Different ways to build container images

Photo by Debby Hudson on Unsplash

In 2015 Docker and some other leaders in container technologies created the OCI (Open Container Initiative) to define :

  • the Image Specification: how a container image must be structured
  • the Runtime Specification: how a container must be run from an Image Specification

The commanddocker image build is probably the best known to create a container image. However on top of Docker there are other tools that know how to build an image (how to structure its filesystem and provide the associated metadata) so that it conforms to the image specification.

In this article we will illustrate the usage of 3…


Overview of the enhancements made to this demo application

Photo by Joanna Kosinska on Unsplash

As I used (and will use) the VotingApp in other articles to illustrate different kind of container’s related technologies, I will present here the whole application and the enhancements that have been done recently. I’ll just reference this article from other ones to avoid too much duplication.

The VotingApp is a demo microservices application created by Docker, it is mainly used to illustrate Docker and Kubernetes functionalities. Basically, it allows a user to vote from a web interface and to see the results from another one.


Run containers with an added layer of security

Photo by Michael Dziedzic on Unsplash

When I deliver Docker trainings, I usually provide each participant an Ubuntu VM and ask them to install Docker using the following command:

$ curl -sSL https://get.docker.com | sh

The output of this command has slightly changed with Docker 20.10 as it now provides information on how to run Docker in rootless mode, which means having a Docker daemon running with the current user instead of root. In this article we will see how this can be done and what this implies.

Running a rootless Docker daemon

Using Multipass we create a Ubuntu VM named docker and get a shell in that one:

$ multipass…


Running single or multi-node k0s clusters the easy way

Photo by Vladimir Mokry on Unsplash

A lot has happened in the k0s environment since I wrote my first article about k0s a couple of months ago. In this new article, we will first show the simplified setup of a single node cluster, next we will illustrate the usage of k0sctl, a k0s’ companion tool which sets up a multi-nodes cluster in a very easy way.

Creation of a single node cluster

k0s make the creation of a single-node cluster even more simple thanks to the introduction of a --single flag in version 0.12. …


Let’s see how k0s makes the Air-Gap installation an easy process

Photo by Kabiur Rahman Riyad on Unsplash

🔥 Following several comments I had on LinkedIn, I must emphasize this article only covers a very simplified way to perform an air gap installation. It is not for sure a complete guide to setup a resilient / secure / observable / upgradable production cluster.

In companies with high security constraints, it might be needed to install a Kubernetes cluster on machines without any internet access. …


Focus on the application and forget about Kubernetes internals

Photo by Joan Gamell on Unsplash

If you are a developer, chances are you have already been asked to deploy your applications on a Kubernetes cluster. You have probably figured out this is not an easy task, especially if you don’t know Kubernetes that much. Kubernetes is a huge beast, and knowing how to define (YAML all the way) and manipulate the basic resources it offers (Pod, Deployment, Service, ConfigMap, Secret, …) is not straightforward, left alone the more advanced resources (NetworkPolicies, RBAC related ones, …).

Today there is no doubt Kubernetes is the solution of choice to run containerized applications. But, as a developer, most…


Several ways an application can be deployed in Kubernetes

Photo by Elena Mozhvilo on Unsplash

In this article we will use the VotingApp, a sample microservices application, and deploy it in Kubernetes using different approaches and tools. We will see the particularities of each so you can have a good idea which one is the most appropriate for your needs.

ℹ️ If you do not know the VotingApp, please check this short article presenting the application and its different versions.

In the following parts we will setup a single node k0s Kubernetes cluster and show how to deploy the different versions of the VotingApp using raw…


An easy way to discover and play with Rook on the local machine

Photo by Nick Fewings on Unsplash

In a previous article, we presented Rook and used it to set up a HA Ceph cluster. In this new article, we will install Rook on a single node K3s cluster as it’s a good way to get started with this great CNCF project.

Setup of the k3s cluster

For the purpose of this article, we will use local VM provisioned on VirtualBox using Vagrant. The Vagrantfile below defines:

  • the configuration of the VM that will be created: the Linux distribution used, its IP address (192.168.33.10), the amount of RAM (2G), the addition of a disk with a capacity of 10G
  • setting up K3s and…


An intuitive graphical tool to define complex network policies

Dragonfly
Dragonfly
Photo by Andreas Weilguny on Unsplash.

Cilium, the eBPF-based networking solution, just released a web editor to facilitate the creation of Kubernetes network policies. In this article, we will demo the tool and use it to define a sample network policy.

A Quick Presentation of Cilium and eBPF

“Cilium is an open source project that has been designed on top of eBPF to address the networking, security, and visibility requirements of container workloads. It provides a high-level abstraction on top of eBPF.” — Cilium blog

Cilium has a wide application domain and is commonly used as a CNI plugin in Kubernetes, as illustrated in the following schema:

Luc Juggery

Docker & Kubernetes trainer (CKA / CKAD), 中文学生, Learning&Sharing

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store