Posts by tag

Docker

16 posts
View Post
  • 6 min

gVisor Improves Performance With Root Filesystem Overlay

Overview Container technology is an integral part of modern application ecosystems, making container security an increasingly important topic. Since containers are often used to run untrusted, potentially malicious code it is imperative to secure the host machine from the container. A container’s security depends on its security boundaries, such as user namespaces (which isolate security-related identifiers and attributes), seccomp rules (which restrict the syscalls available), and Linux Security Module configuration. Popular container management products like Docker and Kubernetes relax these and other security boundaries to increase usability, which means that users need additional container security tools to provide a much stronger isolation boundary between the container…
View Post
Share
View Post
  • 5 min

Mastering Distroless: A Guide To Building Secure And Efficient Docker Images

With the rise of Docker came a new focus for engineers: optimizing the build to reach the smallest image size possible. A couple of options are available: In this post, I’m going to focus on the second point – choosing the smallest base image size. Minimal base images Three approaches are available for base images: From Scratch You can use Docker’s reserved, minimal image, scratch, as a starting point for building containers. Using the scratch “image” signals to the build process that you want the next command in the Dockerfile to be the first filesystem layer in your image. While scratch appears in Docker’s repository on the hub,…
View Post
Share
View Post
  • 10 min

Streamlining Your Django Development Environment With Docker Containers

In this tutorial, I’ll show how you can create a shared and repeatable development environment that your entire team can use while working on a Django application. We’ll use Docker to containerize not only your Django application, but a PostgreSQL database, Celery instances, and a Redis cache server. Along the way, we’ll use best practices to improve developer productivity and keep configuration maintainable. Setting Up Docker This article will assume we’re using Ubuntu 22 but don’t worry if you’re on Windows or Mac. Installation instructions for all platforms can be found on the Docker website. To get started installing Docker for Ubuntu, we’ll…
View Post
Share
View Post
  • 5 min

Docker’s Bad Week

Instead of focusing on the poorly communicated decision to sunset Free Teams, look at the company’s overall direction to focus on what developers want. Docker had a bad week. What’s less clear is whether Docker deserved it. For those who haven’t heard, last week Docker announced that it was sunsetting Free Team subscriptions. Some in the open source world read this as “pay up or lose your data.” In light of the uproar, Docker was quick to apologize: “We did a terrible job announcing the end of Docker Free Teams.” Unsurprisingly, this failed to placate its most vociferous critics: “The open source community…
View Post
Share
View Post
  • 3 min

How To Build And Push A Docker Image With Cloud Build

If you want to create a serverless service, you’ll want to check out Cloud Build.Cloud Build is a popular Google Cloud service that allows you to execute your builds on Google Cloud. Cloud Build can import source code from various repositories or cloud storage spaces, execute a build to your specifications, and produce artifacts such as Docker containers or Java archives. Cloud Build is serverless, which means it scales up and down with no infrastructure to set up, upgrade, or scale. In this blog post, we’ll learn how to build and push a Docker image with Cloud Build. If you…
View Post
Share
View Post
  • 3 min

Demonstrating Your K8s Scheduler With Kube-Scheduler-Simulator In A Real Cluster

In the previous post, I wrote how we can develop our own scheduler with kube-scheduler-simulator. If you could implemented your new scheduler, you may want to try it in a real cluster.In this article, I describe how to port a scheduler implementation, which is designed to work with kube-scheduler-simulator, into a real cluster, and a way to demonstrate the difference between the new scheduler and the default one by using the frontend part of kube-scheduler-simulator. How to deploy your scheduler into a real cluster? An official document “Configure Multiple Schedulers” contains an explanation of how to deploy a scheduler to a cluster. What we…
View Post
Share
View Post
  • 10 min

A Guide To Databases On Google Cloud Part 3 – Cloud Spanner! & CRUD It With Spring Boot On Cloud Run

In this blog We are going to experiment with CRUD on a Java Spring Boot application using Cloud Spanner’s DML API deployed on Cloud Run, without using a Dockerfile (yes, too good to be true, but it is!). For this experiment, I have taken the use case of the Badminton Court Reservation for a residential community. I have my reasons (happy to share). I have encountered this problem in my community where the same bunch of people occupy all available courts daily. This will serve well because they can only book a slot for an hour a day and that…
View Post
Share
View Post
  • 7 min

Docker Monitoring Tutorial – How To monitor Docker With Telegraf And InfluxDB

How to Monitor Docker with Telegraf and InfluxDB Docker is an increasingly popular choice for businesses dealing with containerized applications. However, as with any new technology, Docker introduces complexities that need to be managed. Some of these complexities relate to infrastructure and application monitoring. Due to the abstraction offered by containers, traditional monitoring solutions might not be suitable for Docker-based workloads. Thankfully, tools like InfluxDB and Telegraf can help you mitigate this complexity, letting you monitor Docker-based applications easily. This tutorial will teach you how to set up and configure InfluxDB and Telegraf to collect metrics from a Docker installation. Why monitor Docker As with traditional…
View Post
Share
View Post
  • 9 min

Local Env As Code: Is It Possible Yet

In the past decade, we’ve seen the rise, standardization and meme-ification of “as code”: Infrastructure as Code, Monitoring as Code, Policy as Code and soon perhaps Data as Code. Essentially, “Stuff as Code” is the practice of statelessly automating the management of “stuff” via version-controlled, declarative configuration files. Therefore, it’s worth asking if the same DevOps practice can be applied effectively to a set of unstable resources even more near and dear to developers than their backends – their local coding environments. The common problem of developer environment configuration drift is a minor inconvenience when revisiting old projects or following outdated…
View Post
Share
View Post
  • 3 min

Introducing Opta: Terraform On Rails

Engineers today work inside a perpetual good news-bad news dichotomy. On one hand, the tools, infrastructure and capabilities at their disposal give them what an engineer ten years ago would probably consider superpowers: Containerization and virtualization, continuous integration/continuous delivery, microservices and serverless, Kubernetes, and the incredible development of the cloud woven through all of these things. On the other hand, engineers also have to manage all those things to some degree. And as anyone who has ever had to configure a Kubernetes cluster, or manage Terraform can tell you, that’s the bad news. Writing code and business logic is only…
View Post
Share