Ivan's here with a monthly roundup from iximiuz.com.
May was nuts! The new job and the first time ever KubeCon trip made it quite overwhelming for me. But it was definitely great!
SPONSORED (but highly relevant) Access Multiple Kubernetes Clusters - the right way. Yet another good read by Teleport with some practical advice sprinkled with a bit of Kubernetes API theory. Go check it out!
What I Was Working On
I started the month from digging into the DockerSlim codebase (Yay, I do open source for a living now!) The top-level idea of the DockerSlim project is simple - take a (potentially huge) container image, run it, collect the usage stats, and then build a new (hopefully slim) image putting into it only the tracked files. However, as always, the devil is in the details. So, I spent like a week learning the ins and outs. As usual, it ended up with a diagram:
The DockerSlim project started more than 7 years ago, when Docker was (kinda sorta) the only option to run containers (hence, the project name), and most of the use cases were as simple as a single `docker run <image>`. Nowadays, though, you'll rarely find a production image that can run in isolation - all sorts of sidecars and external dependencies are expected. So, my first (non-trivial) DockerSlim contribution was adding the initial Kubernetes support. Instead of running a single container image locally, I'm teaching DockerSlim how to trace and minimize workloads running in a Kubernetes cluster!
The Kubernetes runtime support for DockerSlim is still WiP, but I managed to get the PoC done during the second week of May, so there was a good reason for us to go to KubeCon and get the initial feedback. KubeCon was awesome! I met the Slim.AI team, I met a number of great folks whom I knew from Twitter and other online communities, and I got tons of ideas and inspiration from hordes of like-minded people hanging around!
The best part of KubeCon is the people you get to meet here! @SlimDevOps @LindsayColbern @SaiyamPathak @kcqon @m_wimpress pic.twitter.com/sfiA7dSJnC
May 18th 2022
One of these ideas was actually an enhancement for DockerSlim! Keeping images slim is generally preferred, but there are downsides too. For instance, slim images typically lack debugging tools. So, inspired by the Kubernetes Ephemeral Containers talk, we decided to conduct a mini-hackathon right during KubeCon and implement the new `docker-slim debug` command. Surprisingly (never thought a conference might be the right place for coding), it went really well, and despite the maximum possible level of distraction, Dan Čermák made this new command happen, almost in no time. Kudos to Dan!
What I Was Writing
I'll be honest, it was quite challenging to find time for writing this month. But I managed to extend the Kubernetes API series a bit - the new article How To Develop Kubernetes CLIs Like a Pro shows how to use the `k8s.io/cli-runtime` library to build CLI tools that behave like and are as potent as the mighty `kubectl`. I also summarized my first impression from Kubernetes Ephemeral Containers and `kubectl debug` Command - check out this illustrated post where I explain the internal kitchen of ephemeral containers revealing a bunch of potential pitfalls.
What I Was Reading
Much like with writing, there was very little time for reading:
- Docker Extensions Preview - Docker Desktop got extensions support! This definitely increased chances that I won't be removing it from my Mac any time soon. By the way, there is already an extension by Slim.AI - it allows you to explore image content (nah, `dive` can do it) and even perform two-side diffs (well, that's something!)
- An Overview of Docker Desktop Alternatives - for those of us who decided to move away from Docker Desktop after the recent licensing change. I personally discovered Lima and Colima. Will definitely be trying them soon.
- [Docker as] A Universal Package Manager - Matt Rickard again, love his unique perspective of everyday things.
- Load balancing and scaling long-lived connections in Kubernetes - yet another great piece from learnk8s.io where Daniele Polencic explains some Kubernetes networking limitations, naturally justifying the need for the Service Mesh technology (and using no buzzwords).
- Share a kubectl tip below that you think a lot of users don’t know about - a twitter thread by Ahmet Alp Balkan where every Kubernetes user will find something useful for them.
- An AWS Free Tier Bill Shock: Your Next Steps - a good and practical piece of advice from the chief cloud economist Corey Quinn.
- I think the CTX package on PyPI has been hacked! - whoops, it happened again.
Well, this is it for the May roundup. See you in June! And until then, stay safe and healthy!