Trifork Blog

Posts by Quinten Krijger

Using Supervisor with Docker to manage processes (supporting image inheritance)

March 11th, 2014 by
(http://blog.trifork.com/2014/03/11/using-supervisor-with-docker-to-manage-processes-supporting-image-inheritance/)

Docker-logo

In August I wrote a blog post on the creation of tomcat images. Since then, Docker has evolved much, and so has my own knowledge of it. I’d like to update you on what I found to be a good way to manage container processes. After reading this article, I hope you will find good use of the Supervisor image that you can find in my repository on github.

The Docker command

One of the points that came up in aforementioned post was that Docker (only) supports running a single foreground process. We are generally accustomed to something like upstart to have services be initialized at start up, but Docker does not run anything by default, which may be somewhat unexpected if you start out with Docker. Read the rest of this entry »

Session Timeout and Concurrent Session Control with Spring Security and Spring-MVC

February 28th, 2014 by
(http://blog.trifork.com/2014/02/28/session-timeout-and-concurrent-session-control-with-spring-security-and-spring-mvc/)

security-icon

A web application me and my team are building recently underwent a security review. As usual, because you haven’t yet had time to put any real effort into it, some security risks did surface. We use Spring Security and Spring-MVC and I will talk about implementing a session timeout and concurrent session control: nice subjects from the trenches.

In general, sessions should be managed as restrictively as possible for your web application. Category number two on OWASP top ten security threats of 2013 is broken authentication and session management. Here you can find some nice examples of the problem never lying with the internet, but with the human mistakes in using it.

 

Read the rest of this entry »

Using Docker to efficiently create multiple tomcat instances

August 15th, 2013 by
(http://blog.trifork.com/2013/08/15/using-docker-to-efficiently-create-multiple-tomcat-instances/)

Docker-logoIn my previous blog article I gave a short introduction into Docker (“an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere”). In this article we’ll check out how to create an image for Tomcat 7 and the Java 7 JDK as dependency.

So, let’s go ahead and do some ‘coding’. First, you need to install docker. Instructions can be found here. I already mentioned you need a Linux system with a modern kernel, so if you happen to be a Mac or Windows user, there are instructions on linked pages on how to use Vagrant to easily setup a virtual machine (VM) to use. For now we’ll work locally, but once you start installing servers you might find the Chef project to install docker useful as well.

As a first step after installation, let’s pick the first example from the Docker getting started page and create an Ubuntu 12.04 container, with completely separated processes, its own file system and its own network interface (but with network connection via the host), and have it print “hello world”. Do this by running

docker run ubuntu /bin/echo hello world

Cool huh? You probably just ran something on a different OS than that of your own machine or (in case you’re on Windows/Mac) the VM in which Docker is running! In this command ubuntu defines the image (found automatically as it is one of the standard images supplied by Docker). The run command creates an instance of the image (a container), feeding it /bin/echo hello world as the command to execute.

Read the rest of this entry »

Next step in virtualization: Docker, lightweight containers

August 8th, 2013 by
(http://blog.trifork.com/2013/08/08/next-step-in-virtualization-docker-lightweight-containers/)

Docker-logoLately, I have been experimenting with Docker, a new open source technology based on Linux containers (LXC). Docker is most easily compared to Virtual Machines (VMs). Both technologies allow you to create multiple distinct virtual environments which can be run on the same physical machine (host). Docker also shares characteristics with configuration management tools like Chef and Ansible: you can create build files (a Dockerfile) containing a few lines of script code with which an environment can be set-up easily. It’s also a deployment tool, as you can simply pull and start images (e.g. some-webapp-2.1) from a private or public repository on any machine you’d like, be it a colleagues laptop or a test or production server.

But you’re already using all those other tools, so why would you need Docker? In this blog entry, I’d like to give you an answer to that question and provide a short introduction to Docker. In my next blog entry (coming soon) I’ll dive into using Docker, specifically covering how to setup Tomcat servers.

Read the rest of this entry »