Ivan on Containers, Kubernetes, and Backend Development


Hello friends!

It's been a while... but I'm back! We're not exactly at the end of the month, but I'm here for the traditional roundup, and after that, I'll try my best to stick with the original cadence - one mid-month issue with practical container tips and tricks and one monthly summary issue.

The main theme of today's issue is the same thing that caused a half-a-year hiatus of this newsletter - iximiuz Labs. The platform has been in public beta for about a month now, and it's already gaining some traction:

I configured analytics a few days after the launch, so the actual numbers are even higher - for instance, there are more than 500 registered users (Plausible says it's only ~350). And the number of active plays (a play is an instance of a playground in my design) is simply mind-boggling. The traffic has also started increasing - and I'm ramping up the content creation, so it may very well outgrow the blog by the end of the year!


You can help iximiuz Labs evolve (and keep this newsletter going) by supporting my work on Patreon. Patrons get extra insights into my development and creative processes, premium Labs access, and invite to a private Discord community of container and Cloud Native enthusiasts πŸ˜‰


Learning Containers: The Guided Way

Speaking of the content, I'm still experimenting with the formats, but the first chunk has already been shipped - two lessons of my course on containerd are now available on the platform. You can learn how to use containerd from the command line, get acquainted with its default CLI client (ctr), and through that, improve your understanding of containers and/or hone your debugging skills. The beauty of containerd is that it's a relatively low-level runtime, so by simply playing with it, you're getting lots of insights into what containers actually are (and in this course, I'm doing my best to guide you through the process).

Every course lesson is accompanied by a playground (i.e., a web terminal on the side) where you can try showcased ctr commands without leaving the browser. But that's not only it! For me, the coolest part is the practice sections after every lesson! Copy-pasting (or better retyping) the commands from the theoretical part is a necessary first step, but free-form exercises are going to prepare you for the tough reality of production much better - and the automatic verification of solutions should make the experience quite engaging, just check out the video:

​

Learning Containers: The Freestyle Way

Courses and tutorials are great, but sometimes you need a place for freestyle experimentation. Well, at least I do, often. Sandbox environments should get you covered - with Docker, Kubernetes, Podman, containerd, nerdctl, or just vanilla Ubuntu, Alpine, or Rocky Linux machines that start almost instantly and can be disposed of after every experiment. I'm constantly polishing these environments, adding various handy tools (but hopefully not overdoing it):

​

The Internal Kitchen of The Labs

Over the past six months, many people asked me about the internals of iximiuz Labs - I'm always happy to share my learnings, but this time the scope was so big that I've been postponing the blog post for way too long. And this makes me double excited to announce that it's finally out! Almost 5000 words and a ton of visuals - How I built my own learning-by-doing platform.

Here is a sneak peek - the high-level architecture of the platform:

And here is my attempt to answer the most popular question - how the networking part of the playgrounds is done:


What I was reading

Likely much like yours, my feeds have been dominated by posts on ChatGPT and the like. While the technology is worthy (well, without Copilot, I'd still be halfway through the development of the Labs, and ChatGPT helped me out on several occasions, including chasing and fixing some sneaky bugs), the content quality about it is typically mediocre at best. So I won't be retranslating most of it except when it's an intersection of AI and one of my traditional spheres of interest.

​Exploring Firecracker MicroVMs for Multi-Tenant Dagger CI/CD Pipelines - A topic close to the heart. Felipe Cruz from Docker describes his journey with making use of Firecracker MicroVMs. It's so close to what I've been doing, and the read is so good that I decided not to write such a post myself and instead focus on the specifics of my platform. Definitely worth your time if you want to play with Firecracker.

​Fun with Containers - Adding tracking to your images - An ingenious way to track every time someone pulls your image (stored on any registry, including Docker Hub). Curious to see how people actually may use it in the real world.

​Cloud Native Security Talks - Rory McCune keeps educating people on cybersecurity. This (newborn) collection is a truly herculean effort.

​LocalStack: Why Local Development for Cloud Workloads Makes Sense - I’ve been very skeptical about LocalStack, but if Corey says it’s good enough… So, decent local mocking is possible, after all. Is it just a matter of how big the pain of not having those mocks is?

​Imperative, Declarative, Interrogative, and Exclamative Interfaces - There are four different types of sentences in English: imperative, declarative, interrogative, and exclamative. In programming, the imperative and declarative paradigms are already widespread, and the interrogative paradigm is becoming more and more popular with the rise of chats. But Matt [Rickard] goes one step further - what if the exclamative programming parading is about to emerge? When the task is too complex to program the solution right away or describe the desired solution to an LLM, the only thing that's left is to keep shouting at the model until it produces a good enough result.

​Reflections on 10,000 Hours of DevOps - Matt Rickard again. A great list of tips & tricks, likely learned the hard way.

​Distributed Systems and AI - OpenAI runs on Kubernetes. "Even in a world where AI-assisted code reigns β€” being a distributed systems expert might be the key to unlocking AI in every program." Hey, we're not losing our jobs just yet! Jokes aside, we may very well all stop writing code soon (and start reading/editing tons of generated code instead), but the hardest thing to replace with AI will be all sorts of system design (and operation) skills - something I'll be focusing more and more in my Labs.

​I Used GPT-3 to Find 213 Security Vulnerabilities in a Single Codebase - Ok, some good use of the (in)famous tech here. And I've heard Snyk has already productized something like it (but I haven't had a chance to try it myself).

​All the Hard Stuff Nobody Talks About when Building Products with LLMs - Finally, someone's being real and pragmatic about adding LLM-powered features to an existing product. TL;DR It's challenging, potentially dangerous (due to prompt injections), with questionable usefulness of the produced results, and a lot of "prompt engineering" alchemy (that may work today and stop working tomorrow).

​I’m Now a Full-Time Professional Open Source Maintainer - An interesting read on how one can start making a (pretty good) living as a full-time OSS maintainer. TL;DR Make a few companies using your OSS projects to sign retainer agreements with you offering them some peace of mind and potential impact on the projects' roadmaps, and then get back to your beloved code. I kinda liked it.


Wrapping up

This was probably the largest issue so far, but I had a lot to share after such a long break. And it feels good to be back! The next (mid-month) issue will likely be on OrbStack - a promising high-level container runtime for macOS that claims to be (yet another) Docker Desktop replacement (although I'm personally more interested in its VM- than container capabilities - still missing Vagrant and VirtualBox on Apple Silicon).

Until then, have fun with the Labs, and please consider supporting my work!

Cheers

Ivan

Ivan Velichko

Building labs.iximiuz.com - a place to help you learn Containers and Kubernetes the fun way πŸš€

Read more from Ivan Velichko
Diagram showing desired network policy configuration between frontend and backend pods

Hey, fellow server dweller πŸ‘‹ Ivan here with an exciting iximiuz Labs update! The month isn't over yet, so it's not quite time for the traditional monthly roundup. However, there have been so many updates on the platform in the past couple of weeks that they couldn't possibly fit into a single email. So, let's dive in πŸš€ Backend Revamp: Faster, Smarter, Stronger Over the past few weeks, I rolled out a significant backend rewrite at iximiuz Labs, and I couldn't be more excited to share the...

Hello πŸ‘‹ Ivan's here with November's roundup of all things Linux, Containers, Kubernetes, and Server Side πŸ§™ What I was working on This month was (extremely) development-heavy. Two-thirds of it went into the implementation of custom playground machinery and a new Kubernetes "Omni" playground, and in the last part, I was unexpectedly busy with expanding the platform's capacity and launching a new server in India πŸŽ‰ The latter became possible thanks to the support of all of you who got the premium...

Hello, fellow server dweller πŸ‘‹ I've got two exciting announcements to make. Starting with the shorter one, this year, I decided to give Black Friday a try. This is an experiment - iximiuz Labs hasn't done sales before and won't have any in the foreseeable future, at least not until next November. So, if you wanted to get a premium membership but the price felt too high, this is your rare chance to get it with a 50% discount. The offer is limited to exactly one week. Now, to the second, much...