Software Engineer at day. Tech Storyteller at night. Helping people master Containers.
Hi friends!
It's Ivan again, with my traditional roundup of all things around iximiuz.com.
Remember that article on Kubernetes I mentioned last time? While I was finishing the last month's issue, the article made it to the front page of Hacker News, thanks to its controversial title: How Kubernetes Reinvented Virtual Machines. When I was done with the newsletter work, I got pleasantly surprised by the number of new readers on the blog. At moments like that, you know for sure that all these hours of suffering writing are worth it!
And now to the updates & announcements!
SPONSORED How Passwordless Works is yet another masterpiece from Teleport. Not a typical shallow corporate blog publication but a deep technical write-up explaining how the new Web Authentication protocol works. If everything goes well, we'll soon be having one more key on our physical keychains, and the days of passwords and password managers will be gone.
β
I've been dodging invitations to speak since forever (well, I'm a writing guy), but this month I finally decided to give it a try:
I'm looking forward to these streams (but, hell, am I nervous!), and I hope you'll tune in too!
β
I've been doing a lot of research this month on how to produce small(er), fast(er), and secure(r) container images. Most of the results are yet to become articles, but I already have something to share: In Pursuit of Better Container Images: Alpine, Distroless, Apko, Chisel, DockerSlim, oh my!β
On the birdy-side of things, there was a bunch of tweets that attracted people's attention:
β
β
Well, that was a big one... But I want to believe I shared only the worthy bits! I should probably start sending this newsletter twice a month to make it more digestible, though π
Stay safe and healthy!
Cheers,
Ivan Velichko
Software Engineer at day. Tech Storyteller at night. Helping people master Containers.
Hello friends! Ivan's here - with a well overdue February roundup of all things Linux, Containers, Kubernetes, and Server-Side craft π§ What I was working on A lot of stuff on the dev side - not so much on the content side. But things are soon to reverse π€ Announcing labCTL - the long-awaited iximiuz Labs CLI A dozen people have asked me over the past year-ish if there'll be access to the playgrounds from the local terminal and not only from the browser. And while I myself wanted this feature...
Hello there! π Debugging containerized applications is... challenging. Debugging apps that use slim variants of container images is double challenging. And debugging slim containers in hardened production environments is often close to impossible. Before jumping to the DevOps problems that I prepared for you this week, let's review a few tricks that can be used to troubleshoot containers. If the container has a shell inside, running commands in it with docker exec (or kubectl exec) is...
Hey hey! Are you ready for your next DevOps challenge? Last week, we all witnessed yet another terrifying cyber-security event, and this time, it was a direct hit - researchers from Snyk discovered a way to break out of containers! π€― The vulnerability was found in the fundamental component of the containerization ecosystem - the most popular implementation of the (low-level) OCI container runtime - runc. Notice how, on the diagram above, most high-level container runtimes actually rely on the...