Navigation Menu

Running Docker in Production

By on Jun 2, 2015 in Article

Background This blog series is focused on programmers, systems administrators, and application administrators that want to run Docker in production. The subject matter ranges from workflow and practical guidelines to security and best practices in manageability.   A Practical Introduction to Docker Containers A Practical Introduction to the Docker Registry...

Read More

Securing Docker Containers with sVirt and Trusted Sources

By on May 21, 2015 in Article

Background As has been stated before, Docker containers do not contain all of the parts of the operating system necessary to be considered secure. That said, the advantages of using them is so compelling that many companies, large and small, have began to investigate how to run containers in a production environment. I would argue that it can be done, but careful...

Read More

CentOS Post Mortem & Analysis

By on Mar 28, 2013 in Article

Background I manage the crunchtools lab and the infrastructure for this blog similar to a development data center. I have a rigorous weekly checklist, which includes optionally applying operating system patches as they are available. I do not perform the updates every week because of time constraints, but when I do, I patch all of the systems. Most of my...

Read More

OpenSSL Certificate Authority

By on Oct 25, 2012 in Article

Background Recently, I discovered how to use the openssl provided CA script to create a certificate authority and self signed certificates. Traditionally, I had ran all fo the commands manually. When using the CA script it is critical to understand the underlying security concepts. Certificate Authority Openssl has infrstructure to create a long lived Certificate...

Read More

Designing a Robust Monitoring System

By on Apr 19, 2011 in Article

Reading Ted Dziuba’s article Monitoring Theory article, I was reminded of several conventions that I have developed over the years to help with monitoring servers, network devices, software services, batch processes, etc. First, break down your data points into levels so that you can decide how to route them. Second avoid interrupt driven technology like email, it lowers your productivity and prohibits good analysis techniques.

Read More