Published on 26 Sep 2020
I am using traefik as the ingress controller in multiple Kubernetes clusters. Those instances are running standalone (without the integrated high availability). To make sure that users are able to reach traefik, a DNS record points to the host IP. So far, an init container was responsible for updating DNS if the traefik pod restarts. But recently I decided to decouple the DNS update from traefik. This led to writing a Kubernetes controller to watch the traefik pod for restarts and update DNS accordingly. This post provides details about writing the controller in bash.
Published on 20 Sep 2020
Docker does not implement the concept of a pod. But pods can be created by explicitly sharing the network namespace of containers. With
docker-compose it is possible to manage pods in an declarative way using the
Published on 25 Aug 2020
I am very happy to announce that I have been awarded Microsoft Most Valuable Professional (MVP) in Cloud and Datacenter Management again. I have now been an MVP for 10 years :-)
Published on 01 Jun 2020
After my talk about BuildKit at DockerCon Live 2020 I wanted to provide a detailed answer to a question from the audience. I was asked how to use BuildKit in GitLab CI and this post will explain this for running the BuildKit daemon as a service and using BuildKit daemonless in a job.
Published on 28 May 2020
This week I had the honor of talking at DockerCon Live 2020. It was a dream come true and I was really excited considering that over roughly 70K registered for the event and nearly 24K watched the keynote. I presented how to improve container image builds using BuildKit. In contrast to many other virtual conferences, talks were pre-recorded and played at the designated time. This approach allowed speakers to interact with the audience during the talk.
Published on 25 Mar 2020
When authenticating against a container registry, the user only supplies username and password. But in the background, Docker daemon and registry are using token authentication. This post demonstrates how to build a registry with a separate authentication service for token authentication.
Published on 24 Jan 2020
This week I had the honour of giving a talk at the Docker Virtual Meetup about how to improve your Docker image builds. It was a very interactive crowd :-)
Published on 05 Dec 2019
There has been much confusion around the container entrypoint and parameters. This post will shed some light on this topic and present an script to serve as an flexible entrypoint.
Published on 02 Dec 2019
For the third time in a row, I co-organized a regional IT conference called x-celerate held in Freiburg, Germany. This time, I contributed a talk about covering the following topics:
- Remote build cache using BuildKit
- Build secrets using BuildKit
- Troubleshooting containers
- Vulnerability scans using trivy
- Container image builds using img
- Lightweight Kubernetes using k3s
Published on 01 Dec 2019
Last week I had the chance to talk about observability at our local Devsmeetup. As usual, after the talk we had a very lively discussion about monitoring in general but also about Prometheus and long term storage.