Hi friends!
It's Ivan again, with my traditional roundup of all things around iximiuz.com.
This month was mostly about container images and container runtimes. Here is what I've got for you:
Let's get started!
SPONSORED Packages and software supply chains get compromised more and more often. So, everyone these days should be a security expert. I already confined every my project to a separate VM, but how can I know if there is some malicious activity happening inside? Learn how to use the Linux audit system in this practical post by Teleport (no marketing fluff).
β
While preparing for one of the workshops, I came up with the following visual explanation of the low-level container runtime:
If this topic sounds interesting, you can find a few useful links in this Twitter thread.
β
Might be not fully accurate, but this explanation could help get through a popular misconception:
September 24th 2022
|
β
To improve your container game π
Since (a very recent) discovery, this trick has saved me hours! Turns out, you can exec, stop, kill, remove, etc docker containers using just a short prefix of their IDs! Instead of typing (or rather copy-pasting):
docker rm b5758e341c2a
...you can just go with:
docker rm b5
Credit goes to Michael Irwin!
β
Another Docker trick that I learned on Twitter (thanks to Chris Guest). Turns out, the buildx plugin supports this for quite a while:
docker buildx build -o <some-dir> .
This is pretty powerful since it allows you to use Docker as a build system. You can find more details here (bake is the keyword to look for).
Not so much about containers, but I must share them:
β
This is a new (and quite challenging) category for me, but I'm glad I gave it a try:
β
On the blog, Twitter, ...and GitHub!
A yet another awesome list of resources? Nope, it's a list of awesome resources!
I started this GitHub project to collect links to (and thoughts about):
And I'm hoping for your contribution!
Over the past few months, I spent quite some time researching the topic of how to create decent container images. Distroless (1.0) is one of the ways. You can learn more about the limitations of the scratch base images and the pros and cons of the distroless (aka "scratch for everyone else") base images in the below Twitter thread or in a long-form write-up on my blog - What's Inside Of a Distroless Container Image: Taking a Deeper Look:
September 5th 2022
|
β
Collected a bunch of receipts in this blog article.
...is another popular misconception. Intrigued? Then read on!
For the digital archeologists (like myself), I called out on Twitter asking folks if the Docker's history is documented somewhere. The thread received lots of great replies (with some of them coming from people who are/were directly involved), shedding light on Docker's original architecture (monolith written in Go, essentially just a UX layer on top of LXC), its evolution (LXC's functionality got re-implemented in Go giving birth to, first, libcontainer, and then runc) and reshaping (containerd being factored out). Go check it out π
β
And that's all the links for today!
β
Well, I thought the previous one was big... I should probably start doing this newsletter twice a month, what do you think? Hit reply and let me know :)
β
Cheers
Ivan Velichko
β
Building labs.iximiuz.com - a place to help you learn Containers and Kubernetes the fun way π
Hey, fellow server dweller π Ivan here with an exciting iximiuz Labs update! The month isn't over yet, so it's not quite time for the traditional monthly roundup. However, there have been so many updates on the platform in the past couple of weeks that they couldn't possibly fit into a single email. So, let's dive in π Backend Revamp: Faster, Smarter, Stronger Over the past few weeks, I rolled out a significant backend rewrite at iximiuz Labs, and I couldn't be more excited to share the...
Hello π Ivan's here with November's roundup of all things Linux, Containers, Kubernetes, and Server Side π§ What I was working on This month was (extremely) development-heavy. Two-thirds of it went into the implementation of custom playground machinery and a new Kubernetes "Omni" playground, and in the last part, I was unexpectedly busy with expanding the platform's capacity and launching a new server in India π The latter became possible thanks to the support of all of you who got the premium...
Hello, fellow server dweller π I've got two exciting announcements to make. Starting with the shorter one, this year, I decided to give Black Friday a try. This is an experiment - iximiuz Labs hasn't done sales before and won't have any in the foreseeable future, at least not until next November. So, if you wanted to get a premium membership but the price felt too high, this is your rare chance to get it with a 50% discount. The offer is limited to exactly one week. Now, to the second, much...