Posts tagged: containers

External Link containers.github.io [1] bootc is the underlying technology that enables OS’s like bazzite, and Aurora from the uBlue ecosystem. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://containers.github.io/bootc/ [2]: /thoughts/

Production-ready Python Docker Containers with uv Starting with 0.3.0, Astral’s uv brought many great features, including support for cross-platform lock files uv.lock. Together with subsequent fixes, it has become Python’s finest workflow too... Hynek Schlawack · hynek.me [1] Hynek has a sick dockerfile setup for using uv in python projects. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://hynek.me/articles/docker-uv/ [2]: /thoughts/

Provider List - The Cluster API Book cluster-api.sigs.k8s.io [1] Cluster API book Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://cluster-api.sigs.k8s.io/reference/providers [2]: /thoughts/

[1] This page is gold. It lays out all of the distrobox assemble api with some good examples of how to get access to things like podman and kind from inside of containers. Especially this example. [tumbleweed_distrobox] image=registry.opensuse.org/opensuse/distrobox pull=true additional_packages="acpi bash-completion findutils iproute iputils sensors inotify-tools unzip" additional_packages="net-tools nmap openssl procps psmisc rsync man tig tmux tree vim htop xclip yt-dlp" additional_packages="git git-credential-libsecret" additional_packages="patterns-devel-base-devel_basis" additional_packages="ShellCheck ansible-lint clang clang-tools codespell ctags desktop-file-utils gcc golang jq python3" additional_packages="python3-bashate python3-flake8 python3-mypy python3-pipx python3-pycodestyle python3-pyflakes python3-pylint python3-python-lsp-server python3-rstcheck python3-yapf python3-yamllint rustup shfmt" additional_packages="kubernetes-client helm" init_hooks=GOPATH="${HOME}/.local/share/system-go" GOBIN=/usr/local/bin go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest; init_hooks=GOPATH="${HOME}/.local/share/system-go" GOBIN=/usr/local/bin go install g...

add init hooks and exported bins · WaylonWalker/devtainer@2e4c6da 🐳 (dotfiles) My personal development docker container base image - add init hooks and exported bins · WaylonWalker/devtainer@2e4c6da GitHub · github.com [1] Today I learned that you can use init_hooks to access host machine commands from inside a distrobox container. This is super handy for things that you cannot get to from inside the container and need ran outside (docker, podman, flatpak, xdg-open). init_hooks=ln -sf /usr/bin/distrobox-host-exec /usr/local/bin/podman; Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://github.com/WaylonWalker/devtainer/commit/2e4c6da537f5672209d1b3922fad754190aef938#diff-38878343c551520f8af2a3986e5f6085b03df197a56a92abc42a44b200f0264aR19 [2]: /thoughts/

After first setting up a new k3s instance your kubeconfig file will be located in /etc/rancher/k3s/k3s.yaml. You cans use it from here by setting $KUBECONFIG to that file. export KUBECONFIG=/etc/rancher/k3s/k3s.yaml Or you can copy it to ~/.kube/config cp /etc/rancher/k3s/k3s.yaml ~/.kube/config If you have installed k3s on a remote server and need the config on your local machine then you will need to modify the server address to reflect the remote server. scp user@<server-ip>:/etc/rancher/k3s/k3s.yaml ~/.kube/config Warning only do this if you don’t already have a ~/.kube/config file, otherwise copy it to a new file and set your $KUBECONFIG env variable to use it. Now you will need to open that file and change the server address, making sure to keep the port number. apiVersion: v1 clusters: - cluster: certificate-authority-data: **** server: https://<server-ip>:6443 name: default

- Docker no Docker, what!!! So fly.io uses Dockerfiles to deploy your app, but no docker. They use containerd to download your docker images into firecracker microvms to run your app. Firecracker is the same tech that runs aws lambda functions. Fascinating short post on the beans under the hood at fly.io and how they scale your app globally. Note This post is a thought [1]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: /thoughts/

I’ve started leaning in on kubernetes kustomize to customize my manifests per deployment per environment. Today I learned that it comes with a diff command. kubectl diff -k k8s/overlays/local You can enable color diffs by using an external diff provider like colordiff. export KUBECTL_EXTERNAL_DIFF="colordiff -N -u" You might need to install colordiff if you don’t already have it. sudo pacman -S colordiff sudo apt install colordiff Now I can try out kustomize changes and see the change with kustomize diff.

- Great intro into kustomize. This helped me get started with kustomize. Note This post is a thought [1]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: /thoughts/

Yesterday I realized that I have overlooked the default installation method of the sealed secrets controller for kubernetes kubeseal [1] this whole time an jumped straight to the helm section. I spun up a quick kind cluster [2] and had it up quickly. I can’t say this is any better or worse than helm as I have never needed to customize the install. According to the docs you can customize it with [[ kustomize ]] or helm. # option if you don't have a cluster try with kind kind create cluster curl -L https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.27.0/controller.yaml > controller.yaml kubectl apply -f controller.yaml References: [1]: /kubernetes-kubeseal/ [2]: /kind-cluster/

Where DOESN’T curl run with curl BDFL Daniel Stenberg (Changelog & Friends #49) Daniel Stenberg shares his guiding principles for BDFL'ing curl, gives us his perspective on the state of the internet, talks financial independence, ensuring curl won't be the next XZ & more! Changelog · changelog.com [1] Love how Daniel just brushed off the number of netflix tv installs as small beans for curl installs. overall great episode on open source, owning a major component to technology with such a small team. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://changelog.com/friends/49 [2]: /thoughts/

GitHub - stackrox/kube-linter: KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices. KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices. - stackrox/kube-linter GitHub · github.com [1] A linter for linting kubernetes manifests and help charts. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://github.com/stackrox/kube-linter [2]: /thoughts/

Best practices for Docker in production You talkpython.fm [1] Great listen for anyone interested in productionizing python code with docker. Itamar brings up some Don’t trust base images for security, upgrade your packages. Vulnerabilties become published and solved giving the bad guys istructions how to wreck your day and these fixes wont come to your docker application for up to two weeks due to image build tatency. For job based containers pre-compile your pyc for faster startup. Alpine linux is probably not what you want for python. Many packages such as postgres ship pre-copiled binaries that work for most linux distributions wich use glibc, but alpine uses musl so the binaries will be incompatable requiring you to need to install a bunch of build dependencies. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://talkpython.fm/episodes/show/323/best-practices-for-docker-in-production [2]: /thoughts/

External Link askubuntu.com [1] podman requires qemu-system on ❯ podman machine init Looking up Podman Machine image at quay.io/podman/machine-os:5.1 to create VM Extracting compressed file: podman-machine-default-amd64.qcow2: done Error: exec: "qemu-img": executable file not found in $PATH The fix to this for me was to install qemu-system before podman machine init. sudo apt update sudo apt install qemu-system Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://askubuntu.com/questions/1490805/how-do-i-install-qemu-on-ubuntu-23-10 [2]: /thoughts/

GitHub - argoproj/argo-events: Event-driven Automation Framework for Kubernetes Event-driven Automation Framework for Kubernetes. Contribute to argoproj/argo-events development by creating an account on GitHub. GitHub · github.com [1] Argo events is an event driven automation framework for kubernetes that can create kubernetes objects among other things based on events. I’ve been using native kubernetes cronjobs to kick off jobs based on a cron trigger. For instance I am running reader.waylonwalker.com every hour, to rebuild the site and re-deploy it. It takes about two minutes to fetch every rss feed, so this is a nice application of a job compared to a web server fetching the feeds live. Now my posts may be up to an hour stale but they load fast. Argo events takes event drien architecture to the next level allowing to be triggered by many more things, and do many more things than creating a cron job. I’m definitely thinking about dropping this in my homelab [2]. Note This post is a thought [3]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://github.com/argoproj/argo-events?tab=readme-ov-file [2]: /homelab/ [3]: /thou...

GitHub - eraser-dev/eraser: 🧹 Cleaning up images from Kubernetes nodes 🧹 Cleaning up images from Kubernetes nodes. Contribute to eraser-dev/eraser development by creating an account on GitHub. GitHub · github.com [1] This is kinda sick, its a tool to clean up container images in a k8s cluster. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://github.com/eraser-dev/eraser?tab=readme-ov-file [2]: /thoughts/

Distrobox Use any linux distribution inside your terminal. distrobox.it [1] distrobox gives you distrobox-host-exec to run commands on the host. This is handy to get access to host level clis that you probably wouldn’t want to run from the container like podman, docker, flatpak. DESCRIPTION distrobox-host-exec lets one execute command on the host, while inside of a container. Under the hood, distrobox-host-exec uses host-spawn a project that lets us execute commands back on the host. If the tool is not found the user will be prompted to install it. Note This post is a thought [2]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://distrobox.it/usage/distrobox-host-exec/ [2]: /thoughts/

https://boot.dev/blog/devops/how-to-restart-all-pods-in-a-kubernetes-namespace/ blog.boot.dev [1] As of kubernetes 1.15 there is an easy way to restart all pods in a deployment. kubectl -n {NAMESPACE} rollout restart deploy Thanks Lane give him a follow @wagslane [2] Note This post is a thought [3]. It’s a short note that I make about someone else’s content online #thoughts References: [1]: https://blog.boot.dev/open-source/how-to-restart-all-pods-in-a-kubernetes-namespace/ [2]: https://twitter.com/wagslane [3]: /thoughts/