We conducted joint work with Université de Neuchâtel on improving the handling of Docker container images in the increasingly heterogeneous hardware environments. We propose to (1) finer-grained incorporate hardware dependency information in the image metadata, (2) leveraging heuristic analysis techniques to populate such information at large scale (although of course preferring properly curated metadata), and (3) improving the tool support around container creation from images. The work has led to new tools like hdocker and heuristic analysis rules. Furthermore, to underline the need for such a solution, we have been conducting a long-term tracking over fourteen now seventeen months of selected subsets of registered Docker container images.
This work has been accepted by the 21st International Conference on Distributed Applications and Interoperable Systems (DAIS 2021). Ahead of the event we already provide the collected data and code. Have a look!
If you develop or deliver cloud applications, you can benefit from automated knowledge fostering and exploitation. For instance, if you compose your app from multiple microservices, then you want to consider the app tainted from a security perspective once one of the microservices is found to be vulnerable. Likewise, if you bundle containers and cloud functions into a complex application, you would like to know upfront if, due to technical limitations in one small gear of the whole machinery, you will have a restricted choice of clouds to operate it. We will deliver a tutorial showing you how to accomplish that. Join us at the 9th IEEE International Conference on Cloud Computing in Emerging Markets (CCEM 2020) on November 7 to learn more!
As applied sciences researchers focusing on new digital application designs implemented and deployed with multiple computing paradigms, we emphasise the practical nature of our contributions and the direct transferability to stakeholders in industry and society. In this context, we are happy to report that two system demonstrations have been recently accepted to be presented at the 21st ACM/IFIP Middleware 2020 conference running from December 7-11 in «virtual Delft». Read on for details.
ESOCC 2020 – the 8th European Conference on Service-Oriented and Cloud Computing – was originally scheduled to happen in April on the wonderful isle of Crete. Due to the pandemic circumstances, it will now run from September 28 to 30 as online event. We will highlight some of our recent work in an invited talk on «The Great Puzzle: Cloud Functions, Data, Services, Less Servers and More Insights».
Check out the conference website for more information on the technical programme, workshops and European R&D project presentations, and for pointers on how to participate.
Cloud applications are typically designed as coupled microservices and deployed in managed containerised form. Industry trends around container build processes, deployment packages, management platforms and abstractions (e.g. cloud functions) are still fast-paced. Developers and operators need to be able to tell good from bad practices based on automatically determined metrics. Assuming they participate in this tutorial, they will learn how to do that on a hands-on level. We introduce approaches and open source tools for quantitative assessment of containers and other microservice technologies and ecosystems. On the research side, we explain how this blends with policy-driven deployments, trusted cloud execution and data science opportunities.
The three-hours tutorial will be offered at the CLOSER 2020 conference (originally scheduled in Prague, now online) in the afternoon on May 7. Registration information is available from the conference website.
Note: This post does not contain any medical advice or suggestions on how to act and react. If you are looking for that, you are looking in the wrong place.
Economy and society in Switzerland are currently highly affected by the spreading second version of the coronavirus (SARS-CoV-2) that causes the associated infectious desease (COVID-19). The World Health Organisation (WHO) has classified the virus outbreak as PHEIC on January 30 and as pandemy on March 11. In Switzerland, the state emergency level Eminent/Special Situation was reached on February 28, and further restrictions led de-facto to the subsequent level Extraordinary Situation on March 13. This blog post reports on how the outbreak evolution can be continuously visualised as a reliable service with off-the-shelf tools.
Docker images have become the valuta franca in the cloud and container platform world. Although on the path to vendor-neutral standardisation (e.g. with OCI also being in Docker Hub for a year now), developers for now have settled on plain Docker as de-facto standard due to the vast ecosystem of base images and dependency images which speed up the rapid prototyping of complex scalable applications. From a production-grade DevOps perspective, a key concern is then to be assured that the containers used are of high quality, not infected by security vulnerabilities, and still containing the latest features available. In this blog post, a novel approach to visualise the situation around a particular container image is presented.
The MAO-MAO research collaboration aims to provide metrics, analytics and quality control for microservice artefacts of all kinds, including but not limited to, Docker containers, Helm charts and AWS Lambda functions. As such, an integral part of prior research has been the various periodic data collection experiments, gathering metadata and conducting automatic code analysis.
However, the ambition of the project to collect data consistently, combined with the need for the collaborators to be able to use each other’s tools and access each other’s data, have created a need for a collaboration framework and distributed execution platform.
In response to this need, we present the first release of the MAO Orchestrator, a tool designed to run these experiments in a smart way and on a schedule, within a federated cluster across research sites. As a plus, there is nothing implementation-wise tying it to the existing assessment tools, so it is reusable for any use-case that requires collaboratively running periodic experiments.
When cloud application developers are working with docker-compose to combine multiple microservices into a single manageable entity, they can make some easy mistakes. To prevent these mistakes, they can rely on internal validation logic, which however does not catch many of the typical issues. Therefore, researchers at the Service Prototyping Lab at Zurich University of Applied Sciences wrote a dedicated quality check and assessment tool targeting developers, but also students trying to learn the technology, which has a wider range of checks. The DCValidator tool is available as a web application (see demo instance) or command-line interface. This blog post describes how to check that docker-compose files are free of issues.
From September 15 to 20, TU Dresden’s GRK 1907 hosted the summer-school on “Development, Deployment, and Runtime of Context-Aware Software Systems”, with 3 days of invited talks and discussion among professors, students and experts in the field at the world-renown Schloss Dagstuhl, followed by 2 days of on-premises hands-on practical sessions. SPLab Team member Panos Gkikopoulos was there to attend and to present a poster of his PhD work based on MAO, though only got to experience the Dagstuhl part due to a busy schedule.