Hello 👋 It's this time of the month again! My traditional roundup of all things Linux, Containers, Kubernetes, and Server Side, delivered straight into your inbox 📬 What I was working onOctober was very productive for me - I shipped no major iximiuz Labs features (it's always hard to resist the temptation!) and instead dedicated all my available time to content work. The main focus was on Container Images. It's the subject of the first module of my "panoramic" Docker course, and it is almost done (the module, not the course 🙈). The content is pretty self-sufficient, so I'll likely release the first five-ish lessons (and a bunch of accompanying challenges) in November without waiting for the rest of the course materials. While working on the first module, I wrote two complementary posts. One is about picking the The second post (that I published just a couple of days ago) is on how to build small(er) and secure(r) container images using multi-stage builds. This is no new feature, and there are plenty of posts on Docker multi-stage builds on the Internet, yet I keep running into single-stage Dockerfiles, often started with a Another reason there aren't enough multi-stage builds may be that Dockerfiles fall into a no man's land. Application developers are usually too overloaded to prioritize proper image composition, while DevOps folks may be more attentive to it, but often lack detailed knowledge of specific language stacks. After all, there are countless ways to build a Node.js application or choose a runtime base image for a Go service. To address this, I’ve included a section with several practical examples on structuring multi-stage Dockerfiles for Node.js, Java, PHP, Rust, and Go applications (and hopefully, Python examples will be added eventually as well). Last but not least, I had the chance to join a podcast! Huge thanks to the mkdev.me team for the invitation and for making it such a great experience 💙 Here’s the transcript, along with YouTube and Spotify links: The Art of Tech Blogging with Ivan Velichko from Iximiuz Labs What I was readingAdvanced Dockerfiles: Faster Builds and Smaller Images Using BuildKit and Multistage Builds - Did you know that you can have conditional A good question on r/node: Why Do Docker containers share RAM for files memory mapped from the same layer but a different image? - Another great question! It’s actually slightly more specific than the title - assuming you have two images based on the same Linux base image, would the identical shared objects ( AWS data center latencies - A fun visualization of DC to DC latencies right on a 3D globe. Don’t know how trustworthy the data is, but at first sight, the numbers look plausible. Understanding Round Robin DNS - An entertaining read about the author's experience with round-robin DNS. The original assumption was that round-robin DNS could be used as a free load-balancing solution. The author set up 3 servers (US, EU, Asia) and created 3 DNS A records with the same hostname but different IP addresses. Accessing this host from Chrome, Firefox, Safari, and Understanding DNS resolution on Linux and Kubernetes by Jérôme Petazzoni - The beginning and the end of the post describes the author’s Service Discovery in Kubernetes: Combining the Best of Two Worlds by… yours truly - There was a phrase in Jérôme’s post that I don’t fully agree with - "Kubernetes provides DNS-based service discovery." In this (older) post, I argue that Kubernetes has rather a hybrid service discovery implementation that I call "Network-Side Service Discovery". Kubernetes networking: service, kube-proxy, load balancing - A massive read by Gulcan Topcu from Learnk8s! It’s packed with so many illustrations, probably more than most blog posts have words. Highly recommend it if you’re just starting out with Kubernetes networking. https://github.com/f1ko/demystifying-cni - finishing the topic of Kubernetes networking for today. The repository offers an explanation of what the Container Network Interface (CNI) actually is and how to write one from scratch. Because what could be a better way to learn? Good Retry, Bad Retry: An Incident Story - Another massive read. This time on the role of retries in a large-scale micro-service architecture. If you already tried exponential backoff, and it didn’t help, go read that post. Otherwise, just add the backoff - from my experience, in 90% of the cases, it’s everything you need. How do HTTP servers figure out Content-Length? - A short and sweet post that may make you start thinking about the hidden complexities of the simple on-the-surface HTTP protocol. If the headers are sent before the response body, and there is a Content-Length header, should the server buffer the whole response in memory before sending it to the client? What if it’s a few gigabytes of data? What about streaming responses like server-sent events? Deployment process with Hashicorp Nomad by Maksym Prokopov - Kamal keeps popping up on my radar as a simpler (compared to Kubernetes) deployment option. But we should not forget about Nomad’s existence - it has a bunch of nice qualities, including “native” integration with Consul and Vault. Thinking Like an AI - An enjoyable read on how LLMs actually generate their output. It's tremendously oversimplified, but nevertheless, I find it helpful for people like me who don’t have time to read a proper explanation - understanding this kind of basics makes my daily interactions with GenAI more efficient. Writes and Write-Nots by Paul Graham - What an irony! While one of the main AI promises today is to make us all smarter, PG predicts that GenAI will actually make humanity dumber by “freeing” us from the need to write [for work or pleasure]. Writing is thinking. Wrapping upHow is iximiuz Labs doing? I'm glad you asked! While it didn't break the September record, the combined revenue from Patreon contributions and Premium membership sales in October again crossed the $3,000 mark. And the platform's usage also kept steadily growing. Here are some interesting facts:
It looks like more and more people return to iximiuz Labs for its playgrounds - not a particular piece of content I may have published. Cases I know of:
I also keep getting requests for purchasing power parity discounts (PPP), and I'm gladly offering them to people outside of Western Europe and the US. However, too few discount codes I offered converted into actual sales, and it made me reconsider my discount policy. Now, I'll be trying to match Netflix's pricing model - thanks to a few people who suggested it on Twitter. This basically means that the discounts I offer will be more generous. If you wanted to buy the premium membership but the price was too high, or the discount I gave you was too small, please reach out - we'll find a solution! And, of course, always double-check - chances are, you can expense iximiuz Labs Premium membership using your learning and development budget. Have a productive November! Cheers Ivan |
Building labs.iximiuz.com - a place to help you learn Containers and Kubernetes the fun way 🚀
Hey there, I’ve just finished putting together everything I know about Node.js container images and figured you might find the write-up useful. If you’re working with Node.js in Docker, chances are you’ve been hit by the dilemma of which base image to use. Do you go for the default node:latest, the slimmer node:22-slim, or something super minimal like a distroless image? What about Bitnami’s alternative — how does it stack up? Before you jump headfirst into your next build, you might want to...
Hello 👋 Ivan's here with a slightly delayed September roundup of all things Linux, Containers, Kubernetes, and Server Side 🧙 What I was working on This month, I worked on an assorted set of topics. Skill Paths First off, the skill paths! I finally finished the underlying machinery, and now iximiuz Labs supports a new type of content - short roadmaps that you can use to develop or improve a specific skill: how to debug distroless containers, how to copy images from one repository to another,...
Hello friends! Ivan's here with another monthly roundup of all things Linux, Containers, Kubernetes, and Server Side 🧙 The issue's main topic is iximiuz Labs' largest-ever upgrade: Fresher and more streamlined look of the frontend UI 💙 A new 5.10 Linux kernel built with nftables support (finally, we can try out kube-proxy's nftables mode). New default playground user - laborant (yep, rootless containers learning for). New playgrounds: Ubuntu 24.04, Debian Trixie, Fedora, and Incus (yay! more...