Docker, Microservices, and AWS Expert
I build large scale services, write about technology, and help people achieve their goals. I've done these things at Amazon.com, Limelight Networks, Arizona State University, and as a consultant for Fortune 100 companies and startups alike. I enjoy spending my time working on difficult projects and solving hard problems.
I present to you here a collection of my work, references to my other spots on the web, and an invitation to work together.
Docker in Action
Docker in Action is the product of a year long effort researching Docker, best practices for a wide range of use-cases, and identifying adoption pain-points. While I do have operations and system administration experience, my background is primarily in application development. That background helped me bridge the gap between those user perspecties and deliver a work that I feel is useful for anyone that works with software.
The book is a comprehensive guide to Docker fundamentals, that delivers a deep understanding of the mechanics at work and how they might impact your use-case. It covers containers, images, volumes, single-host networking, Linux namespaces, resource isolation, image distribution mechanisms, image build automation, orchestration with Docker Compose, machine management with Docker Machine, and introductory cluster computing with Docker Swarm. The work includes common patterns and paradigms with rationalle and best practices. My hope is that readers will gain a familiarity with Docker that helps them apply it in new flexible ways. The container revolution is here. I think Docker is the best place to start.
There is no single best solution for every use-case, but every use-case has a best solution in the context of your team, your company, and your product. When we work together I'll assess the full context and recommend a course of action designed to help you meet your goals and minimize your risk.
- Consulted with Fortune 100 and startups alike
- Wrote a 300+ page book on Docker with over a year of wide topical research
- Docker blogger and speaker/trainer
- AWS expert since 2007
- 15+ years of full stack engineering experience
- Leveraged AWS infrastructure, data, and application services in hundreds of applications
- Experience with CI/CD, visibility, tracability, profiling, monitoring, and alarming solutions
- Experience with AWS isolation, secret management, and auditing tools
- Built and maintained hundreds of microservices to scale
- Built systems serving millions of users per hour and processing tens of millions of dollars per hour
Consulting and Training Services
- Enterprise consulting and training
- Application architecture audit and design
- Docker/Container adoption guidance
- Container-centric deployment infrastrucutre guidance
- Container-centric orchestration and service discovery
- Autoscaling and resource efficiency auditing
- Attack footprint minimization
- VPC and Firewall Tuning
- AWS and Docker Training
- Microservices adoption training and workshops
- "Dockerizing" your software - Image design and build optimization
- Custom software solutions
- Sponsor an open source project!
Articles and Advanced Topics
Evaluating Container Platforms at Scale
This article addresses three questions about scaling Docker Swarm and Kubernetes. What is their performance at scale? Can they operate at scale? What does it take to support them at scale?
The challenge I faced in this project was to build a common framework for evaluating common features in a realistic deployment context while documenting the process for the reader. After all that I’d need to be able to make the resulting information accessible for a general reader.
All the code and templates I used are hosted on GitHub. Please run the tests yourself and make or suggest improvements. If you’re inspired and build something on your own don’t hesitate to share it with the world. We need the data.
Development Environments with Docker
I have a long and deep relationship with Java and its ecosystem, but this is not a story about Java. Instead I’ve focused my application development in Go and Node. I’m moderately experienced with Go and actively working on honing my skill in that arena. One of the most difficult things for me to pickup whenever I jump into a new stack is a proper workflow. The challenge is often compounded by my distaste for installing software on my laptop. This drives me to do everything with Docker, or in another time Vagrant.
Docker Networks: Discovering Services on an Overlay
Overlay networks deliver containers as hosts. Current service discovery tools are not built for individual container registration or discovery. If we want to “elastic” scale components within an overlay, we need new (simpler) service registration and discovery tools.
Docker Overlay Networks: That was Easy
Treat Docker containers like hosts on overlay networks. Build overlay networks with a single Docker command. Still disable ICC. This is not “Service” discovery.
Pollendina is an X.509 identity provisioning service designed to simplify mutual TLS authentication for microservices deployed in containers. This project helps you provision your PKI as easily as you provision containers and exposes an API for integration with your existing scheduling / deployment infrastructure.
I think service registration and discovery tools are a bit heavy for overlay networks, and I like overlay networks. So, rather than force each container contributing a service to also take care of registration this tool will discover hosts contributing known ports.