When deploying a secure system it is important to ensure that each component only has access to the lowest level of privileges needed to perform its task. This concept should apply to any access in a system, including the user account and file system permissions need to spawn processes successfully. Replicated runs in Docker containers
We’ve recently shipped one of the most requested features in Replicated: the ability for Replicated to self-update! This isn’t enabled by default; read more about how the feature works and how to use it. Replicated Release Schedule Before jumping into how to implement this feature, we should discuss the planned and expected Replicated release schedule.
Today we launched EnterpriseReady. Our goal with this project is to change the enterprise narrative from “how to SELL to the enterprise” to "how to BUILD for the enterprise". But what does that mean exactly? From our perspective, too much of the conversation about enterprise software has been dominated with advice about to sell &
I was planning to deploy a test environment for a new application today, then the release of Docker SwarmKit came. I saw this as the perfect opportunity to spend part of the day giving SwarmKit a try. This post is a very early look at my experience installing SwarmKit on EC2 servers. At Replicated we
The installable components of Replicated that your customers interact with are now more configurable with the introduction of the Management Console Settings screen. The layout is similar to the customizable configuration screen that allows each of your customers to configure their instance of your application. It will also reflect any custom branding that you’ve added.
Replicated now serves a static page over HTTP on port 8800 to provide browser specific instructions for bypassing TLS warnings about the self-signed certs used to bootstrap the server. Specifically, Chrome, Firefox, Internet Explorer and Safari are detected with bypass instructions. Instructions are also provided to verify the fingerprint of the self-signed cert. Your customers
Replicated now supports three types of installation: direct connect, proxy and today we’re introducing air gapped installation. “Air gapped” basically means a server or network that is physically isolated and does not have outbound or inbound internet access. By default, Replicated installed applications require access to an outbound internet connection to check for updates &
By default each instance is now verified against the standard Replicated Preflight Checks during the installation and update processes. The goal of this feature is to surface potential issues to the end user before they become support tickets for Replicated application vendors. The check is run immediately after the .rli file is uploaded by the
For the past year or so, we’ve been deploying Docker containers behind the firewall and have watched Docker change and mature a lot. The ecosystem has moved crazy-fast to produce a lot of good ideas about what makes a great Dockerfile. But there’s a lot to ingest and the art of crafting a Dockerfile is
Update Since this post, Docker has released improved support for writing complex and still maintainable Dockerfiles. Check out our blog post on multi-stage Docker builds. Original Post There’s been a welcome focus in the Docker community recently around image size. Smaller image sizes are being championed by Docker and by the community. When many images