Ivan Velichko

Ivan on Containers, Kubernetes, and Backend Development

Published over 1 year ago • 2 min read

Hi friends!

Ivan's here, with a monthly roundup from

I just finished an article on Kubernetes, and as always, it took me million hours to get from the first draft to a decent quality write-up. For better or for worse, there is no such thing for me as quick writing. But now it's getting late over here, so I'll have to keep the newsletter rather short.

SPONSORED Passwords are secrets, but secrets tend to leak. Certificates might be superior to passwords in many cases, but they are also secrets after all. Check out this good read by Teleport to learn How to Access Infrastructure Without Usernames and Passwords using provable identities. The future is bright and passwordless!

What I Was Working On

Continuing the June theme, I managed to find some time in July to work on my (not so) secret Kubernetes UI. The visualizations are much smoother now (check out that rolling Deployment recording below), but the rest of the changes were mostly plumbing and hardening, so no new functional to demo yet.

What I Was Writing

There is one but rather big article I'd like to share this month: How Kubernetes Reinvented Virtual Machines. This article might feel less technical than my usual writing, but the intent was to tell a relatable story. It's based on my 10+ years of experience and observation of how people develop, deploy, and operate web services. And it's an illustrated one! Just to give you some taste:

I've also been pretty active on Twitter and published a few threads you may find interesting (or controversial):

Last but not least, DockerSlim officially announced its Docker Compose support. Now you can optimize images that are a part of the compose service definition with a single command. And while I didn't participate in the technical implementation of this feature, I'm happy to share the news 🎉

What I Was Reading

Stay Tuned

And this is it for July. Stay safe and healthy!


Ivan Velichko

Ivan Velichko

Software Engineer at day. Tech Storyteller at night. Helping people master Containers.

Read more from Ivan Velichko

Hello there! 👋 Debugging containerized applications is... challenging. Debugging apps that use slim variants of container images is double challenging. And debugging slim containers in hardened production environments is often close to impossible. Before jumping to the DevOps problems that I prepared for you this week, let's review a few tricks that can be used to troubleshoot containers. If the container has a shell inside, running commands in it with docker exec (or kubectl exec) is...

10 days ago • 1 min read

Hey hey! Are you ready for your next DevOps challenge? Last week, we all witnessed yet another terrifying cyber-security event, and this time, it was a direct hit - researchers from Snyk discovered a way to break out of containers! 🤯 The vulnerability was found in the fundamental component of the containerization ecosystem - the most popular implementation of the (low-level) OCI container runtime - runc. Notice how, on the diagram above, most high-level container runtimes actually rely on the...

29 days ago • 1 min read

Hello friends! Ivan's here - with my traditional monthly roundup of all things Linux, Containers, Kubernetes, and Server-Side craft 🧙 What I was working on After my announcement of the iximiuz Labs GA earlier this month, the platform's usage has more than doubled, so I had to focus on the system's stability and UX. As a result, I increased observability and test coverage, added one more bare-metal server, streamlined a bunch of use cases, and fixed a few bugs. The most notable user-facing...

about 1 month ago • 3 min read
Share this post