People are still confused about the term Devops. Devops is a philosophy, where developers and operations team work together to speed up things from the development to deployment. According to a survey conducted by puppet labs in 2014, companies embracing DevOps deploy code 30 times more than the usual and deployment fails are less than 50%.
Devops has both technical and business benefits such as continuous delivery, fewer complex problems and more time to add extra value. As of now, cloud providers, technology companies and mobile developers are adopting Devops culture in their organisation. Retail markets and financial services are expected to embrace Devops in coming years.
Devops Trends 2015
In this article, we will have a look at few survey’s and predictions made by companies on Devops adoption in coming years.
According to a survey conducted by Gartner, in 2016 about 25% of 2000 global IT companies will adopt Devops and tools associated with Devops toolchain will have a market of $2.3 billion. Most of the Devops tools have seen an exponential growth in adoption and new tools having Devops traits will see a fast growth in market.
Cloud report by RightScale:
According to state of cloud report by RightScale, cloud infrastructure acts as a backbone for continuos integration, deployment and release that is supported by Devops. The survey also states that, Devops adoption is expected to increase 66% in 2015 from 6% in 2014.
The tools supporting Devops is also growing day by day. Automated configuration management tools like Chef, Puppet, Ansible and Saltstack had significant growth in 2014 and is expected to grow more in 2015. The most used DevOps tools are Chef and Puppet. According the survey report, 28% of Devops practitioners used Chef and 24% used Puppet in 2014.
Another tool which created waves in cloud and Devops domain is Docker. Is has gained a huge popularity in a very short time and it had 13% adoption by organisations practicing Devops. It is expected to be 35% in 2015.
In a survey conducted by Rackspace, of people who haven’t started adopting Devops, 79% said that they will start adopting Devops before 2015. Total 55% of people attended survey reported the adoption of Devops.
Reason for Devops Growth:
The main reasons for the rise of Devops adoption are cloud computing and open source software. According to statistics, following Devops practices seem to be faster, scalable and cheaper when compared to other application deployment and management methods.
Do let us know in the comments section if you are adopting Devops in your organisation.
Most of the developers and system admins start with the AWS one-year free tier account. There were many hacking incidents for such accounts which ended up in huge monthly bills (Eg: Bitcoin miners). This happens because of many reasons. For example, you may commit your code to a public code repository with your AWS access and secret keys and a hacker would get access to you account and he will launch high capacity instances for his computing needs. This would result in a huge monthly usage bill. You can avoid your account being getting hacked just by applying few security policies and following best practices. In this article, we will explain few things you need to do to your existing account or for a new AWS account.
Things to Do for Securing your AWS Account
1. Create IAM user with admin privileges for you even if you have the root access. Do not use you root account except for billing purposes.
2. Put a strong password of more than 10 characters for your root account.
2. Enable strong password policy with password expiration for IAM users.
3. Enable MFA (Multi-Factor Authentication) for you root account and all IAM user accounts.
4. Do not create AWS access keys unless needed. Make the existing keys inactive when not used.
5. Never hard code your access keys in your code which would end up getting committed to any public repository.
6. Never store you access keys and secret key in ec2 instances or any other cloud storage. If you need to access AWS resources from an ec2 instance, you can always use IAM roles.
7. Never allow all ports in security groups for your instances. Allow only required ports for your applications.
8. Make use of NACL’s to provide an additional security layer.
9. Never send your AWS credentials over email. If you do, change the password as soon as possible.
10. If you are planning to host your website on a windows server, install a good antivirus.
11. If you have more instances in VPC, use a Jump Server to connect to those machines or use Virtual VPN appliances like OpenVPN.
12. Do not launch instances in public subnet unless required.
13. Use NAT instances to patch your private instances rather than attaching an internet gateway to the private subnet.
15. Set billing alerts and resource monitoring using cloudwatch and SNS.
16. Enable cloudtrial service which logs all the actives for your AWS account including API requests. You can use cloudwatch in conjunction with cloudtrial to get notified for any suspicious activity. (For example data transfer of more than 10 GB).
We have listed out all the preliminary security measures you should take to secure your AWS accounts. If you are going to use your AWS account for any production workloads, you should go through all the AWS security whitepapers and follow the best practices mentioned in them.
Let us know in the comment section if there is anything we missed would add security for AWS account.
To understand how docker works, you can refer this article, which will give you an introduction about docker and how it works. To install and configure docker, you can refer this article, which will guide you through the steps to install and configure docker.
In this post, we will explain how to create and manage docker containers.
Getting Started With Docker Containers
Before diving into practical demonstrations, let’s understand few concepts about docker containers.
Containers are sandboxed environments which run multiple processes sharing the same host kernel.
Containers are created from docker images.Images use a layered AUFS filesystem. An image can contain multiple layers. Layer 0 is called the base image.
All the layers in an image are read-only except the topmost layer. The writable layer can be called as a container.
You can commit the changes made to a container and make a new image out of it. All the layers will be preserved and you can make it a parent image to create containers.
Each container has its own network configurations and unique id (64 hexadecimal digits).
When you create a container, if the specified image is not present in the host, docker will download it from the docker hub (public image registry maintained by Docker Inc).
Following are the important docker commands which are used for creating and managing containers.
Docker run command:
“docker run” command is used to run containers. This command accepts various argument. You can list all the supported argument by executing “docker run –help” command. Explaining all the arguments used by this command is out of scope of this article.
The following “docker run” command launches a new container from busybox image and creates an interactive session in the container.
docker run -it --name testcontainer busybox
[email protected]:~$ docker run -it --name testcontainer busybox
Unable to find image 'busybox:latest' locally
df7546f9f060: Pull complete
ea13149945cb: Pull complete
4986bf8c1536: Pull complete
511136ea3c5a: Already exists
busybox:latest: The image you are pulling has been verified. Important: image verification isa tech preview feature and should not be relied on to provide security.
Status: Downloaded newer image for busybox:latest
/ # ls
If you see the output of the command, Docker was unable to find the image specified in the command in the host. So it pulled the image from the docker hub. “-i” flag in the command is used for starting an interactive session for the container (Keeps the STDIN open). “-t” flag attaches a pseudo tty. “–name” is used for naming the container. Here we named our container as “testcontainer”, “busybox” is the name of the image. Once the command is executed, Docker created the container and started an interactive session. The output shows the list of files in the container using “ls” command. To exit the container just type “exit” command.
Note: You cannot create a container with the same name. So whenever you try the examples, delete the previous container using “docker rm -f
docker rm -f testcontainer
When you exit out of the container, the container stops running. To keep the container running, you need to run the container in daemon mode using “-d” flag as shown in the command below.
docker run -d --name testcontainer busybox
Also, you can use the “–restart” flag in the docker run command, which restarts the container whenever it stops or fails. Command for creating container with restart flag is shown below.
docker run -it --restart="always" --name testcontainer busybox
docker ps command
This command lists all the containers in the host. Let’s have a look at few examples.
The following command lists all the containers.
docker ps -a
To list all the running container, use the following command.
To list all the containers which got launched recently, execute the following command.
This command is used to get an interactive session of a running container. Let’s say, you want to get a bash session or you want to modify some file and configurations in a running container, you can make use of the attach command. If you exit the container using “exit” command or ctrl + c, the container will stop running. To detach the container by leaving it running, you need to use cntrl +p and cntrl +q commands.
/ # touch dmofile
/ # ls
/ # [email protected]:~$
ubuntu[email protected]:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1d79900ed6a5 busybox:latest "/bin/sh" About an hour ago Up 4 minutes
docker exec command
This is the another way of getting into containers shell. Using the exec command, you can get the shell session of a running container. One advantage of the exec command over attach command is that, when you exit the container, it will continue in the running state unlike attach command.
docker exec -it <container name> <shell name>
[email protected]:~$ docker exec -ittestcontianersh
/ # ls
/ # exit
[email protected]:~$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1d79900ed6a5 busybox:latest "/bin/sh" About an hour ago Up 13 minutes testcontianer
docker logs command
This command gives you all the logs of a container.
docker logs testcontianer
docker inspect command
This command gives you all the information about a specific container. The output of this command is in JSON format.
docker inspect testcontianer
To get a specific detail of a container, like the IP address of a container, you can use the inspect command with few options as shown below.
Using this command, you can remove the containers from host. To do this, you need to stop the running container first and them remove it using the rm command.
If you want to remove a running container without stopping it, you can use the “-f” force flag with the rm command as shown below.
docker rm -f
You can also use one-liners, which will stop and remove all the containers from the host.
docker stop $(docker ps -a -q
docker rm $(docker ps -a -q)
In this post, we have covered all the important commands to manage containers. If you want the complete reference of docker commands and its usage, you can follow the official docker documentation here.
Let us know your feedback in the comments section.