Hi friends!
It's Ivan again, with my traditional roundup of all things around iximiuz.com.
Remember that article on Kubernetes I mentioned last time? While I was finishing the last month's issue, the article made it to the front page of Hacker News, thanks to its controversial title: How Kubernetes Reinvented Virtual Machines. When I was done with the newsletter work, I got pleasantly surprised by the number of new readers on the blog. At moments like that, you know for sure that all these hours of suffering writing are worth it!
And now to the updates & announcements!
SPONSORED How Passwordless Works is yet another masterpiece from Teleport. Not a typical shallow corporate blog publication but a deep technical write-up explaining how the new Web Authentication protocol works. If everything goes well, we'll soon be having one more key on our physical keychains, and the days of passwords and password managers will be gone.
β
Announcements
I've been dodging invitations to speak since forever (well, I'm a writing guy), but this month I finally decided to give it a try:
I'm looking forward to these streams (but, hell, am I nervous!), and I hope you'll tune in too!
β
What I Was Working On
I've been doing a lot of research this month on how to produce small(er), fast(er), and secure(r) container images. Most of the results are yet to become articles, but I already have something to share: In Pursuit of Better Container Images: Alpine, Distroless, Apko, Chisel, DockerSlim, oh my!β
On the birdy-side of things, there was a bunch of tweets that attracted people's attention:
β
What I Was Reading
- βDocker and the OCI container ecosystem - good overview & summary of the container ecosystem, starting from the explanation of how Docker became the de facto standard container implementation and then touching upon the most popular tools in the area like Docker, containerd, runc, Podman, cri-o, etc. A great addition to my Journey From Containerization To Orchestration And Beyond.
- βWho Should Write the Terraform? - experience-based reflection on the evolution of Admins and Coders into Developers and SREs with a touch upon platform engineering. Good read! Reminded me of my DevOps, SRE, and Platform Engineering.
- βDevelopers Should Deploy Their Own Code - agree with the main theme and most of the points.
- βDesigning Developer Velocity - a great checklist for anyone concerned with DevEx!
- βPersonal Security Posture: How I Keep My Cybersecurity Game Strong - pragmatic piece of advice by Corey Quinn suitable for most of the software folks out there: understand your threats and choose the defense means accordingly.
- Corey asked, "Whatβs the current state of the art for rapid iteration against a development environment k8s cluster" and after getting a myriad of replies, all mentioning a different piece of tech, brilliantly answered the question himself, "the state of the art has yet to emerge".
- βacorn.io - [an attempt to answer the above question by the creators of Rancher] - a containerized application packaging framework that simplifies deployment on Kubernetes. Check out this dope intro by Saiyam Pathak.
- βConcurrency Compared: AWS Lambda, AWS App Runner, and AWS Fargate - worthwhile overview; App Runner sounds like my new (would-be) fave way to run containerized web services. And I'm still of the opinion that AWS Lambda is good only for ad-hoc/event/pure FaaS use cases and inflicts pain in others.
- βgithub.com/sieve-project/sieve - an interesting way to auto-test Kubernetes controllers. At first, it may sound too fancy/complicated, but after reading the testing strategies, it starts sounding much more reasonable.
- βLiving with Kubernetes: 12 Commands to Debug Your Workloads - an old but gold article offering a handy set of commands to debug and troubleshoot Kubernetes workloads.
- βThe API Object Lifecycle - simple but important considerations for handling DELETING objects; must-read for all controller developers.
- βThe Value is in the API - on how the API matters more than the implementation behind it and on the importance of good APIs (including the one provided by Kubernetes).
- βSlim and Secure Containers: DevOps and Docker Live Show - the Slim.AI portal is featured on Bret Fisher's show. See how to inspect your container images and scan them for vulnerabilities right in your browser.
- βVulnerability scanners 101 by Dan Lorenc, Chainguard's founder & CEO. TL;DR - Scanners ain't magic (yet?)
β
Stay Tuned
Well, that was a big one... But I want to believe I shared only the worthy bits! I should probably start sending this newsletter twice a month to make it more digestible, though π
Stay safe and healthy!
Cheers,
Ivan Velichko