Wednesday, October 7, 2015

Digital pimp hard at work

Step 1 - Docker Installation
  A related video for this post

So you got yourself this bad ass new shiny Ubuntu guest on your virtual box, and now you are thinking "I can do this docker"
Well you can't, cause if you weren't having issues, you wouldn't have found this dank little corner of the interwebz. You just want to go back to your cat pictures and get your boss off your back.
You have seen the low res videos by the mouth breathers, the official docker videos, and the "fan made" tribute to docker where they all but jizz all over this technology because they were the first one to figure it out.
But enough of them, we are here to talk about me, let's get it rolling shall we.

The current lie is that the install works the same on Ubuntu as well as RHEL types, but I have not tried it yet. Well the first don't use the package manager to install it, if you did force remove it now, I'll wait.

First check the version just because,

[email protected]:~$ docker --version 
Docker version 1.0.1, build 990021a

See, it is too low of a version to be useful. REMOVE IT!

[email protected]:~$ sudo apt-get purge
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  aufs-tools cgroup-lite git git-man liberror-perl
Use 'apt-get autoremove' to remove them.
The following packages will be REMOVED:*
0 upgraded, 0 newly installed, 1 to remove and 175 not upgraded.
After this operation, 24.7 MB disk space will be freed.
Do you want to continue? [Y/n] y
(Reading database ... 56762 files and directories currently installed.)
Removing (1.0.1~dfsg1-0ubuntu1~ubuntu0.14.04.1) ... stop/waiting
Purging configuration files for (1.0.1~dfsg1-0ubuntu1~ubuntu0.14.04.1) ...
Processing triggers for man-db ( ...
[email protected]:~$ docker --version 
-bash: /usr/bin/docker: No such file or directory

Now that is what we should do here is just use the funky curl program to install it, because why not curl it.
You don't even have to sudo it, the docker install script will do it all for you.

[email protected]:~$ curl -sSL | sh
apparmor is enabled in the kernel and apparmor utils were already installed

 Version:      1.8.1
 API version:  1.20
 Go version:   go1.4.2
 Git commit:   d12ea79
 Built:        Thu Aug 13 02:35:49 UTC 2015
 OS/Arch:      linux/amd64
If you would like to use Docker as a non-root user, you should now consider
adding your user to the "docker" group with something like:

  sudo usermod -aG docker hifi

Remember that you will have to log out and back in for this to take effect!

You can do the group mod or not, beware there is no audit trail with docker if you use the group for all your admins. Your call.

You want to test it now, so go ahead, do it, run the hello-world container. Make it grow like the hairs of your beard before your Friday night date. You know you want to touch it.

[email protected]:~$ sudo docker run hello-world 
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world

535020c3e8ad: Pull complete 
af340544ed62: Pull complete 
Digest: sha256:a68868bfe696c00866942e8f5ca39e3e31b79c1e50feaee4ce5e28df2f051d5c
Status: Downloaded newer image for hello-world:latest

Hello from Docker.
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, go ahead, flex those muscles. 
You can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker Hub account:

For more examples and ideas, visit:

Notice above, the image was not already on the system, so it pulled the image down and then ran it, only eating your precious little bits.

[email protected]:~$ sudo docker ps 
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES

Huh, how about that, there is no containers running. Well crap. Maybe we should verify it first?
Use the -a switch after docker ps to view all images that have run, and there it is. 

[email protected]:~$ sudo docker ps -a
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS                     PORTS               NAMES
18b47d59004c        hello-world         "/hello"            5 minutes ago       Exited (0) 5 minutes ago                       dreamy_pike

I wanna give it another whirl, this time with some slightly different switches to verify that things worked.
I am just going to test with the default ubuntu image and download that hot mess of 600MB

I did docker run -ti ubuntu /bin/bash to make it run it and give me the command prompt.
The switches here are defined as Interactive (i) and a pseudo-TTY (t) that will allow me to run bash interactively.

[email protected]:~$ sudo docker run -ti ubuntu /bin/bash 
Unable to find image 'ubuntu:latest' locally
latest: Pulling from library/ubuntu
d3a1f33e8a5a: Pull complete 
c22013c84729: Pull complete 
d74508fb6632: Pull complete 
91e54dfb1179: Already exists 
library/ubuntu:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security.
Digest: sha256:fde8a8814702c18bb1f39b3bd91a2f82a8e428b1b4e39d1963c5d14418da8fba
Status: Downloaded newer image for ubuntu:latest
[email protected]:/# 

Notice the prompt at the end there, [email protected]:/#
That says you are in the container and ready to go.
Once you exit the container it stops the docker process dies a horrible, lovely death as you get dropped back onto your standard command prompt

Friday, August 21, 2015

Sherman set the wayback machine to

I think it is time we pick a year at random and look at some things there to find out how we ended up on our path. We are always so concerned with going forward, we never take that moment to look back, and as Michael Jackson said Remember the Time.
Today On flashback who gives a fuck of the day, we are going to look a little bit into 2001.
Yeah that is right, the year you ditched an afternoon of work to go see Swordfish and thinking how epic it would be to get your knob slobbed on while hacking a system, but realizing that it would never live up to The Matrix. You will also have claimed to seen Donnie Darko in a theater, but we all know you downloaded it on Napster and had to listen to that guy cough in the background.
Fast and Furious was hot so you put the stickers on your mom's Honda and claimed that you did other things to add 50HP! Just another lie we all told each other.

Those things are great, and when you look back at them now, the movies hold up better than Ludacris's Move Bitch. And what is Mobi up to now and days? Was she really your butterfly, your sugar, your baby?

But we are missing some of the point now, the main point of the moment is the technology, oh that sexy sexy technology. Dual CRT 17" monitors crowding your desk, your Compaq iPAQ  h3600 that you had Linux on before you discovered how useless that actually is, as a device no matter what the operating system. This was the days when MP3s were still not supported on most systems, and when WinAmp really did whip the llama's ass.

It was more about customization of the interfaces, you made your windows run litestep just to be different. You weren't running Windows XP yet, because you believed that Windows 98 was the bestest wind0wz EVAH! Or if you weren't running windows, you were running Linux with Enlightenment for your desktop, BlueHeart anyone? 

There was stuff on the horizon, the shiny new things, the stuff that would break your infrastructure if you tried to use it. The VMware of today was not even a promise from the sales team at this point. They were still trying to get more than 3 VMs on one server with 4GB of RAM.
It existed, but it wasn't ready for everyone. 

There was also the mentality behind things, with all this customization, from your own personal music, to how your desktop computer looked and acted, to adding the horsepower stickers to your car, to the local rock and roll station stickers on your portable CD player. It was all about Me-ness, it was almost like the 80s, but with darker colors.

One of the things that sticks out a lot, is how well the systems worked. If, and only IF, you took the extra five minutes to setup your servers following the best practices, you were not effected by Code-Red, Sadmind, Sircam, and Code Red 2, now with extra code.

Linux was still not as popular, it was there but it was still railing against the man. Red Hat had just renamed itself to Red Hat Enterprise Edition and it was still slow growing, even though it was trying to go IPO. There were no threats to it, security or other, because it wasn't the most popular OS. It was like the queen of the home coming parade, only its friends cared enough to be its fluffer.

But I digress, it wasn't a time of fancy and new, instead of it was a time of adjusting to what you had, learning Windows 2000 server the right way, and getting Linux to be your public DNS server for "security" reasons.

I am bringing up these points because of where we are with systems and administration in general. 2001 was a good change point for things because that is when Novell was on the hard decline and Microsoft Active Directory was on the rise. Both systems were good at managing users and groups. They each gave you a central location for everything from workstations to servers to file share permissions. These things seem to be missing withing the next level of virtualization. You want traditional administrators, engineers, and architects to use these containers, but you offer no real security on them, no way to keep unauthorized users from making a mistake and deleting them.

So how did we devolve into this current state? Was it developers wanting to be malicious? I don't think so. I think it was a much more selfish reason than that. Security is an afterthought. Never on the forefront of the mind, and never ever thinking about what happens if they want to be enterprise class.

We end up with a bunch of people who should be singing with the Me First and the Gimme Gimme's trying to get things out to the world to make themselves bigger and to prove that they are the next Unicorn of Silicon Valley. They don't think of others until the complaints are too many to deal with, and they don't always think of the long term effects of their projects, just so long as they are getting money.

The next step, I am gonna leave for all you smart people to figure out. How do we get the rights and services. How do we get things going to be an enterprise class solution that ties into some form, even AD/LDAP Authentication. I would like to be able to give select people access to create, but not delete, or to restart but not to stop.

Saturday, August 15, 2015

Learning to fake it

There was once a nice simple person who thought "Hey wouldn't it be fun do install docker!"
So he watched the official videos, that lead into the fan made videos, and he thinks "well if this mouth breather can do it". He gets the boot2docker and does the Hello World thing.
Then the fantasy sets in, the weak mindedness starts to take over "this was so easy! i want to put everything into containers!!"
He tries doing the containers and magic, pure and simple, magic. It works! To bad as far as everyone else in the docker world is concerned it is the completely wrong way to do things.
So skippy, let's crack open that can of R12 and start huffing the Docker fumes!

First start with the download, you can find it at
Once you spend between 2 minutes and 44 hours downloading the ISO, you can now spin it up in your own safe and sane visualization systems of your choice, I am too lazy to go into what one is the best, just go google Holy Wars and figure out who is wrong there.

It is a live iso, so once it is booted, you are good to start using it.

Let us do a deploy with the basic hello world.
The examples say run docker with run a basic echo command to display "Hello World"

docker run ubuntu /bin/echo "Hello Whirled!" 
That is the command I did above, and here is the output.

As you can see, it is overly exciting!!!!! SQUEEE!!!!
Also notice that it downloaded the ubuntu image on the first run. Lets try getting a real command prompt and doing something with this image. 

Our next command will be bashed

docker run ubuntu /bin/bash 

And that gets us the following.

What the happy horse pocky! That is the same command that everyone else had! what the hell went wrong?! WHY GOD WHY!!

Ok so a quick search shows that you need to run docker with Interactive Mode and TTY, why cant they just say terminal, they have to use the archaic definition of it.

SOOOOoooo the command should look like

docker run -it ubuntu /bin/bash 

And that gives us the new added flavors of being interactive

Notice my prompt changed, now it is the docker ID number. And for addition proof, lets ping google and show the ip address.
WHAT THE HELL! No ifconfig! why do you have to change things world! why!!

Ok but notice pinging of google, and the ip address is a docker IP.

If you want to use this for local development then you might as well just throw in your towel and call it a day because you just put yourself in a "works for me! (tm)" loop and you should break your own fingers.