SAN FRANCISCO – More than 5,000 developers from around the globe are attending the fifth annual DockerCon conference here at Moscone West during a beautiful, blue-sky weather week.
Containers, Kubernetes scheduling and new-gen security to protect them both in production are the main topics this week. Here are some news items collected on Day 1 of the conference:
StorageOS GA’s Persistent Container Storage Solution
StorageOS on June 13 announced it will showcase the general availability of its software-defined persistent storage, designed for running stateful applications in containers. The company has also received an $8 million Series A funding round, led by existing investor Bain Capital Ventures, with new participation from MMC Ventures in the UK and 645 Ventures in New York.
In the container ecosystem, StorageOS has addressed the need for persistent storage with a solution that can operate on any orchestration, any application and any infrastructure. StorageOS natively integrates with Docker Community Edition to deliver dynamic volume provisioning, data services, performance and ease of use.
StorageOS addresses container limitations by delivering an application-centric cloud native storage solution that ensures storage is presented to and continually available for applications as they move between nodes. It delivers a common management environment across on-premises and cloud platforms.
Aqua Security Introduces Jenkins Plug-In for Its Free Container Image Scanner
Aqua Security, a platform provider for securing container-based and cloud- native applications, June 13 released a native Jenkins plug-in for Aqua MicroScanner, the company’s free-to-use vulnerability scanner for Docker container images. The plug-in meets a growing need among Docker Community members for easy, automated security image scanning during Jenkins build, the company said.
Aqua MicroScanner embeds an executable and step in the Dockerfile, which triggers a scan during the image build. Aqua MicroScanner checks OS package in Docker images for known vulnerabilities based on multiple aggregated sources, including NVD, vendor security advisories and the developers themselves.
Developers receive a report of the vulnerabilities found that also includes suggested remediations, and optionally, can choose to terminate the build and fix issues before images are stored in registries and deployed in production.
Check out this blog post for more information.
Logz.io Eliminates Complications Associated with Container Logging
Logz.io, a provider of AI-powered log analytics, released a new specialized Docker Logging Plugin, enabling users to ship container logs to Logz.io.
Logz.io is a new open-source competitor to Splunk, the sector leader.
The Docker Logging Plugin, which supports Docker Community Edition and Docker Enterprise Edition, was created to relieve many of the common issues developers experience when shipping container logs, such as complex configuration, accidental pausing of container shipments, and potential loss of data.
This new plugin works using native integration with the Docker engine, can be installed either per host or per container and employs various flexible running options. The Logz.io Docker Plugin seamlessly ships Docker logs into the Logz.io platform for easy analysis and enhanced visibility into Dockerized environments. The main benefits include: simple installation on the Docker daemon level, isolated operation (preventing users from accidentally deleting or stopping container log shipping), instant shut-down when a container stops running, and disk backup (for enhanced data protection).
Nirmata Launches Private Edition to Deliver Kubernetes-based Container-as-a-Service
As enterprises adopt containers, there is a need for enterprise-ready solutions that align with other key strategic initiatives and meet operational requirements, which include security, scale, multi-cloud extensibility, governance, policy management and integrations with existing toolsets. Since 2014, Nirmata has been in the cloud-native application management space with its feature-rich platform built on open-source code, such as Docker Community Edition and Kubernetes.
In partnership with leading edge customers adopting container technology, Nirmata launched its Private Edition, a dedicated instance of Nirmata Platform that customers can deploy in their own private networks. Now, enterprise IT Operations teams can deploy and operate their own Kubernetes-based, multi-tenant Container-as-a-Service, one that the company claims is easy to manage and can scale to enterprise needs.
The Nirmata Private Edition is delivered as a set of containerized microservices that are built using cloud-native principles of observability, manageability, elasticity and scalability. Nirmata Private Edition is already in production with large enterprise customers and in several PoCs. The company is partnering with other disruptors in the cloud-native ecosystem, such as Diamanti, to deliver a best-of-breed solution to enterprise customers.
Atomist Starts Software Delivery Machine Support for Docker Editions
Atomist, an application programming interface delivery service, has started Software Delivery Machine (SDM) support for Dockerized applications and deployment to Kubernetes.
Atomist’s platform provides SDMs that automatically build and deploy Dockerized applications to Kubernetes-managed environments. A customer’s SDM responds to code change events from the Atomist platform, intelligently builds new Docker containers as required and deploys them into the right Kubernetes environments based on each customer’s unique software delivery needs. An entire organization’s applications can be managed using an SDM, providing the scale required for modern enterprise application development, the company said.
By providing a modern automation platform to deliver software, Atomist adds Docker Enterprise Edition and Docker Community Edition support to existing applications with one click. Enterprises looking to transform their organizations to cloud-native can use Atomist to quickly embrace a delivery platform made for modern software instead of handcrafting pipelines for every project with outdated tools.
Datadog Releases Latest Docker Adoption Report
Since 2015, Datadog has been releasing its Docker Adoption report, tracking the use of Docker in its customer-base. Based on real user data from Datadog's platform, this latest edition draws from the largest sample size to date: more than 10,000 companies and 700 million containers in real-world use. This data captures accelerating adoption and new developments in how Docker is being implemented in cloud-native infrastructure. Presented in a series of top-line data-points with accompanying graphics, Datadog's Docker Adoption report can add helpful context for stories about the growth of the Docker community.
Instana Extends Its Zero-config Automatic Code Instrumentation
Instana, a provider of APM solutions for monitoring dynamic containerized microservice applications, has extended its zero-config, zero-restart automatic code instrumentation to include PHP applications. The zero-restart instrumentation already supported Java, .NET, Ruby, Scala, Go, NodeJS and Crystal. The company also announced the addition of REST API support to its Python monitoring functionality
PipelineAI Launches Multi-Cloud Beta Community Edition
PipelineAI continuously trains, optimize, and serves machine-learning models on live-streaming data directly in production. The platform supports all major AI and machine-learning frameworks, including Spark ML, Apache Kafka, Scikit-Learn, Xgboost, R, TensorFlow, Keras, and PyTorch.
Sysdig Connects with IBM Cloud to Expand Cloud Intelligence for Developers
Sysdig, which provides cloud-native intelligence to enterprise IT administrators, announced June 13 it will work with IBM to support the Sysdig Cloud-Native Intelligence Platform in IBM Cloud. This collaboration stems from many developers organically discovering the benefits of tapping Sysdig technologies on top of IBM Cloud, and will expand this integration for a more seamless experience, higher efficiency, and to help teams rapidly achieve a broad range of operational requirements.
By delivering its platform with the IBM Cloud, Sysdig plans to enable developer teams with tools to develop, deploy and secure cloud-native apps, existing workloads moving to the cloud and hybrid cloud architectures. These capabilities include managing container lifecycles, gaining real-time visibility into the health and performance of microservices, and the ability to better catch potential security risks.
Trend Micro Extends Container Security Solution to Work at the Speed of DevOps
Trend Micro introduced the expansion of its security solution for containers with Deep Security Smart Check. This component provides continuous container image scanning to complement the existing Deep Security runtime container protection.
To spot malware and vulnerabilities most effectively, Trend Micro built Deep Security Smart Check to scan container images before deployment. The result is that security issues often can be resolved in the development cycle as opposed to after the release of the application.
In addition, Trend Micro is launching an extensive new suite of APIs and an automation center with resources to help enable security automation through better integrations. Trend Micro Deep Security customers use product APIs to enable continuous delivery, status monitoring, IT service management and orchestration tools integration, such as the newly launched Amazon Elastic Container Service for Kubernetes. Deep Security Smart Check is available globally.