GitLab-CI and Docker Registry
|
|
- Oswald Lynch
- 6 years ago
- Views:
Transcription
1 GitLab-CI and Docker Registry Oleg Fiksel Security CSPI GmbH oleg.fiksel@cspi.com oleg@fiksel.info FrOSCon 2017
2 AGENDA ABOUT INTRODUCTION GitLab 101 Deploying on-premise Known issues END Q & A
3 ABOUT ME Security CSPI 1 (former MODCOMP 2 ) Main topics Architecture Development cycle Perl Coding 1 About CSPi 2 Wikipedia: MODCOMP
4 GOALS OF THIS TALK
5 GOALS OF THIS TALK This is not a comparision of CI tools
6 GOALS OF THIS TALK This is not a comparision of CI tools Provide an overview of dependencies needed to deploy GitLab-CI Community Edition and Docker Registry on-premise
7 GOALS OF THIS TALK This is not a comparision of CI tools Provide an overview of dependencies needed to deploy GitLab-CI Community Edition and Docker Registry on-premise Disclamer: The means and methods presented are my own expirience
8 GITLAB 101
9 WHAT IS GITLAB?
10 WHAT IS GITLAB? Web-based Git repository manager and more...
11 WHAT IS GITLAB? Web-based Git repository manager and more... Started as a pet-project in 2011 and now has more then 150 employees
12 WHAT IS GITLAB? Web-based Git repository manager and more... Started as a pet-project in 2011 and now has more then 150 employees Introduced Pipelines (CI) in version 8.8 ( )
13 WHAT IS GITLAB? Web-based Git repository manager and more... Started as a pet-project in 2011 and now has more then 150 employees Introduced Pipelines (CI) in version 8.8 ( ) GitLab is used by many organisations such as: IBM, Sony, NASA, Alibaba, SpaceX and CSPi
14 WHAT IS DOCKER?
15 WHAT IS DOCKER? client docker build docker host docker daemon registry docker pull docker run containers images...
16 WORDING
17 WORDING GitLab Server: git repository hosting service
18 WORDING GitLab Server: git repository hosting service GitLab-CI Runner: user-space daemon that executes build/tests
19 WORDING GitLab Server: git repository hosting service GitLab-CI Runner: user-space daemon that executes build/tests Artifacts: build results pushed into an internal GitLab storage
20 WORDING GitLab Server: git repository hosting service GitLab-CI Runner: user-space daemon that executes build/tests Artifacts: build results pushed into an internal GitLab storage GitLab Container Registry: integrated docker registry frontend
21 WORDING GitLab Server: git repository hosting service GitLab-CI Runner: user-space daemon that executes build/tests Artifacts: build results pushed into an internal GitLab storage GitLab Container Registry: integrated docker registry frontend Docker Registry: mandatory container registry service
22 DEPLOYING ON-PREMISE
23 CHECKLIST
24 CHECKLIST 2 VMs or Rancher/Kubernetes/Mesos cluster
25 CHECKLIST 2 VMs or Rancher/Kubernetes/Mesos cluster Reverse proxy/loadabalancer for SSL offload (optional) supporting HTTP 1.1 to the backend (! Lighttpd)
26 CHECKLIST 2 VMs or Rancher/Kubernetes/Mesos cluster Reverse proxy/loadabalancer for SSL offload (optional) supporting HTTP 1.1 to the backend (! Lighttpd) Direct internet connection (for pulling docker images)
27 CHECKLIST 2 VMs or Rancher/Kubernetes/Mesos cluster Reverse proxy/loadabalancer for SSL offload (optional) supporting HTTP 1.1 to the backend (! Lighttpd) Direct internet connection (for pulling docker images) SSL Certificates (own CA or official)
28 PITFALLS
29 PITFALLS Internal CA
30 PITFALLS Internal CA Forward proxy
31 PITFALLS Internal CA Forward proxy DNS split horizon (not handled in this talk)
32 GITLAB-CI RUNNER ARCHITECTURE
33 GITLAB-CI RUNNER ARCHITECTURE GitLab-CI-Runner Shell Container GitLab-CI GitLab-CI-Runner Docker Container Container GitLab-CI-Runner GitLab-CI-Runner GitLab-CI-Runner
34 ON-PREMISE DEPLOYMENT ARCHITECTURE
35 ON-PREMISE DEPLOYMENT ARCHITECTURE hub.docker.com Pull (HTTPS) GitLab GitLab-CI Artifacts Docker registry (frontend) Auth git clone GitLab-CI Runner pull/push (HTTPS) push (HTTPS) run Docker Container Test, Build, etc auth (HTTPS) Docker client auth token (HTTPS) [separate CA] push/pull (HTTPS) Docker registry (container) read/write access store blob local S3 Azure GCS Swift
36 INTERNAL CA
37 INTERNAL CA Every GitLab HTTPS client must trust internal CA including:
38 INTERNAL CA Every GitLab HTTPS client must trust internal CA including: gitlab-ci-runner
39 INTERNAL CA Every GitLab HTTPS client must trust internal CA including: gitlab-ci-runner docker container building docker images
40 INTERNAL CA Problem: docker images are pulled from docker hub and doesn t trust intern CA.
41 INTERNAL CA Problem: docker images are pulled from docker hub and doesn t trust intern CA. Solution: extend all base images with internal CA and use them for building.
42 SWITCH DOCKER STORAGE BACKEND 1 Source
43 SWITCH DOCKER STORAGE BACKEND By default, when using docker:dind, Docker uses the vfs storage driver which copies the filesystem on every run. This is a very disk-intensive operation which can be avoided if a different driver is used, for example overlay. 1 1 Source
44 SWITCH DOCKER STORAGE BACKEND OS Setup:
45 SWITCH DOCKER STORAGE BACKEND OS Setup: add overlay to /etc/modules (Ubuntu 16.04)
46 SWITCH DOCKER STORAGE BACKEND OS Setup: add overlay to /etc/modules (Ubuntu 16.04) modprobe overlay or reboot the system
47 SWITCH DOCKER STORAGE BACKEND Adjust /etc/docker/daemon.json 1 { 2 " storage driver " : " overlay " 3 } and restart Docker. Warning: make sure you have no important local images or containers. You will start with an empty Docker storage.
48 INTERNAL CA - BOOTSTRAP PROCEDURE
49 INTERNAL CA - BOOTSTRAP PROCEDURE Adjust runner configuration
50 INTERNAL CA - BOOTSTRAP PROCEDURE Adjust runner configuration Build docker first docker images locally and push them to the registry
51 INTERNAL CA - BOOTSTRAP PROCEDURE Adjust runner configuration Build docker first docker images locally and push them to the registry Create CI configuration and build images automatically
52 INTERNAL CA - BOOTSTRAP PROCEDURE Adjust runner configuration Build docker first docker images locally and push them to the registry Create CI configuration and build images automatically Update images daily using scheduled builds (CI feature)
53 INTERNAL CA - BOOTSTRAP PROCEDURE Adjust runner configuration: 1 # / e t c / g i t l a b runner/config. toml 2 [ [ runners ] ] executor = " docker " 5 [ runners. docker ] p r i v i l e g e d = true 8 volumes = ["/ cache ", "/ var/run/docker. sock :/ var/run/docker. sock : rw " ]
54 INTERNAL CA - DOCKER IMAGE Dockerfile for Docker image with internal CA:
55 INTERNAL CA - DOCKER IMAGE Dockerfile for Docker image with internal CA: 1 # D o c k e r f i l e 2 FROM docker : l a t e s t 3 4 COPY my_ca. c r t /tmp/ 5 RUN c a t /tmp/my_ca. c r t >>/ e t c / s s l / c e r t s /ca c e r t i f i c a t e s. c r t && rm /tmp/my_ca. c r t 6 7 ENTRYPOINT [ " docker entrypoint. sh " ] 8 CMD [ " sh " ]
56 INTERNAL CA - DOCKER IMAGE CI configuration for Docker image with internal CA:
57 INTERNAL CA - DOCKER IMAGE CI configuration for Docker image with internal CA: 1 #.gitlab-ci.yml 2 v a r i a b l e s : 3 DOCKER_DRIVER: overlay 4 IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME 5 6 b e f o r e _ s c r i p t : 7 - docker login u g i t l a b ci token p $CI_JOB_TOKEN $CI_REGISTRY 8 9 build_docker_image: 10 stage: build 11 image: $CI_REGISTRY/ g i t l a b c i /docker:master 12 s e r v i c e s : 13 - $CI_REGISTRY/ g i t l a b c i /dind:master 14 tags: 15 - dind 16 s c r i p t : 17 - docker build t $IMAGE_TAG docker push $IMAGE_TAG
58 INTERNAL CA - DOCKER-IN-DOCKER IMAGE Dockerfile for Docker-in-Docker image with internal CA:
59 INTERNAL CA - DOCKER-IN-DOCKER IMAGE Dockerfile for Docker-in-Docker image with internal CA: 1 # D o c k e r f i l e 2 FROM docker : dind 3 4 COPY my_ca. c r t /tmp/ 5 RUN c a t /tmp/my_ca. c r t >>/ e t c / s s l / c e r t s /ca c e r t i f i c a t e s. c r t && rm /tmp/my_ca. c r t 6 7 VOLUME /var/ l i b /docker 8 EXPOSE ENTRYPOINT [ " dockerd entrypoint. sh " ] 11 CMD [ ]
60 INTERNAL CA - DOCKER-IN-DOCKER IMAGE CI configuration for Docker-in-Docker image with internal CA:
61 INTERNAL CA - DOCKER-IN-DOCKER IMAGE CI configuration for Docker-in-Docker image with internal CA: 1 #.gitlab-ci.yml 2 v a r i a b l e s : 3 DOCKER_DRIVER: overlay 4 IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME 5 6 b e f o r e _ s c r i p t : 7 - docker login u g i t l a b ci token p $CI_JOB_TOKEN $CI_REGISTRY 8 9 build_docker_image: 10 stage: build 11 image: $CI_REGISTRY/ g i t l a b c i /docker:master 12 s e r v i c e s : 13 - $CI_REGISTRY/ g i t l a b c i /dind:master 14 tags: 15 - dind 16 s c r i p t : 17 - docker build t $IMAGE_TAG docker push $IMAGE_TAG
62 INTERNAL CA - BUILDING IMAGES Now we can build Docker images with GitLab-CI!
63 INTERNAL CA - BUILDING IMAGES Now we can build Docker images with GitLab-CI! 1 #.gitlab-ci.yml 2 v a r i a b l e s : 3 DOCKER_DRIVER: overlay 4 IMAGE_TAG: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME 5 6 b e f o r e _ s c r i p t : 7 - docker login u g i t l a b ci token p $CI_JOB_TOKEN $CI_REGISTRY 8 9 build_docker_image: 10 stage: build 11 image: $CI_REGISTRY/ g i t l a b c i /docker:master 12 s e r v i c e s : 13 - $CI_REGISTRY/ g i t l a b c i /dind:master 14 tags: 15 - dind 16 s c r i p t : 17 - docker build t $IMAGE_TAG docker push $IMAGE_TAG
64 FORWARD PROXY
65 FORWARD PROXY Not every application have proxy support
66 FORWARD PROXY Not every application have proxy support Some application configuration is tricky
67 FORWARD PROXY Not every application have proxy support Some application configuration is tricky Configuring proxy every time bloats CI configuration
68 FORWARD PROXY Not every application have proxy support Some application configuration is tricky Configuring proxy every time bloats CI configuration Set proxy configuration via environmental variables while integrating your CA in the docker image
69 FORWARD PROXY - LOCAL TRANSPARENT PROXY For applications not supporting proxy local squid in tranparent mode (doesn t work for HTTPS) 1 # squid c o n f i g u r a t i o n 2 a c l docker s r c / a c l SSL_ports port cache_mem 16 MB 5 # upstream proxy ip 6 cache_peer parent no query proxy only d e f a u l t 7 d n s _ v 4 _ f i r s t on 8 h t t p _ a c c e s s allow docker 9 h t t p _ a c c e s s deny CONNECT! SSL_ports 10 h t t p _ a c c e s s deny! Safe_ports 11 http_port 3129 i n t e r c e p t 12 memory_pools o f f
70 FORWARD PROXY - LOCAL TRANSPARENT PROXY iptables configuration: 1 i p t a b l e s t nat A PREROUTING s / 1 6 p tcp m tcp dport 80 j REDIRECT to ports 3129
71 KNOWN ISSUES
72 GITLAB-CI WITH SUBMODULES
73 GITLAB-CI WITH SUBMODULES Submodule init failing due to "SSL certificate problem". f a t a l : unable to a c c e s s https :// github. com/minio/minio go / : SSL c e r t i f i c a t e problem : unable to get l o c a l i s s u e r c e r t i f i c a t e
74 GITLAB-CI WITH SUBMODULES Submodule init failing due to "SSL certificate problem". f a t a l : unable to a c c e s s https :// github. com/minio/minio go / : SSL c e r t i f i c a t e problem : unable to get l o c a l i s s u e r c e r t i f i c a t e Issue: 2148
75 GITLAB-CI WITH SUBMODULES Submodule init failing due to "SSL certificate problem". f a t a l : unable to a c c e s s https :// github. com/minio/minio go / : SSL c e r t i f i c a t e problem : unable to get l o c a l i s s u e r c e r t i f i c a t e Issue: 2148 Will be fixed in gitlab-ci-multi-runner v9.4
76 GIT-LFS 1
77 GIT-LFS Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server
78 GIT-LFS Problem: GitLab-CI doesn t download git-lfs objects on CI run (probably fixed by now)
79 GIT-LFS Problem: GitLab-CI doesn t download git-lfs objects on CI run (probably fixed by now) Workaround: download git-lfs objects manually via CI script
80 GIT-LFS 1 #.gitlab-ci.yml 2 s t a g e s : 3 build 4 5 create_ package: 6 stage: build 7 image: $CI_REGISTRY/ g i t l a b c i /ubuntu: x e n i a l 8 s c r i p t : 9 - apt get update && apt get i n s t a l l y wget g i t 10 - wget io/github/ g it l f s /packages/ubuntu/ x e n i a l /git l f s _ _amd64. deb/download O /tmp/git l f s _ _amd64. deb && dpkg i /tmp/git l f s _ _amd64. deb 11 - g i t l f s i n s t a l l && g i t l f s f e t c h && g i t l f s checkout 12 - t a r c z f a p p l i c a t i o n c a t a p p l i c a t i o n /version. t x t. t a r. gz a p p l i c a t i o n 13 a r t i f a c t s : 14 e x p i r e _ i n : 2 weeks 15 paths: 16 - a p p l i c a t i on *. t a r. gz 17 only: 18 - /^ r e l e a s e. * $/
81 SUMMARY
82 SUMMARY GitLab is a great product evolving rapidly
83 SUMMARY GitLab is a great product evolving rapidly Deploying GitLab-CI in an enterprise environment can be quite challenging
84 SUMMARY GitLab is a great product evolving rapidly Deploying GitLab-CI in an enterprise environment can be quite challenging Some of use cases and videos are focused on frontend development using Ruby-On-Rails and deployment to a Kubernetes cluster
85 Q & A
86 Thanks! Oleg Fiksel
87 LINKS Files from this talk on Github Introduction to GitLab pipelines Install a root CA in Ubuntu
Investigating Containers for Future Services and User Application Support
Investigating Containers for Future Services and User Application Support JLAB CNI NLIT 2018 () Overview JLAB scope What is a container? Why are we interested? Platform-as-a-Service (PaaS) for orchestration
More informationStephan Hochdörfer //
From dev to prod with GitLab CI Stephan Hochdörfer // 21.06.2018 About me Stephan Hochdörfer Head of Technology, bitexpert AG (Mannheim, Germany) S.Hochdoerfer@bitExpert.de @shochdoerfer #PHP, #DevOps,
More informationGetting Started With Containers
DEVNET 2042 Getting Started With Containers Matt Johnson Developer Evangelist @mattdashj Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationThink Small to Scale Big
Think Small to Scale Big Intro to Containers for the Datacenter Admin Pete Zerger Principal Program Manager, MVP pete.zerger@cireson.com Cireson Lee Berg Blog, e-mail address, title Company Pete Zerger
More informationArup Nanda VP, Data Services Priceline.com
Jumpstarting Docker Arup Nanda VP, Data Services Priceline.com My application worked in Dev but not in QA Will it work in production? I need an environment right now No, I can t wait for 2 weeks I just
More informationUP! TO DOCKER PAAS. Ming
UP! TO DOCKER PAAS Ming Jin(mjin@thoughtworks.com) March 15, 2015 1 WHO AM I Ming Jin Head of Cloud Solutions of ThoughtWorks China Architect, Agile Consulting Solutions and Consulting on DevOps & Cloud
More informationAn introduction to Docker
An introduction to Docker Ing. Vincenzo Maffione Operating Systems Security Container technologies on Linux Several light virtualization technologies are available for Linux They build on cgroups, namespaces
More informationInfoblox Kubernetes1.0.0 IPAM Plugin
2h DEPLOYMENT GUIDE Infoblox Kubernetes1.0.0 IPAM Plugin NIOS version 8.X August 2018 2018 Infoblox Inc. All rights reserved. Infoblox Kubernetes 1.0.0 IPAM Deployment Guide August 2018 Page 1 of 18 Overview...
More informationDockerfile Best Practices
Dockerfile Best Practices OpenRheinRuhr 2015 November 07th, 2015 1 Dockerfile Best Practices Outline About Dockerfile Best Practices Building Images This work is licensed under the Creative Commons Attribution-ShareAlike
More information[Docker] Containerization
[Docker] Containerization ABCD-LMA Working Group Will Kinard October 12, 2017 WILL Kinard Infrastructure Architect Software Developer Startup Venture IC Husband Father Clemson University That s me. 2 The
More informationSetting up Docker Datacenter on VMware Fusion
Setting up Docker Datacenter on VMware Fusion With the release of Docker Datacenter, it seemed like a good idea to kick the tires on this new system to get a handle on what the experience is like installing,
More informationLinux System Management with Puppet, Gitlab, and R10k. Scott Nolin, SSEC Technical Computing 22 June 2017
Linux System Management with Puppet, Gitlab, and R10k Scott Nolin, SSEC Technical Computing 22 June 2017 Introduction I am here to talk about how we do Linux configuration management at the Space Science
More information9 Reasons To Use a Binary Repository for Front-End Development with Bower
9 Reasons To Use a Binary Repository for Front-End Development with Bower White Paper Introduction The availability of packages for front-end web development has somewhat lagged behind back-end systems.
More informationagenda PAE Docker Docker PAE
Docker 2016.03.26 agenda PAE Docker Docker PAE 2 3 PAE PlCloud APP Engine Docker Docker Caas APP 4 APP APP volume images 5 App 6 APP Show Time 7 8 Docker Public DockerHup Private registry push pull AUFS
More informationswiftenv Documentation
swiftenv Documentation Release 1.3.0 Kyle Fuller Sep 27, 2017 Contents 1 The User Guide 3 1.1 Installation................................................ 3 1.2 Getting Started..............................................
More informationFollow me!
Stuff I do Follow me! https://pasztor.at @janoszen About this talk 1. Maintaining your Build Stack 2. Orchestrating your Cluster 3. Pitfalls and Recommendations About this talk 1. Maintaining your Build
More informationDocker Swarm installation Guide
Docker Swarm installation Guide How to Install and Configure Docker Swarm on Ubuntu 16.04 Step1: update the necessary packages for ubuntu Step2: Install the below packages to ensure the apt work with https
More informationDGX-1 DOCKER USER GUIDE Josh Park Senior Solutions Architect Contents created by Jack Han Solutions Architect
DGX-1 DOCKER USER GUIDE 17.08 Josh Park Senior Solutions Architect Contents created by Jack Han Solutions Architect AGENDA Introduction to Docker & DGX-1 SW Stack Docker basic & nvidia-docker Docker image
More informationA continuous integration system for MPD Root: Deployment and setup in GitLab
A continuous integration system for MPD Root: Deployment and setup in GitLab G. Fedoseev, A. Degtyarev, O. Iakushkin a, V. Korkhov Saint-Petersburg State University (SPbU) E-mail: a o.yakushkin@spbu.ru
More informationINDIGO PAAS TUTORIAL. ! Marica Antonacci RIA INFN-Bari
INDIGO PAAS TUTORIAL RIA-653549! Marica Antonacci!! marica.antonacci@ba.infn.it! INFN-Bari INDIGO PAAS Tutorial Introductory Concepts TOSCA Ansible Docker Orchestrator APIs INDIGO TOSCA custom types and
More informationRun containerized applications from pre-existing images stored in a centralized registry
Introduction This examination is based upon the most critical job activities a Docker Certified Associate performs. The skills and knowledge certified by this examination represent a level of expertise
More informationDOCKER 101 FOR JS AFFICIONADOS. Christian Ulbrich, Zalari UG
DOCKER 101 FOR JS AFFICIONADOS Christian Ulbrich, Zalari UG AGENDA Docker what is all the craze about? Docker is hard One-Liners Orchestration Outlook Links DOCKER WTF? DOCKER WTF? Docker is light-weight
More informationHarbor Registry. VMware VMware Inc. All rights reserved.
Harbor Registry VMware 2017 VMware Inc. All rights reserved. VMware Harbor Registry Cloud Foundry Agenda 1 Container Image Basics 2 Project Harbor Introduction 3 Consistency of Images 4 Security 5 Image
More informationWho is Docker and how he can help us? Heino Talvik
Who is Docker and how he can help us? Heino Talvik heino.talvik@seb.ee heino.talvik@gmail.com What is Docker? Software guy view: Marriage of infrastucture and Source Code Management Hardware guy view:
More informationContainer-based virtualization: Docker
Università degli Studi di Roma Tor Vergata Dipartimento di Ingegneria Civile e Ingegneria Informatica Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A. 2018/19
More informationTable of Contents. Configure and Manage Logging in to the Management Portal Verify and Trust Certificates
Table of Contents Configure and Manage Logging in to the Management Portal Verify and Trust Certificates Configure System Settings Add Cloud Administrators Add Viewers, Developers, or DevOps Administrators
More informationPREPARING TO USE CONTAINERS
PREPARING TO USE CONTAINERS DU-08786-001_v001 May 2018 Getting Started Guide TABLE OF CONTENTS Chapter Introduction To Docker And Containers...1 Chapter 2. Preparing Your DGX System For Use With nvidia-docker...
More informationA New Model for Image Distribution
A New Model for Image Distribution Stephen Day Distribution, Tech Lead Docker, Inc. stephen@docker.com @stevvooe github.com/stevvooe Overview Why does this matter? History Docker Registry API V2 Implementation
More informationLoad Balancing Nginx Web Servers with OWASP Top 10 WAF in Azure
Load Balancing Nginx Web Servers with OWASP Top 10 WAF in Azure Quick Reference Guide v1.0.2 ABOUT THIS GUIDE This document provides a quick reference guide on how to load balance Nginx Web Servers and
More informationDocker A FRAMEWORK FOR DATA INTENSIVE COMPUTING
Docker A FRAMEWORK FOR DATA INTENSIVE COMPUTING Agenda Intro / Prep Environments Day 1: Docker Deep Dive Day 2: Kubernetes Deep Dive Day 3: Advanced Kubernetes: Concepts, Management, Middleware Day 4:
More informationWell, That Escalated Quickly! How abusing the Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via
Well, That Escalated Quickly! How abusing the Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers. Michael Cherny @chernymi Sagie Dulce @SagieSec
More informationContinuous Delivery the hard way with Kubernetes. Luke Marsden, Developer
Continuous Delivery the hard way with Luke Marsden, Developer Experience @lmarsden Agenda 1. Why should I deliver continuously? 2. primer 3. GitLab primer 4. OK, so we ve got these pieces, how are we going
More informationINSTALLATION RUNBOOK FOR Iron.io + IronWorker
INSTALLATION RUNBOOK FOR Iron.io + IronWorker Application Type: Job processing Application Version: 1.0 MOS Version: 8.0 OpenStack version: Liberty Murano package checksum: Glance image checksum (docker):
More informationAutomating the Build Pipeline for Docker Container
Automating the Build Pipeline for Docker Container Nikolai Reed, Jürgen Walter, and Samuel Kounev University of Würzburg November 9-10, 2017 SSP 2017 Karlsruhe, Germany 08.11.17 2 Reproducibility Problem
More informationGit Basi, workflow e concetti avanzati (pt2)
Git Basi, workflow e concetti avanzati (pt2) Andrea Fornaia, Ph.D. Department of Mathema.cs and Computer Science University of Catania Viale A.Doria, 6-95125 Catania Italy fornaia@dmi.unict.it hfp://www.cs.unict.it/~fornaia/
More informationDockerized Tizen Platform
Dockerized 1 Tizen Platform Copyright 2017 Samsung. All Rights Reserved. Abstract Tizen Pla.orm ECO System Container ECO System Build CI Management (Update) Cloud Monitoring Store Data (DB) Cloud 2 Cloud
More informationDocker und IBM Digital Experience in Docker Container
Docker und IBM Digital Experience in Docker Container 20. 21. Juni 2017 IBM Labor Böblingen 1 What is docker Introduction VMs vs. containers Terminology v Docker components 2 6/22/2017 What is docker?
More informationPHP Composer 9 Benefits of Using a Binary Repository Manager
PHP Composer 9 Benefits of Using a Binary Repository Manager White Paper Copyright 2017 JFrog Ltd. March 2017 www.jfrog.com Executive Summary PHP development has become one of the most popular platforms
More informationUDS Enterprise- Preparing Templates Xubuntu XRDP UDS Actor
Introduction This document shows how to configure a Linux Ubuntu VM to be used as a template with UDS Enterprise. In this document, we will show you the installation process of the OS (Ubuntu 16.04 in
More informationRevision Control and GIT
Revision Control and GIT On UD HPC Community Clusters William Totten Network & Systems Services Why use revision control You can go back in time It makes it easy to try things out which might not work
More informationDocker Enterprise Edition 2.0 Platform Public Beta Install and Exercises Guide
Docker Enterprise Edition 2.0 Platform Public Beta Install and Exercises Guide Welcome to the Docker EE 2.0 Public Beta! Below you will find installation instructions as well as series of exercises to
More informationAndroid meets Docker. Jing Li
Android meets Docker Jing Li 1 2 > 50 cities in Europe 3 Developer Story 4 Pain in the Admin provision machines ( e.g. mobile CI ) 5 Containerization vs Virtualization 6 Why Docker? Docker Vagrant Resource
More informationCon$nuous Deployment with Docker Andrew Aslinger. Oct
Con$nuous Deployment with Docker Andrew Aslinger Oct 9. 2014 Who is Andrew #1 So#ware / Systems Architect for OpenWhere Passion for UX, Big Data, and Cloud/DevOps Previously Designed and Implemented automated
More informationTravis Cardwell Technical Meeting
.. Introduction to Docker Travis Cardwell Tokyo Linux Users Group 2014-01-18 Technical Meeting Presentation Motivation OS-level virtualization is becoming accessible Docker makes it very easy to experiment
More informationInstallation and setup guide of 1.1 demonstrator
Installation and setup guide of 1.1 demonstrator version 2.0, last modified: 2015-09-23 This document explains how to set up the INAETICS demonstrator. For this, we use a Vagrant-based setup that boots
More informationKuber-what?! Learn about Kubernetes
DEVNET-1999 Kuber-what?! Learn about Kubernetes Ashley Roach, Principal Engineer Evangelist Agenda Objectives A brief primer on containers The problems with running containers at scale Orchestration systems
More informationCloud Computing with APL. Morten Kromberg, CXO, Dyalog
Cloud Computing with APL Morten Kromberg, CXO, Dyalog Cloud Computing Docker with APL Morten Kromberg, CXO, Dyalog 2 Cloud Computing: Definitions 3 Cloud Computing: Definitions Cloud Computing = "Using
More informationOptimizing Docker Images
Optimizing Docker Images Brian DeHamer - CenturyLink Labs bdehamer CenturyLinkLabs @bdehamer @centurylinklabs Overview Images & Layers Minimizing Image Size Leveraging the Image Cache Dockerfile Tips
More informationASP.NET Core & Docker
ASP.NET Core & Docker From 0 to Azure in 75 minutes Marco De Sanctis Visual Studio and Development Technologies MVP info@marcodesanctis.it @crad77 What s Docker and why should I care ASP.NET Core & Docker
More informationDEPLOYMENT MADE EASY!
DEPLOYMENT MADE EASY! Presented by Hunde Keba & Ashish Pagar 1 DSFederal Inc. We provide solutions to Federal Agencies Our technology solutions connect customers to the people they serve 2 Necessity is
More informationTable of Contents DevOps Administrators
DevOps Administrators Table of Contents DevOps Administrators Overview for DevOps Admins Managing Images, Projects, Users Configure a Registry Create Users Assign the Administrator Role Create a Project
More informationAdvanced Continuous Delivery Strategies for Containerized Applications Using DC/OS
Advanced Continuous Delivery Strategies for Containerized Applications Using DC/OS ContainerCon @ Open Source Summit North America 2017 Elizabeth K. Joseph @pleia2 1 Elizabeth K. Joseph, Developer Advocate
More informationOpenShift 3 Technical Architecture. Clayton Coleman, Dan McPherson Lead Engineers
OpenShift 3 Technical Architecture Clayton Coleman, Dan McPherson Lead Engineers Principles The future of *aas Redefine the Application Networked components wired together Not just a web frontend anymore
More informationBUILDING A GPU-FOCUSED CI SOLUTION
BUILDING A GPU-FOCUSED CI SOLUTION Mike Wendt @mike_wendt github.com/nvidia github.com/mike-wendt Need for CPU CI Challenges of GPU CI Methods to Implement GPU CI AGENDA Improving GPU CI Today Demo Lessons
More informationLoad Balancing Web Servers with OWASP Top 10 WAF in Azure
Load Balancing Web Servers with OWASP Top 10 WAF in Azure Quick Reference Guide v1.0.3 ABOUT THIS GUIDE This document provides a quick reference guide on how to load balance Web Servers and configure a
More informationContinuous integration & continuous delivery. COSC345 Software Engineering
Continuous integration & continuous delivery COSC345 Software Engineering Outline Integrating different teams work, e.g., using git Defining continuous integration / continuous delivery We use continuous
More information~Deep dive into Windows Containers and Docker~
~Deep dive into Windows Containers and Docker~ Blog: Twitter: http://www.solidalm.com https://twitter.com/cornellknulst Are we doing the right things? In managing infrastructure? In deployment? Desired
More informationDevOps Workflow. From 0 to kube in 60 min. Christian Kniep, v Technical Account Manager, Docker Inc.
DevOps Workflow From 0 to kube in 60 min http://qnib.org/devops-workflow Christian Kniep, v2018-02-20 Technical Account Manager, Docker Inc. Motivation Iteration barriers Works on my Laptop! Why is DevOps
More informationPortainer Documentation
Portainer Documentation Release 1.16.1 Portainer.io Jan 23, 2018 Contents 1 Deployment 3 1.1 Quick start................................................ 3 1.2 Manage a new Docker environment...................................
More informationFixing the "It works on my machine!" Problem with Docker
Fixing the "It works on my machine!" Problem with Docker Jared M. Smith @jaredthecoder About Me Cyber Security Research Scientist at Oak Ridge National Lab BS and MS in Computer Science from the University
More informationRDO container registry Documentation
RDO container registry Documentation Release 0.0.1.dev28 Red Hat Jun 08, 2018 Contents 1 Table of Contents 3 1.1 About the registry............................................ 3 1.2 Installing the registry...........................................
More informationRed Hat Quay 2.9 Deploy Red Hat Quay on OpenShift
Red Hat Quay 2.9 Deploy Red Hat Quay on OpenShift Deploy Red Hat Quay on OpenShift Last Updated: 2019-03-11 Red Hat Quay 2.9 Deploy Red Hat Quay on OpenShift Deploy Red Hat Quay on OpenShift Legal Notice
More informationTangeloHub Documentation
TangeloHub Documentation Release None Kitware, Inc. September 21, 2015 Contents 1 User s Guide 3 1.1 Managing Data.............................................. 3 1.2 Running an Analysis...........................................
More informationCreating pipelines that build, test and deploy containerized artifacts Slides: Tom Adams
Creating pipelines that build, test and deploy containerized artifacts Slides: https://goo.gl/2mzfe6 Tom Adams tadams@thoughtworks.com 1 Who I am Tom Adams Tech Lead tadams@thoughtworks.com http://tadams289.blogspot.com
More information"Charting the Course... MOC B Active Directory Services with Windows Server Course Summary
Description Course Summary Get Hands on instruction and practice administering Active Directory technologies in Windows Server 2012 and Windows Server 2012 R2 in this 5-day Microsoft Official Course. You
More informationMicrosoft Active Directory Services with Windows Server
1800 ULEARN (853 276) www.ddls.com.au Microsoft 10969 - Active Directory Services with Windows Server Length 5 days Price $4290.00 (inc GST) Version B Overview Get hands-on instruction and practice administering
More informationTest Automation with Jenkins & TidalScale WaveRunner
Test Automation with Jenkins & TidalScale WaveRunner Software-Defined Servers Test Automation with Jenkins & TidalScale WaveRunner iv Contents 1 Test Automation with Jenkins & TidalScale WaveRunner Overview
More informationBy: Jeeva S. Chelladhurai
CI CD By: Jeeva S. Chelladhurai Tools SCM: www.github.com CI/CD: Jenkins 2.0 Important Plugins: Pipeline (for Jenkinsfile), git, github, SSH Slaves (for build slave) Platform: docker Container Orchestration:
More informationGIT. A free and open source distributed version control system. User Guide. January, Department of Computer Science and Engineering
GIT A free and open source distributed version control system User Guide January, 2018 Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Table of Contents What is
More informationLinux application virtualization with UDS Enterprise. Versión Rev. 1
Linux application virtualization with Versión 2.2.1 Rev. 1 February 26th, 2019 Introduction... 2 Necessary elements... 3 1. Virtualization platform... 3 2. Image of Linux OS... 3 3. X2Go protocol... 3
More informationBest Practices for Developing & Deploying Java Applications with Docker
JavaOne 2017 CON7957 Best Practices for Developing & Deploying Java Applications with Docker Eric Smalling - Solution Architect, Docker Inc. @ericsmalling Who Am I? Eric Smalling Solution Architect Docker
More informationOPENSTACK CLOUD RUNNING IN A VIRTUAL MACHINE. In Preferences, add 3 Host-only Ethernet Adapters with the following IP Addresses:
OPENSTACK CLOUD RUNNING IN A VIRTUAL MACHINE VirtualBox Install VirtualBox In Preferences, add 3 Host-only Ethernet Adapters with the following IP Addresses: 192.168.1.2/24 192.168.2.2/24 192.168.3.2/24
More informationThe Long Road from Capistrano to Kubernetes
The Long Road from Capistrano to Kubernetes Tobias Schwab, Co-Founder of PhraseApp Slides: http://bit.ly/cap-to-kube How to deploy Ruby on Rails? Deploying Ruby on Rails required on all servers: OS + system
More informationUSING GIT FOR AUTOMATION AND COLLABORATION JUSTIN ELLIOTT - MATT HANSEN PENN STATE UNIVERSITY
USING GIT FOR AUTOMATION AND COLLABORATION JUSTIN ELLIOTT - MATT HANSEN PENN STATE UNIVERSITY AGENDA Version control overview Introduction and basics of Git Advanced Git features Collaboration Automation
More informationActive Directory Services with Windows Server
Active Directory Services with Windows Server 10969B; 5 days, Instructor-led Course Description Get hands on instruction and practice administering Active Directory technologies in Windows Server 2012
More informationRed Hat Quay 2.9 Deploy Red Hat Quay - Basic
Red Hat Quay 2.9 Deploy Red Hat Quay - Basic Deploy Red Hat Quay Last Updated: 2018-09-14 Red Hat Quay 2.9 Deploy Red Hat Quay - Basic Deploy Red Hat Quay Legal Notice Copyright 2018 Red Hat, Inc. The
More informationSingularity CRI User Documentation
Singularity CRI User Documentation Release 1.0 Sylabs Apr 02, 2019 CONTENTS 1 Installation 1 1.1 Overview................................................. 1 1.2 Before you begin.............................................
More informationCircleCI Server v2.16 Installation Guide. Final Documentation
CircleCI Server v2.16 Installation Guide Final Documentation February 7th, 2019 2 Contents 1 Overview 5 Build Environments................................. 5 Architecture.....................................
More informationActive Directory Services with Windows Server
Active Directory Services with Windows Server Duration: 5 Days Course Code: 10969B About this course Get Hands on instruction and practice administering Active Directory technologies in Windows Server
More informationCYAN SECURE WEB HOWTO. SSL Intercept
CYAN SECURE WEB HOWTO January 2009 Applies to: CYAN Secure Web 1.6 and above allows you to inspect SSL encrypted traffic. Therefore all filter mechanisms can be applied to HTTPS traffic. Without, all data
More informationInstalling and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.
Installing and Configuring VMware Identity Manager Connector 2018.8.1.0 (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.3 You can find the most up-to-date technical documentation on
More informationNeale Ferguson
Introduction to Docker & OpenShift Neale Ferguson 2017-06-24 http://download.sinenomine.net/clefos/epel7/getting_started_with_openshift_on_z.pdf Preface Examples built and run using ClefOS 7.3 CentOS Clone
More informationThe specifications and information in this document are subject to change without notice. Companies, names, and data used
WEBADM PUBLISHING PROXY The specifications and information in this document are subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted.
More informationContainers. Pablo F. Ordóñez. October 18, 2018
Containers Pablo F. Ordóñez October 18, 2018 1 Welcome Song: Sola vaya Interpreter: La Sonora Ponceña 2 Goals Containers!= ( Moby-Dick ) Containers are part of the Linux Kernel Make your own container
More informationRunning Docker applications on Linux on the Mainframe
Running Docker applications on Linux on the Mainframe Jay Brenneman - rjbrenn@us.ibm.com 10 August, 2015 Trademarks The following are trademarks of the International Business Machines Corporation in the
More informationDeployment Patterns using Docker and Chef
Deployment Patterns using Docker and Chef Sandeep Chellingi Sandeep.chellingi@prolifics.com Agenda + + Rapid Provisioning + Automated and Managed Deployment IT Challenges - Use-cases What is Docker? What
More informationStep 1: Setup a Gitlab account
Most of us agree that Continuous Integration (CI), Continuous Delivery (CD), cloud infrastructure, test automation, and configuration management make up the basics of devops. Depending on the scale of
More informationPursuit of stability. Growing AWS ECS in production. Alexander Köhler Frankfurt, September 2018
Pursuit of stability Growing AWS ECS in production Alexander Köhler Frankfurt, September 2018 Alexander Köhler DevOps Engineer Systems Engineer Big Data Engineer Application Developer 2 @la3mmchen inovex
More informationPrototyping Data Intensive Apps: TrendingTopics.org
Prototyping Data Intensive Apps: TrendingTopics.org Pete Skomoroch Research Scientist at LinkedIn Consultant at Data Wrangling @peteskomoroch 09/29/09 1 Talk Outline TrendingTopics Overview Wikipedia Page
More informationVMware Horizon View Deployment
VMware Horizon View provides end users with access to their machines and applications through a unified workspace across multiple devices, locations, and connections. The Horizon View Connection Server
More informationRunning Splunk Enterprise within Docker
Running Splunk Enterprise within Docker Michael Clayfield Partner Consultant 03/09/2017 1.1 Forward-Looking Statements During the course of this presentation, we may make forward-looking statements regarding
More informationDockerize Your IT! Centrale Nantes Information Technology Department Yoann Juet Dec, 2018
Dockerize Your IT! Centrale Nantes Information Technology Department Yoann Juet Dec, 2018 1 A Brief History of Containers UNIX CHROOT BSD JAIL LINUX VSERVER LINUX NAMESPACES LINUX OPENVZ 1979 2000 2001
More informationVMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway
VMware AirWatch Content Gateway for Linux VMware Workspace ONE UEM 1811 Unified Access Gateway You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationInfrastructure at your Service. Oracle over Docker. Oracle over Docker
Infrastructure at your Service. Infrastructure at your Service. About me David Hueber COO Principal Consultant Mobile +41 79 963 43 68 david-.hueber@dbi-services.com www.dbi-services.com Page 2 18.11.2015
More informationEntrust. Discovery 2.4. Administration Guide. Document issue: 3.0. Date of issue: June 2014
Entrust Discovery 2.4 Administration Guide Document issue: 3.0 Date of issue: June 2014 Copyright 2010-2014 Entrust. All rights reserved. Entrust is a trademark or a registered trademark of Entrust, Inc.
More informationAWS Amplify: Console User Guide
AWS Amplify Console User Guide AWS Amplify: Console User Guide Copyright 2018 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not be used in
More informationvrealize Code Stream Trigger for Git
vrealize Code Stream 2.3 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions
More informationMidterm Presentation Schedule
Midterm Presentation Schedule October 18 th Aurora, Bash, Sangam October 20 th Flash, Omega, CodeRing October 25th Omni, Aviato, NPComplete Mid Term Presentation Format 25 minutes Be prepared to use the
More informationDeploying and Using ArcGIS Enterprise in the Cloud. Bill Major
Deploying and Using ArcGIS Enterprise in the Cloud Bill Major Quick Survey Your role in your organization - Developer? - Cloud Admin? Already a cloud user Running Esri deployment on AWS Running Esri deployment
More informationHelix4Git Administrator Guide October 2017
Helix4Git Administrator Guide 2017.2 October 2017 Copyright 2015-2018 Perforce Software All rights reserved. Perforce Software and documentation is available from www.perforce.com. You can download and
More information