Using Compliance to remediate CVE-2016-5195
Many of you know about or will hear about CVE-2016-5195 aka Dirty COW.
This particularly nasty kernel vulnerability has been around for years and likely affects a majority of the Linux nodes are currently running. The short form is that it allows an unprivileged user to gain root access to a system. I'm not . . .
Devicemapper for the rest of us.
So guess what isn't in the upstream kernel? If you said AUFS then you'd be right.For all of us using RHEL/CentOS/OEL you might have noticed the default storage backend for Docker is devicemapper. You might have also noticed that it uses loop files for data storage which are slow and have a host of other problems. Seriously just do a . . .
Getting Started w/ Docker and Systemd
So before anyone starts with all the Systemd hate I want to direct you to this comment by none other than Linus himself.
"I don't actually have any particularly strong opinions on systemd itself. I've had issues with some of the core developers that I think are much too cavalier about bugs and compatibility, and I think . . .
Tips, Tricks, and Advice for consultants
How many of us have shown up on site only to find out that we aren't allowed to use our own laptops on the customers network? "Welcome to Company X, where everything is locked down Windows and productivity doesn't matter." Working on a system that is completely locked down can really hold you back, and while I'm not . . .
Startups and DevOps
The following is an excerpt from a conversation I had w/ a developer who is part of a small start up. Most of the conversation was related to DevOps principals and toolchains, but after he told me about their staff of five I became worried that this was really too much. He was already worrying about CI/CD, Configuaration Management, and . . .
Part 2 of Setting up a Docker Registry
Who is tired of typing :5000 every time you push or pull something from your private registry? Since everyone is raising their hands and several of you are screaming in fits of rage, I'm going to tell you a really quick way to set up Nginx to reverse proxy our traffic from port 80 and 443 to 5000.
Nginx (pronounced "engine . . .
So the v2 implementation of the Docker Registry is out. You can find it here. As I continue to experiment with containerization I though it would be nice to have a private registry for me to work out of.
Before you begin!
In order for this to work you need to be running docker ~> 1.6. I'm using 1.8.3 in this example. You will also . . .