Steps to install Docker on Ubuntu 16.04 servers

What issues have arisen during your Docker installation?

If IT wants to maximize Docker’s potential on Ubuntu 16.04 servers, know these steps and commands to ensure a smooth installation.

Jack Wallen

Linux expert – SearchDataCenter

Containers enable organizations to expand beyond the standard server in ways that traditional technologies cannot.

With containers, you can bundle a piece of software within a complete file system that contains everything it needs to run: code, runtime, system tools, system libraries and so on. When you deploy an application or service this way, it will always run the same, regardless of its environment.

If you want to containerize a service or an app, you’ll need to get up to speed with Docker, one of the most popular container tools. Here are some guidelines to install Docker on Ubuntu 16.04 servers and fulfill Docker’s potential.

What to know before you install Docker on Ubuntu 16.04

Before you install Docker on Ubuntu 16.04, update the apt utility — a package manager that includes the aptcommand — and upgrade the server. If apt upgrades the kernel, you may need to reboot. If you need to reboot, do it when the server can be down for a brief period. It’s important to note that you can only install Docker on 64-bit architecture, with a minimum kernel of 3.10.

To update and upgrade, enter the following commands:

sudo apt-get update
sudo apt-get upgrade

Once the update/upgrade is complete, you can install Docker with a single command:

sudo apt-get install -y

When the install completes, start the Docker engine with the command:

sudo systemctl start docker

Finally, enable Docker to run at boot with the command:

sudo systemctl enable docker

Running Docker as a standard user

Out of the box, you can only use Docker if you’re the root user, or by way of sudo. Since either running Docker as the root user or with sudo can be considered a security risk, it’s crucial to enable a standard user. To do that, you must add the user to the Docker group. Let’s say we’re going to add the user “Olivia” to the Docker group so that she can work with the tool. To do this, issue the following command:

sudo gpasswd -a olivia docker

Restart the Docker service with the command:

sudo systemctl restart docker

Once Olivia logs out and logs back in again, she can use Docker.

Docker terminology

Before we get into the commands to work with Docker, you’ll need to understand some of its terminology.

  • Image: a frozen snapshot of live containers. Images are generally pulled from the Docker Hub, but you can create your own images. Images are read-only.
  • Container: an active, stateful instance of an image that is read-write.
  • Registry: a repository for Docker Images.

 In a nutshell, you pull images from a registry and run containers from those images.

Let’s say you want to run a Debian Linux container so you can test or develop a piece of software. To pull down the Debian image, you should search the registry first. Issue the command docker search debian. The results of that search (Figure A) are important.

Figure A. Docker search command results.

The first two listings are marked as “official.” To be safe, always pull official images. Pull down that debian image with the command:


When the image pull is complete, Docker will report the image debian:latest has been downloaded. To make sure it’s there, use the command:

docker images

Figure B. Debian is ready to run.

You are now ready to create the debian container with the command:


The above command will return a hash to indicate that you’ve created a container.

Figure C. How to create a Debian container.

To run the container, issue the command:

docker run -i -t debian /bin/bash

The above command will run the debian container. It keeps STDIN (standard input) open with the -i option, allocates a pseudo-tty with the -t option, and places you in a Bash prompt so you can work. When you see the Bash prompt change, you’ll know that the command succeeded.

Figure D. The Debian container is now working.

You can work within your container and then exit the container with the command exit.

Commit changes

After you install Docker on Ubuntu 16.04, let’s say you want to develop an image to be used later. When you exit a running container, you will lose all of your changes. If that happens, you cannot commit your changes to a new image. To commit those changes, you first need to run your container in the background (detached), by adding the -d option:

docker run -dit debian

When you run the container like this, you can’t make any changes because you won’t be within the container. To gain access to the container’s shell, issue the command:

docker exec -i -t HASH /bin/bash

HASH is created after running the image in the background — it will be a long string of characters.

Now, you should be inside the running container. Make your changes and then exit the running container with the command exit. If you re-enter the container, your changes should still be present.

To commit your changes to a new image, issue the command:

docker commit HASH NAME

HASH is the hash for our running container and NAME is the name you’ll give the new image.

If you now issue the command docker images, your newly created image will be listed alongside the image you pulled from the Docker Hub registry.

Figure E. The newly created test image.

Next Steps

This was last published in April 2017

80 Linux commands you’ll actually use

Enterprise administrators and managers who use this guide of essential Linux commands, utilities and tools will find ways to manage files, get process status updates and more.

Jessica Lulka

Associate site editor – SearchDataCenter

Linux administrators cannot live by the graphical user interface alone. That’s why we’ve compiled useful Linux commands into this convenient guide.

By learning how to use a few simple tools, command-line cowards can become scripting commandos and get the most out of Linux by executing kernel and shell commands. 


The alias command is a way to run a command or a series of Unix commands using a shorter name than those that are usually associated with such commands.

The apt-get tool automatically updates a Debian machine and installs Debian packages/programs.

AWK, Gawk
AWK is a programming language tool used to manipulate text. The AWK utility resembles the shell programming language in many areas, but AWK’s syntax is very much its own. Gawk is the GNU Project’s version of the AWK programming language.

A portable, fast, open source program that compresses and decompresses files at a high rate, but that does not archive them.

A Unix/Linux command that can read, modify or concatenate text files. The cat command also displays file contents.

The cd command changes the current directory in Linux and can conveniently toggle between directories. The Linux cd command is similar to the CD and CHDIR commands in MS-DOS.

The chmod command changes the permissions of one or more files. Only the file owner or a privileged user can change the access mode.

The chown prompt changes file or group ownership. It gives admins the option to change ownership of all the objects within a directory tree, as well as the ability to view information on the objects processed.

The cmp utility compares two files of any type and writes the results to the standard output. By default, cmp is silent if the files are the same. If they differ, cmp reports the byte and line number where the first difference occurred.

Admins use comm to compare lines common to file1 and file2. The output is in three columns; from left to right: lines unique to file1, lines unique to file2 and lines common in both files.

The cp command copies files and directories. Copies can be made simultaneously to another directory even if the copy is under a different name.

The cpio command copies files into or out of a cpio or tar archive. A tar archive is a file that contains other files, plus information about them, such as their file name, owner, timestamps and access permissions. The archive can be another file on the disk, a magnetic tape or a pipe. It also has three operating modes: copy-out, copy-in and copy-pass. It is also­ a more efficient alternative to tar.

CRON is a Linux system process that executes a program at a preset time. To use a CRON script, admins must prepare a text file that describes the program and when they want CRON to execute it. Then, the crontab program loads the text file and executes the program at the specified time.

Admins use cURL to transfer a URL. It is useful for determining if an application can reach another service and how healthy the service is.


The declare command states variables, gives them attributes or modifies the properties of variables.

This command displays the amount of disk space available on the file system containing each file name argument. With no file name, the df command shows the available space on all the currently mounted file systems.


Use echo to repeat a string variable to standard output.

The enable command stops or starts printers and classes.

The env command runs a program in a modified environment or displays the current environment and its variables.

The eval command analyzes several arguments, concatenates them into a single command and reports on that argument’s status.

This function replaces the parent process with any subsequently typed command. The exec command treats its arguments as the specification of one or more subprocesses to execute.

The exit command terminates a script and returns a value to the parent script.

The expect command talks to other interactive programs via a script and waits for a response, often from any string that matches a given pattern.

The export command converts a file into a different format than its current format. Once a file is exported, it can be accessed by any application that uses the new format.


The find command searches the directory tree to locate particular groups of files that meet specified conditions, including -name, -type, -exec, -size, -mtime and -user.

The for and while commands execute or loop items repeatedly as long as certain conditions are met.

With the free command, admins can see the total amount of free and used physical memory and swap space in the system, as well as the buffers and cache used by the kernel.


See AWK.

The grep command searches files for a given character string or pattern and can replace the string with another. This is one method of searching for files within Linux.

This is the GNU Project’s open source program for file compression that compresses webpages on the server end for decompression in the browser. This is popular for streaming media compression and can simultaneously concatenate and compress several streams.


The history function shows all the commands used since the start of the current session.


The iconfig command configures kernel-resident network interfaces at boot time. It is usually only needed when debugging or during system tuning.

With ifup, admins can configure a network interface and enable a network connection.

The ifdown command shuts down a network interface and disables a network connection.

iptablesThe iptables command allows or blocks traffic on a Linux host and can prevent certain applications from receiving or transmitting a request.


With kill signals, admins can send a specific signal to a process. It is most often used to safely shut down processes or applications.


The less command lets an admin scroll through configuration and error log files, displaying text files one screen at a time with backward or forward navigation available.

The locate command reads one or more databases and writes file names to match certain output patterns.

The lft command determines connection routes and provides information to debug connections or find a box/system location. It also displays route packets and file types.

The ln command creates a new name for a file using hard linking, which allows multiple users to share one file.

The ls command lists files and directories within the current working directory, which allows admins to see when configuration files were last edited.

Admins use lsof to list all the open files. They can add -u to find the number of open files by username.

The lsmod command displays a module’s status within the kernel, which helps troubleshoot server function issues.

The man command allows admins to format and display the user manual that’s built into Linux distributions, which documents commands and other system aspects.

Similar to less, more pages through text one screen at a time, but has limitations on file navigation.

This command mounts file systems on servers. It also lists the current file systems and their mount locations, which is useful to locate a defunct drive or install a new one.

Linux mkdir generates a new directory with a name path.


Gnome GUI tool that allows admins to specify the information needed to set up a network card.

Admins can use netconfig to configure a network, enable network products and display a series of screens that ask for configuration information.

This command provides information and statistics about protocols in use and current TCP/IP network connections. It is a helpful forensic tool for figuring out which processes and programs are active on a computer and are involved in network communications.

A user can enter a host name and find the corresponding IP address with nslookup. It can also help find the host name.

The od command dumps binary files in octal — or hex/binary — format to standard output.

Admins use passwd to update a user’s current password.

The ping command verifies that a particular IP address exists and can accept requests. It can test connectivity and determine response time, as well as ensure an operating user’s host computer is working.

Admins use ps to report the statuses of current processes in a system.

The print working directory (pwd) command displays the name of the current working directory.

The read command interprets lines of text from standard input and assigns values of each field in the input line to shell variables for further processing.

This command syncs data from one disk or file to another across a network connection. It is similar to rcp, but has more options.

The GNU screen utility is a terminal multiplexor where a user can use a single terminal window to run multiple terminal applications or windows.

Admins use sdiff to compare two files and produce a side-by-side listing indicating lines that are dissimilar. The command then merges the files and outputs the results to the outfile.

The sed utility is a stream editor that filters text in a pipeline, distinguishing it from other editors. It takes text input, performs operations on it and outputs the modified text. This command is typically used to extract part of a file using pattern matching or to substitute multiple occurrences of a string within a file.

This command is the quickest way to start or stop a service, such as networking.

The shutdown command turns off the computer and can be combined with variables such as -h for halt after shutdown or -r for reboot after shutdown.

Like locate, slocate, or secure locate, provides a way to index and quickly search for files, but it can also securely store file permissions and ownership to hide information from unauthorized users.

Snort is an open source network intrusion detection system and packet sniffer that monitors network traffic. It looks at each packet to detect dangerous payloads or suspicious anomalies. Snort is based on libpcap.

This command sorts lines of text alphabetically or numerically according to the fields. Users can input multiple sort keys.

The sudo command lets a system admin give certain users the ability to run some — or all — commands at the root level and logs all the commands and arguments.

SSH is a command interface for secure remote computer access and is used by network admins to remotely control servers.

The tar command lets users create archives from a number of specified files or to extract files from a specific archive.


The tail command displays the last few lines of the file. This is particularly helpful for troubleshooting code because admins don’t often need all the possible logs to determine code errors.

TOP is a set of protocols for networks that performs distributed information processing and displays the tasks on the system that take up the most memory. TOP can sort tasks by CPU usage, memory usage and runtime.

Admins can create a blank file within Linux with the touch command.

This command translates or deletes characters from a text stream. It writes to a standard output, but it does not accept file names as arguments — it only accepts input from standard input.

The traceroute function determines and records a route through the internet between two computers and is useful for troubleshooting network/router issues. If the domain does not work or is not available, admins can use traceroute to track the IP.

This function displays the current operating system name and can print system information.

With uniq, admins can compare adjacent lines in a file and remove or identify any duplicate lines. 

The vi environment is a text editor that allows a user to control the system with just the keyboard instead of both mouse selections and keystrokes.

The vmstat command snapshots everything in a system and reports information on such items as processes, memory, paging and CPU activity. This is a good method for admins to use to determine where issues/slowdown may occur in a system.

This is a network utility that retrieves web files that support HTTP, HTTPS and FTP protocols. The wget command works non-interactively in the background when a user is logged off. It can create local versions of remote websites and recreate original site directories.

See for.

The whoami command prints or writes the user login associated with the current user ID to the standard output.

Admins use xargs to read, build and execute arguments from standard input. Each input is separated by blanks.

How to choose a server based on your data center’s needs

What are the most important elements for your enterprise when you’re buying servers?

In an effort to optimize performance in the enterprise, IT should evaluate top priorities to determine how to choose a server and create the most efficient workloads.

Stephen J. Bigelow

Senior Technology Editor – TechTarget – SearchWindowsServer

Servers are the heart of modern computing, but the contemplation around how to choose a server to host a workload can sometimes create a bewildering array of hardware choices. While it’s possible to fill a data center with identical, virtualized and clustered white box systems that are capable of managing any workload, the cloud is changing how organizations run applications.

As more companies deploy workloads in the public cloud, local data centers require fewer resources to host the workloads that remain on premises. This is prompting IT and business leaders to seek out more value and performance from the shrinking server fleet.

Today, the expansive sea of white box systems is challenged by a new wave of specialization with server features. Some organizations are rediscovering the notion that one server may indeed fit all. But you can select or even tailor server cluster hardware to accommodate particular usage categories.

VM consolidation and network I/O add benefits

A central benefit of server virtualization is the ability to host multiple VMs on the same physical server in order to utilize more of a server’s available compute resources. VMs primarily rely on server memory (RAM) and processor cores. It’s impossible to determine precisely how many VMs can reside on a given server because you can configure VMs to use a wide range of memory space and processor cores. However, the rule of thumb on servers includes selecting one with more memory and processor cores will typically allow more VMs to reside on the same server, which improves consolidation.

For example, a Dell EMC PowerEdge R940 rack server can host up to 28 processor cores and offers 48 double data rate 4 (DDR4) dual in-line memory module (DIMM) slots that support up to 6 TB of memory. Some organizations may choose to forego individual rack servers in favor of blade servers for an alternative form factor or as part of hyper-converged infrastructure systems. Servers intended for high levels of VM consolidation should also include resiliency server features, such as redundant hot-swappable power supplies, and resilient memory features, such as DIMM hot swap and DIMM mirroring.

A secondary consideration on how to choose a server for highly consolidated purposes is the added attention to network I/O. Enterprise workloads routinely exchange data, access centralized storage resources, interface with users across the LAN or WAN and so on. Network bottlenecks can result when multiple VMs attempt to share the same low-end network port. Consolidated servers can benefit from a fast network interface, such as a 10 Gigabit Ethernet port, though it is often more economical and flexible to select a server with multiple 1 GbE ports that you can trunk together for more speed and resilience.

When choosing a server, evaluate the importance of certain features based on the use cases.

Container consolidation opens up RAM on how to choose a server

Virtualized containers represent a relatively new approach to virtualization that allows developers and IT teams to create and deploy applications as instances that package code and dependencies together — yet containers share the same underlying OS kernel. Containers are attractive for highly scalable cloud-based application development and deployment.

As with VM consolidation, compute resources will have a direct effect on the number of containers that a server can potentially host, so servers intended for containers should provide an ample quantity of RAM and processor cores. More compute resources will generally allow for more containers.

But large numbers of simultaneous containers can impose serious internal I/O challenges for the server. Every container must share a common OS kernel. This means there could be dozens or even hundreds of containers trying to communicate with the same kernel, resulting in excess OS latency that might impair container performance. Similarly, containers are often deployed as application components, not complete applications. Those component containers must communicate with each other and scale as needed to enhance the performance of the overall workload. This can produce enormous — sometimes unpredictable — API traffic between containers. In both cases, I/O bandwidth limitations within the server itself, as well as the application’s architectural design efficiency, can limit the number of containers a server might host successfully.

Network I/O can also pose a potential bottleneck when many containerized workloads must communicate outside of the server across the LAN or WAN. Network bottlenecks can slow access to shared storage, delay user responses and even precipitate workload errors. Consider the networking needs of the containers and workloads, and configure the server with adequate network capacity — either as a fast 10 GbE port or with multiple 1 GbE ports, which you can trunk together for more speed and resilience.

Most server types are capable of hosting containers, but organizations that adopt high volumes of containers will frequently choose blade servers to combine compute capacity with measured I/O capabilities, spreading out containers over a number of blades to distribute the I/O load. One example of servers for containers is the Hewlett Packard Enterprise (HPE) ProLiant BL460c Gen10 Server Blade with up to 26 processor cores and 2 TB of DDR4 memory.

Visualization and scientific computing affect how to choose a server

Graphics processing units (GPUs) are increasingly appearing at the server level to assist in mathematically intensive tasks ranging from big data processing and scientific computing to more graphics-related tasks, such as modeling and visualization. GPUs also enable IT to retain and process sensitive, valuable data sets in a better-protected data center rather than allow that data to flow to business endpoints where it can more easily be copied or stolen.

Generally, the support for GPUs requires little more than the addition of a suitable GPU card in the server — there is little impact on the server’s traditional processor, memory, I/O, storage, networking or other hardware details. However, the GPU adapters included in enterprise-class servers are often far more sophisticated than the GPU adapters available for desktops or workstations. In fact, GPUs are increasingly available as highly specialized modules for blade systems.

For example, the HPE ProLiant WS460c Gen9 Graphics Server Blade uses Nvidia Tesla M60 Peripheral Component Interconnect Express graphics cards with two GPUs, 4,096 Compute Unified Device Architecture cores and 16 GB of graphics DDR5 separate video RAM. The graphics system touts support for up to 48 GPUs through the use of multiple graphics server blades. The large volume of supported GPU hardware — especially when GPU hardware is also virtualized — allows many users and workloads to share the graphics subsystem.

What server features do you look for?

This is the first article of a two-part series. The second article discusses  server features, such as data servers and security.

Next Steps

This was last published in November 2017

Learn the major types of server hardware and their pros and cons

What type of server has benefited your organization the most?

Servers protect data, centralize resources and enable remote worker productivity, but buyers must understand which server types works best for their data center.

Robert Sheldon

Contributor – SearchSQLServer

Servers host applications, manage files, process emails, stream media and perform analytics. Any organization can benefit from the power and versatility that servers provide, but it can be difficult to know which types of server hardware to choose.

Today’s servers are primarily available in three forms: racks, blades and mainframes. The majority of IT teams turn to rack and blade servers to meet their server requirements. Some teams opt for mainframe computers to handle their workloads, although not nearly to the extent of rack and blade servers.

Rack, blade and mainframe servers all have their advantages and disadvantages, and buyers should carefully weigh these different types of server hardware before deciding on a product. Buyers do not need to limit their selection to any one type, however. Organizations can choose what’s best for the workloads they need to support with an eye on budget and space constraints.

What is a server?

A server is a type of computer that provides processing and memory resources for different workloads. The term server can refer to the computer itself or to a program that delivers a service, such as an email management system. Most hardware-related references concern the physical machine. The server operating system (OS) is designed to process large workloads, deliver services and support network-based operations. Common server OSes include Linux, Unix and Windows Server.

Servers are usually set up to provide one or more specific services. Servers are commonly used to manage network resources and make them available to client devices. A server is often referenced to based on the purpose it serves. For example, a print server provides network users with access to shared printers, and a media server streams video and audio content to network users.

A server’s physical configuration is usually specific to the types of services it provides. For example, a database server might include more processing or memory resources to handle the influx of concurrent transactions. Many data centers also implement server virtualization to deliver services more efficiently. Server virtualization can help better utilize the server’s physical resources, while also increasing flexibility and security and reducing energy consumption.

Editor’s note

With extensive research into the server market, TechTarget editors have focused this series of articles on server vendors with considerable market presence and that offer at least one product among blade, rack and mainframe types. Our research included Gartner, Forrester and TechTarget surveys.

Why purchase a server?

Any organization that supports more than a handful of users can benefit from different types of server hardware. For most organizations, servers are essential to carrying out business and protecting sensitive resources. Organizations might need to purchase servers when they set up new data centers, expand or update existing ones, open satellite offices, or spin up development projects.

Although servers add to the number of computers that an organization must support, they can also help consolidate resources; different types of server hardware make it possible to share printers, disk drives and applications with network users. Although users can share resources across peer-to-peer networks, a server is much better equipped to manage those resources and deliver them securely across the network, especially with a large number of users.Any organization that supports more than a handful of users can benefit from different types of server hardware.

This use of servers can also lead to greater productivity because resources are centralized, which allows workers to easily share data with their colleagues. Users can access the resources they need when they need them without worrying about managing them. For example, they do not have to keep a copy of the data on their own systems, implement and maintain a backup, or manage multiple copies of the same data.

In addition, servers enable users to access the applications and data they need from remote locations, which makes it easier for workers to stay productive when they travel or work remotely.

Servers also add business value via data protection, providing the structure necessary for admins to control which users can access files, applications, peripherals and other resources. In addition, admins can control the security mechanisms that they implement on the servers, as well as centrally monitor systems for issues related to security and compliance.

Different types of server hardware also make it easier to back up system and user data and implement disaster recovery strategies. Admins can also more easily ensure the reliability and availability of data, whether by clustering servers or building redundancies into system components. In addition, the consolidated model makes it possible to centralize other management operations, such as maintaining workstations, controlling domains and monitoring software.

Because servers can consolidate resources, streamline management and increase productivity, they can ultimately reduce costs. In addition, their centralized management capabilities make it easier to track application usage to better control licensing costs and avoid expensive software audits.

Because servers better protect the data, it is less likely to be compromised, helping to avoid costly fines, tarnished reputations and the lost business that comes with both of these.

Rack servers

A rack server, also known as a rack-mounted server, is a standard-size computer designed to be mounted in a server rack along with other rack servers or standard-size components, such as network or storage area network devices. A rack server is considered to be a general-purpose machine that can support a wide range of workloads.

Rack servers take up a lot less space than tower servers because they’re not encased in bulky cabinets and users can stack them in a single rack along with the other components. In addition, because providers have standardized the size of racks and rack servers, admins can easily add or replace servers if one should malfunction. The design also makes it simple to add components gradually to accommodate growing workloads. Best of all, the servers in the same rack don’t have to be the same model or come from the same vendor.

One of the biggest challenges with rack servers is managing all the cabling that ties the components together. Rack servers require cables for power, networking, management and storage, all of which hang off of the back of the stacked components, making it difficult to manage the cables and servers. The cables can also affect cooling, which is already challenging with rack servers because of their proximity to each other.

Blade servers

A blade server is a modular component — blade — that fits into a server chassis along with other blades. Each blade has its own processors, memory and integrated network controllers. The blade might also include a Fibre Channel host bus adapter, as well as other I/O ports. Blade servers offer more processing power in a smaller space than rack servers while providing a simplified cabling structure.

Because blades are so tightly configured within the chassis, the chassis itself is sometimes referred to as the blade server and the individual blades are called modular motherboards or circuit boards even though they’re servers in their own right. This is because the chassis provides consolidated resources such as power, cooling and networking, which are shared across all the blades within the chassis. Admins can also mount the chassis on a standard-size server rack.

One of the biggest advantages of a blade server compared to a rack server is its ability to provide greater processing density within a smaller space. This can result in a price-to-performance advantage even though blade servers are themselves more expensive than rack servers. This efficient use of space can increase redundancy to better ensure the reliability and availability of applications and data.

In addition, the blades and chassis components are hot-swappable, including the cooling system, controllers and switches. Plus, because of the chassis structure, cabling is simpler when compared to the rack server. The blade system also provides a centralized management console to control and monitor the system’s components.

Although blade servers offer state-of-the-art computing capabilities, they also come with a few drawbacks. For example, the server chassis and blade architecture are proprietary, which makes vendor lock-in a strong possibility. This proprietary nature can also limit upgrade options if the vendor does not release new or updated components in a timely manner.

Although blade servers are more expensive than rack servers, savings in space, power and management can offset expenses under the right circumstances. However, the rack server provides a lower entry cost, which can be an advantage to an organization that wants to start out small and work its way up gradually. Also, with blade servers, an organization might need to update its data center to accommodate power and cooling needs.

Despite these concerns, a blade server can be a good fit in a number of circumstances, particularly for data centers with high-density server rooms in which space is limited. Blade servers are well-suited to a single task that requires clustered servers, such as file sharing, web hosting, video streaming, database management or virtual desktop infrastructure.

Mainframe servers

mainframe server is an extremely powerful computer; it’s about the size of a large refrigerator. Unlike its predecessors, which could take up an entire room, today’s mainframes are much more compact and powerful and include sophisticated encryption capabilities, as well as multiple layers of redundancy. Mainframes are still much bigger and bulkier than rack or blade servers, as well as a lot more expensive. However, mainframes are also much more powerful and reliable than anything else out there.

A mainframe is designed for high throughput; it can support a large number of simultaneous transactions and heavy I/O loads without affecting performance. IBM leads the way in the mainframe market, producing systems that can perform 12 billion encrypted transactions per day.

In addition to its massive transaction processing capabilities, a mainframe is extremely configurable, supports dynamic reconfigurations and provides hot-swappable hardware components. A mainframe normally runs its own OS, such as IBM’s z/OS, but recent models also support Linux, running on bare metal or in virtual machines, considerably increasing the mainframe’s capabilities.

Mainframes have a reputation for being resilient, reliable and secure, incorporating some of the most advanced hardware technologies available. Multiple layers of redundancy exist throughout the system to ensure continuous reliability and availability. In addition, admins can cluster mainframes to deliver even greater reliability and availability, especially if the cluster is geographically dispersed, which can help protect against a disaster in any one location.

Mainframes are primarily suited for high-volume, data-intensive workloads with many concurrent, real-time transactions, such as the transactions of banks or other financial institutions. Industries such as utility companies, government agencies and health care systems can also benefit from the power a mainframe computer can offer.

However, a mainframe’s high price tag also means that it’s not a system for organizations that are simply testing the waters or implementing types of server hardware incrementally. A mainframe might be more cost-effective in the long term depending on the supported workloads, but the initial capital outlay could be too much for many businesses.

Mainframes also require skilled technicians to implement and operate — a type of admin getting harder to find as much of the attention turns to rack and blade servers. For many organizations, a mainframe comes with a learning curve that might be too steep to take on.

Hyper-converged infrastructure

Organizations in the market for data center servers might also consider hyper-converged infrastructure (HCI), a software-centric system for delivering compute, storage and networking resources in a tightly integrated system. Vendors offer HCI platforms as self-contained appliances, software-only packages or reference architectures.

An HCI platform typically consists of multiple server nodes, a hypervisor for virtualizing resources on each node, and an intelligent software layer that manages and orchestrates resources across the server nodes. In addition, HCI systems usually include built-in data protections, such as mirroring, replication or erasure coding, as well as backup, redundancy and other disaster recovery capabilities.

The compute nodes that make up an HCI platform can be standard, off-the-shelf servers. In addition to the processing and memory resources, each server also includes its own direct-attached storage. Most HCI appliances include at least three nodes, with the ability to add nodes to accommodate growing workloads.

The intelligent software consolidates the resources from each server into a shared resource pool, delivering a high degree of flexibility while also simplifying management. Scaling the system is merely a matter of adding another server node. However, the server nodes must be identical, so adding a node can sometimes mean purchasing resources that are not always necessary in order to boost the compute resources.

This was last published in December 2018

Top server maintenance tips to extend hardware lifespan

IT administrators can upgrade CPU, RAM and networking hardware to maintain smooth server operations and to maximize resources.

Alastair Cooke

There are many server maintenance tips that can help you protect servers over their three-to-five year lifespan in the corporate data center, such as refreshing RAM and network cards and keeping software up to date.

Physical cleanliness is an important aspect of server maintenance. It should not be an issue in a large and adequately maintained data center, but there are plenty of dust bunnies in smaller data centers, which should make you wonder what accumulates inside those servers.

It’s important to clean out servers every year or two — shut them down and blow them clean with compressed air — but you should also vacuum regularly. Make sure the air conditioning filters are clean, too. When it comes to routine tasks, prevention is far better than unexpected downtime.

Midlife upgrades one of the top server maintenance tips

Organizations often buy servers or specific server configurations to match their budget or expected workload profile. However, a year or two after deployment, more money for hardware might become available, or changes to the workload might warrant a midlife server hardware upgrade. Upgrades can offer improved performance, capacity and utility.

To do a midlife server upgrade, start by identifying which servers need new hardware. Use server monitoring software such as Nagios, SolarWinds Orion Network Performance Monitor, Hyperic HQ or GFI Network Server Monitor to measure uptime, process success, thread count and application responsiveness. These metrics show how much hardware and storage space your applications need to run properly.

You can add RAM to a server by filling empty dual in-line memory module (DIMM) slots or by replacing all of the DIMMs with larger-capacity modules. Keep memory DIMMs consistent within each server; ideally, they should be the same size and speed and be from the same vendor, if possible. This provides consistent electrical and timing characteristics, and it reduces column strobe access latency.

With this approach, you should put the new RAM in one server and move the old RAM modules so one server contains all the new DIMMs and the other is all older DIMMs. This practice ensures the most efficient storage performance; when you mix and match too many different DIMM characteristics, such as timing, types and architectures, your storage quality can degrade over time.

If you homogenize your DIMMS, check that the process won’t disrupt any active data center workloads before you start shifting hardware.

You can also update CPUs so they are internally consistent. Sometimes, it makes sense to buy servers with prefilled DIMM slots and CPU sockets. Having a pre-upgraded server maintenance model is mandatory when the finance team requires that any upgrade on a server start a new three-year depreciation period.

Network upgrades

In addition to expanding RAM and CPU as a part of your upgrades, another server maintenance tip is to evaluate how well your servers support the network. The gap between hardware performance and network speed can cause a bottleneck, which makes it essential that you upgrade your networking hardware over the server’s lifetime.

New network standards such as 40 Gigabit Ethernet and 32G Fibre Channel offer consistent data transfer and low latency rates for server-to-server communication, but installing the latest network switches or cabling won’t automatically improve network speeds or eliminate bottlenecks. You must ensure that the server’s PCIe cards support the increased bandwidth and that they are compatible with the network interface cards.

The best option is to buy new servers with the fastest network cards available and plan to use replacement servers when faster networks are available. If you cannot buy new servers, a server maintenance tip is to refresh the network cards. Newer network cards require more CPU resources on older servers, especially if there are no changes to the workload, resource management or server utilization.

Address software health

Software and firmware version updates should already be part of your normal server upgrades. These bring stability and performance improvements, so a regular update cycle can help prevent outage incidents and maximize the value of the server infrastructure.

Routine upgrades can help keep you in alignment with support service contracts and prevent you from working with out-of-date firmware or software. If minor updates are a routine operational procedure, you can easily roll out major version updates and remain on supported versions.

Most organizations are well set up for operating system and hypervisor updates, but they often overlook basic input/output system and firmware updates. Make sure you apply all the possible updates to keep your servers and data center healthy over time.

This was last published in January 2019

What issues can arise from hardware debug exception flaws?

How does your enterprise protect against hardware debugging vulnerabilities?

Misinterpretation of Intel’s System Programming Guide resulted in a hardware debug exception vulnerability. Expert Michael Cobb explains how attackers can gain unauthorized access.

Michael Cobb

CISSP-ISSAP – SearchSecurity

CERT issued an advisory regarding a problem with Intel’s documentation, which inadvertently caused OS and hypervisor developers to create a hardware debug exception vulnerability in their software. What is the underlying hardware debug exception and what problems does it cause?

There are plenty of cases in which security vulnerabilities have been introduced into software programs because developers failed to correctly implement a third-party library or component, often due to a failure to read the relevant vendor documentation.

Vulnerability CVE-2018-8897 is somewhat different though, as the entire community of operating system and hypervisor developers appears to have misinterpreted a statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer’s Manual.

This has resulted in a hardware debug exception vulnerability being introduced into developers’ software, enabling an attacker to gain unauthorized access to kernel memory by submitting a specially crafted sequence of commands, either using malicious software or a user logged into the system. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode, enabling them to install programs; view, change or delete data; and create an account with full admin rights.

Nick Peterson of Everdox Tech, along with Nemanja Mulasmajic of, discovered the vulnerability and turned it into a local privilege escalation exploit. The vulnerability arose because of the way OS developers implemented hardware debugging commands for Intel x86-64 architectures. When Intel released its 8086 16-bit microprocessor chip in 1978, it added a special caveat for loading two stack segment (SS) registers: MOV SS and POP SS.

The SS register is usually used to store information about the memory segment that stores the call stack of the program that is being executed.

“Even though system software developers could add interrupt guards to code loading SS, Intel added functionality where loading SS with either of the two previously mentioned instructions would force the processor to disable external interrupts, non-maskable interrupts (NMI) and pending debug exceptions until the boundary of the instruction following the SS load was reached,” Peterson said.

The purpose of this change was to prevent an interrupt from being recognized and used immediately after loading SS, but before loading a stack pointer — a useful precaution based on the design of operating systems at the time — but Peterson discovered an undocumented side effect of these changes.

After this functionality was added, system software developers assumed that when interrupts are disabled, debug exceptions are also disabled. However, a pending debug exception, NMI or machine check can still occur.

The occurrence of a debug exception executing before the interrupt handler can set up a good state, though that is admittedly an edge case, and can be used to trick the system into employing a user GS-BASE value. This may enable an attacker to utilize operating system APIs to gain access to sensitive memory information or to control low-level operating system functions.

All the main operating system and virtualization software vendors have already issued patches for the hardware debug exception flaw, which Microsoft assessed as unlikely to be exploited. However, it does show that not only do developers need to carefully read implementation documentation, but vendors also need to ensure that their documentation and guidance is complete, clear, easily understood and not open to misinterpretation.

Ask the expert:
Want to ask Michael Cobb a question about application security? Submit your questions now via email.

(All questions are anonymous.)

This was last published in September 2018

Cloud and backup top storage priorities for 2019

Deploying the cloud for primary and secondary storage and backup and archiving project top project priorities in 2019. SAN, NAS and hyper-convergence also prominent

Antony Adshead

Storage Editor – Computer Weekly –

13 Feb 2019 9:36

Cloud-based initiatives and backup and archiving dominate UK IT departments’ storage projects for 2019.

Cloud storage and backup/archiving projects feature in five of the top six storage priorities reported by more than 250 respondents to this year’s Computer Weekly/TechTarget IT Priorities research.

Top of the list for primary storage projects is cloud backup as a service, which is a priority in 2019 for 33% of those asked. After that come virtual server backup (29%), backup software refreshes (27%), public cloud storage (26%) and data archiving (23%).

Of the top six, the only one not directly related to cloud storage or data protection is data management, which is a priority for 28% of respondents.

Traditional shared storage is still very much a key primary storage initiative for many IT departments, however, with about one-fifth planning storage area network (SAN) and network-attached storage (NAS) projects in 2019 (21% and 19% respectively).

Meanwhile, hybrid storage arrays will be a focus for 16% of those asked, while 12% plan object storage deployments.

Hyper-converged infrastructure (HCI) was listed as a key primary storage initiative for 2019 by 14% of respondents, although elsewhere in the survey 21% said they would use HCI in production and 67% said they expected the share of HCI in their organisation’s compute capacity to increase.

When asked about secondary storage projects, the cloud and backup/archiving also dominated.

Cloud backup as a service came out on top again, with 37% citing it as a key initiative for 2019. After that are backup software projects (30%) and data archiving (26%). These are followed by projects in on-premise disaster recovery (21%) and backup hardware deployments (19%).

The survey also asked how much storage capacity organisations retain. The largest number (32%) of those asked have between 10TB and 99TB, while 30% have less than 10TB. Meanwhile, 17% have between 100TB and 249TB and 5% have more than 10PB.

Read more about cloud storage

Clarifying what cloud and virtualized data storage really mean

How are you using storage virtualization to lower your storage costs?

Cloud storage doesn’t always mean the public cloud. Virtualization and virtualized data storage aren’t always about virtual servers and desktops. Find out what’s really going on.

Logan G. Harbaugh

IT consultant/freelance reviewer – Independent consultant – SearchStorage

Let’s clear up some misconceptions about storage. First, cloud storage isn’t always hosted on a public service, such as AWS and Microsoft Azure. And second, virtualization and virtualized data storage don’t just refer to virtual servers or desktop systems hosted on VMware ESX or Microsoft Hyper-V. These two misconceptions are related, because one true thing about cloud storage is that it is virtualized.

To a certain extent, all storage is virtualized. Even the most basic block-based hardware system — a single hard disk — is mapped by the storage controller attached to the hard disk. This translates the physical hardware blocks, sectors and tracks on the hard drive’s physical disks into a virtual set of blocks, sectors and tracks that the motherboard and storage controller use to communicate with the physical disk.

Likewise, file-based storage creates an SMB or NFS volume containing files and metadata, even though the underlying file system might be different from the one presented by the storage system. Many file servers use more modern file systems, such as ZFS, instead of SMB or NFS, and then translate. Others use CIFS or NFS and present the volume as both. That way, an SMB volume can be presented as an NFS volume and vice versa. This is also a type of virtualized data storage.

The truth about virtualized data storage

Storage virtualization refers to storage that isn’t directly accessible to the storage consumer. It can be a server, server instance, client system or other system that needs storage. Nearly all storage in the data center and public and private clouds is virtualized.

One true thing about cloud storage is that it is virtualized.

Even iSCSI volumes and Fibre Channel LUNs that appear to be block devices and theoretically identical to an internal hard disk can be considered virtualized. They’re generally RAID volumes, which mean that several physical disks are presented as one or more virtual disks. In addition, software features, such as tiering, snapshots and replication, require a virtualization layer between the physical storage and the consumer. Deduplication, compression and object storage layers add additional layers of virtualized data storage.

Virtualization can be useful. A volume that appears to an application or end user as a single contiguous directory tree may include files hosted on different storage tiers, some on local hard disks and others on low-cost cloud storage tiers. This results in high-performance storage at the lowest possible cost, because virtualized data storage lets files that haven’t been accessed for a while be moved to inexpensive storage.

Cloud options

Cloud storage is often assumed to be storage in the public cloud, like Amazon S3, Google Cloud Platform and Microsoft Azure. However, many vendors offer some form of cloud storage, ranging from backup vendors, such as Barracuda and Zetta; to Oracle, Salesforce and other cloud application vendors; to alternatives to the big three, such as DigitalOcean and Rackspace.

Data center cloud products also make storage easily available to applications, whether or not they’re running locally. Dell EMC, Hewlett Packard Enterprise, Hitachi Vantara and NetApp all offer these capabilities. Some of these products are proprietary, some are single-purpose and some are based on open source standards, such as Ceph.

This was last published in July 2018

Are hyper-converged infrastructure appliances my only HCI option?

Do you prefer to buy preconfigured hyper-converged appliances, deploy software-only HCI or build your own configuration?

Preconfigured hyper-converged appliances aren’t your only option anymore. Software-only and build-your-own hyper-converged infrastructure have unique pros and cons.

Alastair Cooke


Freelance trainer, consultant and blogger specializing in server and desktop virtualization

There are multiple ways to approach a hyper-converged infrastructure deployment, some of which give IT a little more control.

When we talk about building a hyper-converged infrastructure (HCI), the mental image is usually deploying some physical appliances using high-density servers and spending a few minutes with some wizard-driven software. But buying hyper-converged infrastructure appliances is just one way to do it.

As an IT professional, you can also deploy software-only HCI on your own servers. Or you can start from scratch and engineer your own infrastructure using a selection of hardware and software. The further you move away from the appliance model, however, the more you must take responsibility for the engineering of your deployment and problem resolution.

Let’s look more closely at hyper-converged infrastructure appliances and some do-it-yourself alternatives.

Preconfigured hyper-converged appliances

Hyper-converged infrastructure appliances wrap up all their components into a single order of code. The vendor does all of the component selection and the engineering to ensure that everything works together and performs optimally.

Usually, the hyper-converged appliance has its own bootstrap mechanism that deploys and configures the hypervisor and software with minimal input from IT. For many customers, this ease of use is a big reason for deploying HCI, making it possible to largely ignore the virtualization infrastructure and focus instead on the VMs it delivers.

Software-only HCI

One of the big reasons for selecting a software-only hyper-converged infrastructure is that it offers hardware choice. You may have a relationship with a preferred server vendor and need to use its hardware. Or you may simply want an unusual combination of server hardware.

Another example is that you may want a lower cost, single-socket server option, particularly if you are deploying to a lot of remote or branch offices. If you are deploying to retail locations, you may need servers that will fit into a shallow communications cabinet rather than a data center depth rack. Once you select your hardware, you are responsible for the consequences of those choices.

Once you select your hardware, you are responsible for the consequences of those choices. If you choose the wrong network interface card or a Serial-Attached SCSI host bus adapter, you may find support is problematic, or performance may not match your expectations.

HCI from scratch

You can also build your own hyper-converged infrastructure using off-the-shelf software and hardware, a hypervisor and some scale-out, software-defined storage (SDS) in VMs.

As with software-only HCI, you are taking responsibility for this decision and its consequences. You can probably buy support for the hypervisor and the SDS, but what about potential interoperability issues between the layers? What is the service level for resolving performance problems?

Building a platform from scratch instead of buying preconfigured hyper-converged infrastructure appliances is only sensible if you have your own full support team providing 24/7 coverage.

This was last published in March 2018

Do I need converged or hyper-converged infrastructure appliances?

What’s the most important factor when choosing between converged and hyper-converged infrastructure?

Scalability, risk tolerance and cost all factor into the decision between converged and hyper-converged infrastructure. The two technologies have very different use cases.

Alastair Cooke


Freelance trainer, consultant and blogger specializing in server and desktop virtualization.

Converged and hyper-converged infrastructures have similar names, but they take very different approaches and solve different types of problems.

Converged infrastructure (CI) helps remove risk from a large virtualization deployment. Hyper-converged infrastructure (HCI) represents a rethinking of VM delivery, and it aims to simplify operation of a virtualization platform. Either converged or hyper-converged infrastructure appliances can deliver a faster time to value than assembling a virtualization platform from disparate components, but their resulting platforms will have different characteristics.

Converged infrastructure appliances

A converged infrastructure appliance is pre-configured to run a certain number of VMs, and it’s ready to be connected to an existing data center network and power supply from the time it’s built. Vendors build these appliances with components that include a storage array, some servers, network switches and all the required cables and connectors. Vendors assemble and test all of these components before delivering them to customers, and they control every aspect of the build, down to the certified firmware and driver levels for each part.

A small converged infrastructure appliance can take up just half a data center rack, and the largest might be five full racks. Usually, deployment involves professional services from the vendor, and every update requires more professional services. The aim of CI is to take the risk out of deploying a virtualization platform by having the vendor design and support the same platform across multiple customers. It is usually not designed to scale in place; for more capacity, organizations must buy additional complete converged infrastructure appliances.

Hyper-converged infrastructure

Hyper-converged infrastructure appliances are built around a single x86 server, and a group of appliances are configured together as a cluster that organizations can expand and contract by adding or removing appliances. The first consideration when choosing converged or hyper-converged infrastructure is scale.

HCI puts an emphasis on simplified VM management. It usually also includes some sort of backup capability and often a disaster recovery (DR) function. (Many hyper-converged products integrate with the public cloud for backup and DR.)

A significant feature of hyper-converged infrastructure appliances is that in-house IT professionals, rather than vendors’ professional services staff, can complete most functions, from initial deployment to adding nodes to the entire update process.

Converged or hyper-converged?

The first consideration when choosing converged or hyper-converged infrastructure is scale. A half rack of CI appliances will run 100 or more VMs, whereas five racks will run thousands of VMs. CI is not for small offices or small businesses. It’s suited for enterprises.

The second aspect is that CI is about reducing risk, even if that increases cost. All of the professional services that surround CI are areas where the vendor is paid to reduce the customer’s risk. Organizations buy CI for guaranteed outcomes, so they tend to be in risk-averse industries, such as banking, insurance, government and healthcare.

Hyper-converged infrastructure appliances are popular with organizations that do not want to think about the hardware or software underneath their VMs. These organizations want to manage a fleet of VMs with minimal effort because the value is in the applications inside those VMs, rather than the servers or hypervisors on which they run. HCI is ideally suited for scale-out workloads, such as VDI, or for nonproduction uses, such as test and development.

Some hyper-converged infrastructure appliances operate with just one or two nodes at a site. This makes them suitable for remote or branch office deployments, particularly where there are a large number of branches, such as in a retail chain. HCI’s built-in data protection is popular in these scenarios because it reduces the risk of data loss at the branch and, in some cases, allows one branch to provide DR capacity for another.

This was last published in June 2018