Dockerize Me – Containers Managing Containers – Part 5

In the previous episode, I’ve moved a WordPress Blog from the simple installation of part 1 to the more sophisticated reverse proxy setup I have put together in part 3 to demonstrate that containers are ‘portable’ between different servers with little effort. Moving the container also showed that the nginx-gen container recognizes when new containers are started and can actually access the environment of that container. It uses this information in turn to create a vhost configuration for the reverse proxy and triggers the creation of a new Letsencrypt certificate. The big question: How does the software that runs in the nginx-gen container get informed that a new container has started and how and why can it access the environment variables of another container? After all, while this is a nice functionality it also raises the question of container security and privacy. Can any container look at the inside of other containers on a server?

Continue reading Dockerize Me – Containers Managing Containers – Part 5

Dockerize Me – Moving Containers To Another Host – Part 4

In part 3 of this series we’ve created a reverse proxy setup with Docker containers in the public cloud to serve the content of several web services from independent docker containers with individual domain names. In this episode I’ll test the concept that containerized applications can easily be moved from one host to another.

Continue reading Dockerize Me – Moving Containers To Another Host – Part 4

Dockerize Me – Several Services and LetsEncrypt – Part 3

After the basic installation of Docker and getting a WordPress blog up and running in Docker containers in part 1, this part of my Docker series will take a look at how to add two important features to the setup:

  • TLS certificates and LetsEncrypt with auto-renewal
  • How to host several websites on one server that are accessible on the same ports (80 for http and 443 for https)
Continue reading Dockerize Me – Several Services and LetsEncrypt – Part 3

Dockerize Me – Cheat Sheet and Pyramid of Trust – Part 2

In part one of my ‘Dockerize Me’ story, I’ve been describing the reasons why I want to learn more about Docker and gave some first tips and tricks how to quickly install it with a few commands on a Debian based server. A first docker-compose project then demonstrated how to quickly spin-up a WordPress container that talks to a database in another container that stores the website’s configuration, the text of the blog articles, comments, etc. Before expanding on this example in part 3, here’s a cheat sheet of Docker and docker-compose commands that I use frequently. Also, I think it’s a good thing at this point to spend some thoughts on the pyramid of trust when getting images from Docker Hub.

Continue reading Dockerize Me – Cheat Sheet and Pyramid of Trust – Part 2

Dockerize Me – My Personal Docker Bootstrap Voyage – Part 1

Over the years I’ve been looking at Docker every now and then. That’s because for one thing I am interested in the concept of deploying software in lightweight containers instead of VMs and also because I am running two pieces of software in Docker containers on my servers as well. But that was it until now because Docker has a steep learning curve and it was pretty pointless for me to really go for it unless I have a use case myself. This year, however, my interest started growing for a number of reasons, so I decided to ride the wave and put together a curriculum that fits my needs. So here’s what motivated me to spend the time and effort and my recommendations for how to go about it.

Continue reading Dockerize Me – My Personal Docker Bootstrap Voyage – Part 1

The 8TB Backup And The Search For Duplicates

The 8 TB drive I use for all stuff that may or may not be useful in the future again is filling up faster than prices are dropping for bigger drives. In the past, I’ve always ‘upgraded’ after drive capacities have doubled. But currently, the price for a 16 TB external drive still hovers around €300. And since I always keep several backups, that price would multiply. So that’s not quite in the cards for the time being. So I did the next best thing and had a look for duplicates. Now how hard can that be, I thought.

Continue reading The 8TB Backup And The Search For Duplicates

HTTP/2 in the 5G Core – How Does that Work In the Web Today?

Image: HTTP/2 negotiation

When 3GPP set out to define the 5G core network (5GC), it used all the latest and greatest web technologies to radically reshape core network architecture. One tiny part of this is the use of HTTP/2 for signaling between functions. This made me wonder just how on the Internet today, web browsers and servers decide if HTTP/1.1 or HTTP/2 is used for communication. Yes, I went off a bit on a tangent there. It can’t be the TCP port, as port 443 is used with both protocols for encrypted connections. So there must be something else.

Continue reading HTTP/2 in the 5G Core – How Does that Work In the Web Today?

Things That Moved Me in 2020 – Part 2

And off we go with part two with a summary of things ‘that moved me’ in 2020. Apart from the wireless network related topics I wrote about in part 1, the year 2020 was certainly the year video conferencing had a breakthrough for many people. As I value my privacy I was not really keen to have all my meetings over infrastructure and software provided by large 3rd party companies that use closed source software and don’t give much about privacy and confidentiality. So I set up my first open source Jitsi video conferencing server in a German data center for private conversations and meetings. Much easier than I thought! I then gave a talk about it at DiVOC (‘Digital verteiltes Online Chaos’), the first conference gone online in the year 2020 I attended and was run-over by interested people. And from there, things escalated quickly.

Continue reading Things That Moved Me in 2020 – Part 2

Things That Moved Me In 2020

There must be few people on this planet that have not been affected by the Covid-19 pandemic this year. It has certainly brought profound changes in my way of working and in the things I did this year. So while the pandemic restricted me to stay at home most of the time, it ‘moved me a lot’ in other ways, which is I why I had to start my annual ‘Things That Moved Me’ post for 2020 with this topic. As always I can hardly believe that another year has passed again already, so let’s dive into it:

Continue reading Things That Moved Me In 2020

SSD, ZFS and VM performance – Workstation Power At Home – Part 12

Image: Disk performance comparison results

Now that I have my ZFS filesystem spanning several drives in place on my Z440, I wanted to get an idea of how this setup is performing together with the underlying LUKS encryption. And while I am at it, the other questions I had in mind were: How does this compare to the ext4/LUKS combination I use on my notebook and how does the write performance look like from inside a virtual machine running on my Z440. A lot of obvious results but also quite a number of surprises.

Continue reading SSD, ZFS and VM performance – Workstation Power At Home – Part 12