About

ifs3-final-tifs³ is based in Switzerland and is focused on innovations using modern ICT cloud solutions, designs and architecture, combined with professional software development plus IoT engineering and industrial designs. Our adaptive technical concepts enable the speed and agility into innovations for systems, services & solutions.


INNOVATION
“The electric light did not come from
the continuous improvement of candles”
(Oren Harari)

As engineers we are thrilled to work on
new clever solutions!


Consulting Engineering & Development Cloud Solutions Project-Management Test and Release Industrial Design Knowledge Base



we use 100% renewable energy
 

Docker Nginx Container

Facts in short:
– Written in Go (from Google)
– Entirely controlled by a REST API
– Running on Linux, Windows and MacOS
plus in many Public/Privat Clouds like
AWS, Google Cloud Platform, Microsoft Azure, etc.
– runtime for containers are based on Open Source

Containers

Containers include the application and all of its dependencies, but share the kernel with other containers, running as isolated processes in user space on the host operating system.

Docker containers are not tied to any specific infrastructure; they run on any computer, on any infrastructure, and in any cloud.

Linux is built in such a way, that you can directly create separate user spaces.

Each user space is in a separate isolated “sandbox” area. Each user space has its own file system and processes. These user spaces are all segregated and separate from each other.

Containers leverage this technology of the Linux operating system.

A container is just like a virtual machine WITHOUT THE OPERATING SYSTEM.

Each PHYSICAL MACHINE has ONE LINUX OPERATING SYSTEM.

Containers use the Linux OS of the physical machine.

To the user, each container appears just like a real machine.

Here is an image from docker’s website that shows a comparison between virtual machines and containers:

Examples

1. Dockerfile:
# An other example can be downloaded from: \ https://github.com/docker-training/staticweb
FROM ubuntu:14.04
MAINTAINER ifs3.com Team <info@ifs3.com>
RUN apt-get update && apt-get install -y curl openssl nginx
EXPOSE 80 443
CMD [ “nginx”, “-g”, “daemon off;” ]

2. Build an image with the repos and name it “nginx:14.04”:
docker build -f ./Dockerfile –no-cache -t nginx:14.04 .

3. Generate and run this image “nginx:14.04” in container “c001”:
docker run −−name c001 -m 32M -p 8080:80 -d nginx:14.04

4. Go to this container with name “c001”:
bash -c “clear && docker exec -it c001 sh”

Nginx, Web-Frontend für App-Server

Nginx ist auch ein idealer Kandidat für den Einsatz als Frontend vor Application-Servern, egal ob auf der Basis von Apache und PHP, Tomcat, JBoss, Rails, Django, Flask oder Node.js. Mit Nginx im Einsatz lassen sich bestehende Webanwendungen im Optimalfall um einige Größenordnungen beschleunigen. Dabei gilt: Je mehr Besucher eine Webseite hat, desto eher lohnt sich der Einsatz. Zusätzlich stattet Nginx den Webserver mit Funktionen einer Web Application Firewall aus ohne zuviel Performance einzubüßen. Mit Whitelists und einer Lernfunktion der Firewall sind damit alle Voraussetzungen erfüllt, den Server im Internet gegen automatisierte Exploitversuche zu schützen.

Statistik_Web-Server_2016-01

Statistiken: http://w3techs.com/technologies/cross/web_server/ranking
Controlling Nginx: http://nginx.org/en/docs/control.html
SPDY für Nginx: http://nginx.org/patches/spdy/README.txt
OpenResty: http://openresty.org/
Nginx-Wiki: http://wiki.nginx.org/Main
Nginx-Sticky-Modul: http://code.google.com/p/nginx-sticky-module/
HTTP-Proxy-Modul: http://wiki.nginx.org/HttpProxyModule
Cache Purge: https://github.com/FRiCKLE/ngx_cache_purge/
Naxsi: http://code.google.com/p/naxsi/
Ergebnisse der Mod-Security SQL Injection Challenge: https://code.google.com/p/naxsi/wiki/Naxsi_Vs_ObfuscatedAttackPatterns
Doxi Rules: https://bitbucket.org/lazy_dogtown/doxi-rules/src/
WordPress TimThumb RFI Vulnerability used as Botnet Recruitment Vector: http://eromang.zataz.com/2011/09/20/wordpress-timthumb-rfi-vulnerability-used-as-botnet-recruitment-vector/
Doxi Tools: https://bitbucket.org/lazy_dogtown/doxi
Nginx vs. Cherokee vs. Apache vs. Lighttpd: http://www.whisperdale.net/11-nginx-vs-cherokee-vs-apache-vs-lighttpd.html
Apache, Nginx, Varnish and G-WAN: http://nbonvin.wordpress.com/2011/03/14/apache-vs-nginx-vs-varnish-vs-gwan/
MARE-system-Präsentationen und -Vorträge: https://bitbucket.org/maresystem/vortr-ge-pr-sentationen/src/