Blockbridge

About Blockbridge

This author has not yet filled in any details.
So far Blockbridge has created 24 blog entries.

3 Things You Should Know About Docker Managed Volume Plugins

Plugins are now the recommended way to extend the capabilities of Docker. In fact, certification requires it. This post sheds light on what plugins are, the problems they solve and the most common mistake to avoid.

By |March 20th, 2017|0 Comments

Announcing: Anti-Gravity Release 3.1

Version 3.1 is hot off the CI/CD pipeline.  This update focused on storage operators and services providers: improved controls, increased efficiency and higher availability. We also updated all of our host orchestration tools and topped the release off with a Certified Plugin for Docker Enterprise! Even better, new trial options and tutorials… Here’s the rundown of the release:

Control Plane
Service Templates
Service templates precisely define the performance characteristics of storage services. You can control how performance scales with capacity, data/network placement, and bursting policies. The software now ships with 3 predefined templates (you can create as many as you like). The ‘general purpose’ and ‘provisioned iops’ templates mimic AWS EBS. The ‘unlimited’ template mimics traditional SAN.
Account Templates
Blockbridge implements a rich set of tenant permissions that allow an administrator to control nearly every aspect of the tenant’s experience: from creating asynchronous replicating disks and backing up snapshots to object storage, to the types and performance levels of […]

By |March 15th, 2017|0 Comments

Encrypted Container Backup and Restore with Volume Driver 4

The Blockbridge Docker Volume Driver version 4.0 is now available! This update adds native support for compressed and encrypted volume backup to any S3 compatible object store. Backup any application without the need for custom images, application changes or downtime. Instantly restore from backup, with full read/write access, without having to wait for a full volume transfer. Move data between test and production, from private to public clouds, and between cloud providers. Perform backups and recover from disaster scenarios without host software dependencies. Platform agnostic, cloud agnostic, host independent. Read on for more information!

Volume Driver 4.0 Compatibility

Compatibility
Description

OS
Any linux that runs docker

Docker version
Any docker version 1.9+

Orchestration
Swarm, Mesos, Kubernetes, Kontena

No additional host software required. No kernel requirements. No changes to applications or containers.
Volume Driver 4.0 Feature Reference
The Blockbridge volume driver is a full-featured volume plugin for Docker, enabling multi-host access to block storage data volumes. Many functions are available through the native […]

By |December 14th, 2016|0 Comments

Hybrid Cloud Data Mobility & Security with OX

It’s easy to copy application binaries over long distances and to change DNS entries, but what about application state? How do you move data between your old school virtual machines running in your private datacenter and your new-school containers running in a bare-metal service provider? These are a few of the problems that we have been working on.

One of the core features introduced in Anti-gravity is hybrid-cloud data mobility. The underlying technology is called Object Exchange (“OX”). OX integrates Elastic Block Storage (“EBS”) with any S3 compatible object storage provider. OX allows you to snapshot volumes from block storage directly into object storage. And, OX allows you to instantly clone volumes from object storage, copying data on-demand without waiting for a full volume transfer. OX addresses a number of fundamental mobility issues including backup, disaster tolerance and migration of elastic block storage.

Requirements:

When we set out to build OX, we spent a lot […]

By |November 30th, 2016|0 Comments

Announcing Anti-Gravity: EPS 3.0

Anti-Gravity is the 3rd generation of Blockbridge Elastic Storage. We’re introducing several new technologies that deliver on the promise of elastic block storage in public, private and hybrid cloud. In this blog post, we’ll run through the high-level list of features. Stay tuned for in-depth technical posts on some of the new concepts.

Object Exchange

Object Exchange (aka, “OX”) integrates Elastic Block Storage with any S3 compatible object storage provider. Example providers include Amazon Web Services, Google Compute Engine, Microsoft Azure, Swift, and CEPH. OX allows you to snapshot a volume from block storage directly into object storage. Additionally, OX allows you to instantly clone volumes from object storage. Cloned volumes provide immediate access to data, even if your object storage provider is off-premises. OX delivers seamless data mobility for backup, disaster tolerance and hybrid cloud applications.

HEAL – Heuristic Evaluation with Autonomous Layout

HEAL provides automated device-level data protection. It is a set […]

By |November 15th, 2016|0 Comments

Announcing End-to-End Encryption for Docker Volumes

If you’ve been following along with DockerCon2016, you probably heard the huge announcement regarding Docker security: they have integrated automated setup and management of Swarm nodes configured with TLS. In summary, they are giving each node a cryptographic identity and protecting communication channels with certificate based authentication and transport encryption. Well guess what? We have some exciting news as well!

A couple of months ago, we disclosed an industry first: support for iSCSI over TLS. In a previous post, we demonstrated that iSCSI/TLS has superior performance when compared to IPsec using functionally equivalent ciphers (3.8x bandwidth!!!). Today, we’re announcing one of the missing pieces to the Docker security puzzle: end-to-end encryption for storage.

In our latest release, you get fully automated end-to-end encryption with perfect forward secrecy (PFS) for persistent volumes. iSCSI/TLS is firewall friendly, blazingly fast and no fuss. Even better, it’s just a single command line option with Docker. Check […]

By |June 21st, 2016|0 Comments

Docker Volume Sense: Making Sense of Multi-host Environments

Migrating applications to container infrastructure requires new tools and thinking. As container infrastructure scales, so does management complexity. We know everyone loves to focus on Dev. But, you can only go so far without investing in Ops.

With that said, we’re excited to introduce Sense for Docker Volumes. Sense provides application level insight into container storage. It simplifies data management in distributed environments and provides answers to the following key questions:

What containers reference a volume?
Where are those containers located?
Which container is currently accessing a volume?
What application is the container running?
What image is the container based on?
What policies are applied to the volume?
What filesystem is the volume formatted with?
What is the filesystem utilization?
What are mount propagation settings for a volume?

Sense is now a fully supported feature of our Docker Volume Driver: no configuration is needed. Sense leverages our extensible metadata API (i.e., XMD), provided by the Blockbridge Control Plane. For deeper insight […]

By |June 18th, 2016|0 Comments

Volume Driver Update: Swarm Support and Simple Scaling with Compose

We’ve updated the Blockbridge Volume Driver with new support for Docker Swarm. This update makes it simple to deploy and scale the volume driver in a swarm deployment, using Docker Compose. Additionally, we’ve introduced helper scripts that enable you to create a swarm for development and testing.

Background
Docker Swarm is a Docker-native clustering solution. It allows you to schedule applications to run on multiple hosts, called swarm “nodes”.. Constraints, affinities, and failover of applications are all possible. By pointing the Docker command line at the swarm master, operations on images, volumes and containers work across the swarm with commands you are familiar with. Additionally, Docker Compose continues to work as expected.

Blockbridge Volumes
Blockbridge volumes are multi-host aware. This means that any volume is accessible from any node in the swarm. No matter where an application runs, its data volume is always available. An application container that fails over or moves from one […]

By |April 19th, 2016|0 Comments

Simulator Update: Up and Running in Two Commands with Docker Compose

We’ve updated the Blockbridge Simulator with the latest software from our stable release branch. In this version, we’ve reduced resource requirements and fully automated setup using Docker Compose. You’re just two commands away from a full-stack testing environment for your micro-services and service-oriented architecture projects.

Background
The Blockbridge simulator is a full version of Blockbridge Elastic Programmable Storage. It is considered a simulator because it runs as a Docker container, uses loopback file-based thin devices, and is generally limited in performance and security. However, it is ideal for demonstration, testing and development. And, it runs anywhere Docker runs, including the Docker Toolbox.

Architecture Overview
The Blockbridge architecture isolates control plane and data plane functions into micro-services. We refer to each discrete micro-service as a “node”. A management node provides an API endpoint for management functions. A storage node dynamically assembles data fabrics that provide access to data. By default, the simulator operates as a […]

By |April 12th, 2016|0 Comments

Introducing iSCSI over TLS

Blockbridge is excited to announce the first generally available implementation of iSCSI over TLSv1.2. iSCSI-TLSv1.2 delivers a 290% increase in maximum throughput, 18% reduction in minimum latency, and drastically simplified management when compared to IPsec. There’s no longer an excuse for an insecure storage network!
iSCSI
The iSCSI protocol defines a method for transporting SCSI packets over one or more TCP/IP connections (see RFC3720). 15 years ago, when the protocol was designed, secure transport options were limited. IPsec emerged as the recommended standard. Fast forward a decade and a half, we have new cipher suites, crypto primitives built into commodity hardware and storage devices that operate well in excess of 1GB/s. The time has come to consider modern alternatives to IPsec for securing high-performance storage.
IPsec Primer
IPsec is an IP/Layer 3 protocol that cryptographically protects packets of any kind (i.e. TCP, UDP, ICMP, etc). In the most common mode of operation, each transmitted […]

By |March 6th, 2016|0 Comments