In the recent months there’s been a lot of noise in the area of supply chain security because of increase in attacks, with notable ones like Microsoft Exchange Server or SolarWinds breach. These attacks could have been prevented with proper tools in place, yet finding the right tool for the job might be difficult as this area is hard to navigate and most of us - developers - aren’t security experts. There’s however a project that can solve this. Its name is sigstore and in this article we will look at what it does, why we need it and how it fits into landscape of existing tools in this area.
At the first glance Python’s
operator module might not seem very interesting. It includes many operator functions for arithmetic and binary operations and a couple of convenience and helper functions. They might not seem so useful, but with help of just a few of these functions you can make your code faster, more concise, more readable and more functional. So, in this article we will explore this great Python module and make the most out of the every function included in it.
In any software project, over time new features and APIs are added and from time-to-time some of them also become deprecated and eventually get removed. Even huge project such as Kubernetes is no exception to this, yet core parts of its API don’t really come to mind when thinking about deprecating and eventual removal. So, the question is - could a core object or API in Kubernetes, such as Pod, Deployment or Service be removed and if so, how would that go?
Take a tour of Python’s functools module and learn how to use its higher-order functions to implement caching, overloading, creating decorators and in general how to make your code a bit more functional.
Debugging containerized workloads is a daily task for everyone who works with Kubernetes, which can be made much simpler with
kubectl debug - a beta feature of Kubernetes. In the article you will learn how to make it available in your cluster, how it works, as well as some examples how you can use it to easily debug both Kubernetes Pods and worker Nodes.
Working with Docker CLI is very straightforward - you just
push containers and images, but have you ever wondered how do the internals behind this Docker interface actually work?
Behind this simple interface hides a lot of cool technologies and in this article you can learn about one of them - the union filesystem - the underlying filesystem behind all the container and image layers.
Martin Heinz shares some of his favorite git features: word diff, auto-correct, plugins, and commit signing.
At this point probably everybody has heard about Docker and most developers are familiar with it, use it, and therefore know the basics such as how to build a Docker image. It is as easy as running
docker built -t name:tag ., yet there is much more to it, especially when it comes to optimizing both the build process and the final image that is created.
The article goes on to cover caching, slimming, and securing your images so they’ll run faster and be less prone to abuse.
Container security is often overlooked topic, as people assume that containers are secure by default - which is not true. One of the ways to secure container workloads in Docker and Kubernetes is to leverage
seccomp profiles and this advanced feature of container runtimes is explained and shown in this article.