “post” title: “Kubernetes network policy” date: “2016-02-17 18:53”

Kubernetes network policy

Kubernetes社区（确切的说是Kubernetes Network SIG [1]）正在讨论Network Policy Proposal，以实现SDN、网络隔离、IP Overlapping等[2]复杂的网络需求。

layout: “post” title: “Google’s Transition From Single Datacenter, To Failover, To A Native Multihomed Architecture” date: “2016-02-24 10:33” category: cluster tags: [highscalability, google]

The main idea of the paper is that the typical failover architecture used when moving from a single datacenter to multiple datacenters doesn’t work well in practice. What does work, where work means using fewer resources while providing high availability and consistency, is a natively multihomed architecture:

Our current approach is to build natively multihomed systems. Such systems run hot in multiple datacenters all the time, and adaptively move load between datacenters, with the ability to handle outages of any scale completely transparently. Additionally, planned datacenter outages and maintenance events are completely transparent, causing minimal disruption to the operational systems. In the past, such events required labor-intensive efforts to move operational systems from one datacenter to another

... ➦

layout: “post” title: “Docker Datacenter” date: “2016-02-26 17:38” category: docker tags: [docker, cluster]

Docker annonced Docker Datacenter (DDC) at Februrary 23. It is an integrated, end-to-end platform for agile application development and management from the datacenter to the cloud.

With Docker Datacenter, organizations are empowered to deploy a Containers as a Services (CaaS) on-premises or in your virtual private cloud. A CaaS provides an IT managed and secured application environment of content and infrastructure where developers can build and deploy applications in a self service manner.

layout: “post” title: “Alpine Linux” date: “2016-03-26 14:27”

Alpine Linux

随着Alpine Linux被越来越多的官方镜像使用，我们有必要了解一下Alpine Linux到底是个什么鬼。

Alpine Linux 是一个面向安全应用的轻量级 Linux 发行版。它采用了musl libc和busybox以减小系统的体积和运行时资源消耗，同时还提供了自己的包管理工具apk。Alpine Linux的内核都打了grsecurity/PaX补丁，并且所有的程序都编译为Position Independent Executables (PIE) 以增强系统的安全性。