Ivan on the Server Side
A satellite project of labs.iximiuz.com - an indie learning platform to master Linux, Containers, and Kubernetes the hands-on way π
How Container Registries Work: Pushing and Pulling Images By Hand
Container registries look simple until you need to debug what was actually pushed, why a pull picked the wrong image, or why deleting a tag didn't remove anything. Most of the time, we interact with container registries via the docker pull and docker push commands or by setting an image name in a Kubernetes manifest. However, sooner or later, you'll run into cases where you need to talk to the registry directly: a tag points to the wrong image manifest, a pull fails because the client...
New Docker Roadmap Module + Summer Skill-Up Sale π
Good news! After several weeks of hard work, I'm happy to announce that one more module of the hands-on Docker roadmap is complete. The new module focuses on all things Container Registries: Pulling images by tags and digests Pulling images for a specific platform Inspecting images right in the remote registry Tagging and pushing images Copying images between registries Using images in air-gapped environments Standing up your own container registry Protecting a self-hosted registry with...
Learning by doing is the way, AI or not
There is a huge difference between passively reading a tutorial and actually typing in commands or code from it into your terminal. And there is an even bigger difference between doing that and inverting the approach completely - attempting to solve the problem first, and only then reading about the available solutions. I donβt know if there is an official term for it, but this style of learning wires something in your brain, both deepening understanding and making the knowledge more durable....
Ivan on the Server Side
Hello π Ivan's here with a monthly roundup of all things Linux, networking, containers, and Kubernetes. What I was working on April was a busy and fruitful month. The Hands-On Docker Roadmap 2.0 After several weeks of thinking about it, I couldn't help but revamp the Docker roadmap. A plain SVG worked fine when the roadmap had only a few dozen links, but now it points to over 100 challenges and tutorials, so a more structured UX was very much needed. And it can now ping you, so you don't...
Connect to a Playground Kubernetes Cluster with Local kubectl and MCP Servers
Hello, fellow Kubernetes enthusiast π Have you ever wanted to access a cluster started in a playground using your local tooling? Lens comes to mind first, but just being able to use your local kubectl with a remote cluster or point a Kubernetes MCP server to it can also significantly improve productivity. Connect to a Playground Kubernetes Cluster Playground Kubernetes clusters run inside remote VMs, so kubectl on your local machine can't reach the API server directly. It has always been...
iximiuz Labs update: 3x longer playground sessions and Premium for inviting friends
Hey there π A quick update, but you will love it. 3x Longer Playground Sessions How long the max playground session duration should be has been a recurring question. Obviously, the longer the better, but bumping up the default would proportionally increase server utilization, hence the platform's infra bills. At the same time, running agents in playgrounds is becoming more and more popular, and one thing about agents is that you never know when they will finish grinding. Sometimes it's just a...
Elevate your hacking game by bringing the local machine and remote VMs closer together
Hello, server dweller! I spent some time lately adding new port-forwarding capabilities to labctl (and writing docs about it), and the results are actually worth sharing because they enable several new playground use cases. There is a number of ways (and reasons) to bring the playground VMs and the local machine closer together. For example: Accessing a database launched in the playground with the local GUI client (local port forwarding). Making a local Chrome instance accessible in the...
Nested virtualization and more affordable prices come to iximiuz Labs π
Hello π I've got a double portion of good news! Nested virtualization support Have you ever wanted to run a Firecracker microVM in a playground? Or perhaps play with Kata Containers? Use QEMU without the full CPU emulation overhead? Or try that fancy agent sandboxing tool? Historically, none of the above was possible because Firecracker doesn't expose the host's CPU virtualization capabilities (Intel's VMX or AMD's SVM) to its microVMs. Without it, the microVM's kernel cannot activate KVM, so...
Ivan on the Server Side
Hello π After preparing over 100 practical exercises on Linux, Docker, Kubernetes, and networking, which have been solved more than 50K times in total, I can confidently say that the topic that attracts the least interest is building container images. No wonder most images end up bloated and full of CVEs. One reason for the lack of interest may be that container images are no-man's land. Developers may not feel the pain that bloated & vulnerable images cause in production, and the ops people...
Deep dive: How Container Images Actually Work
Hello π I just published a new tutorial: How Container Images Actually Work: Layers, Configs, Manifests, Indexes, and More Docker made container images look deceptively simple from the outside: you docker build, docker push, and docker run, and everything just works. But under the hood, the image format is an intricate graph of content-addressed objects, and, as with any abstraction, implementation details leak. The moment you start doing anything slightly more advanced - multi-platform...
A satellite project of labs.iximiuz.com - an indie learning platform to master Linux, Containers, and Kubernetes the hands-on way π