DevOps and Docker Talk: Cloud Native Interviews and Tooling

Dan Lorenc, from Chainguard, shares insights on creating secure container images, emphasizing the importance of minimalism to enhance security. He discusses the ramifications of the recent XZ supply chain attack and how Chainguard addresses vulnerability management. Dan highlights the benefits of their zero CVE approach, the launch of Chainguard images on Docker Hub, and the need for proactive security practices. He also elaborates on tools for reducing attack surfaces and the significance of frameworks like SLSA in bolstering software security.

Bret and Nirmal are joined by Phil Estes of AWS to show us the Finch project, which bundles the best open source tools for building and running containers locally. Now it runs on macOS and Windows WSL2.We've been talking with Phil about this show for months, and now that Finch has come to Windows, we thought it was the best time to clue you in as to why AWS created the Finch project and what it does. You've probably heard of containerd, the most popular container runtime on the planet and BuildKit, the best way, in my opinion, to build container images. Those two work hand in hand in Docker and many other container tools. But you might not have heard of nerdctl or Lima, which are also open source tools that work with containerd and BuildKit to help you run containers locally in a virtual machine. Well, AWS had the idea of making an easy installer for these four tools. That's how Finch was born. Finch is not meant to be a replacement of your existing way to run containers. The tools it installs are a bit of a minimum feature set, if you will, and more focused on providing people the exact tools AWS uses in its container platforms, mainly containerd and BuildKit, which are everywhere in AWS. Rather than building something that's feature equivalent to other local container solutions like Docker Desktop and Rancher Desktop, Finch keeps it simple and does the bare minimum.  If you just want an easily installable and minimal way to build and run local containers at the command line with no goofy, high-end fancy features, pure open source and just on Mac and Windows, at least at this point, you should give Finch a try.Be sure to check out the live recording of the complete show from February 22, 2024 on YouTube (Ep. 255).★Topics★Finch WebsiteBret's local container runtime spreadsheetCreators & Guests Phil Estes - Guest Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host Nirmal Mehta - Host (00:00) - Intro (00:35) - What is Finch? (03:53) - Phil's History with Docker and Finch (07:59) - Deep Dive into AWS Finch Project (11:41) - How do the Components Tie Together (25:31) - Finch's Position in the Container Ecosystem (26:47) - Finch's Capabilities and Comparisons (27:45) - VM Management and Lima Integration (37:51) - Finch's Roadmap and Community Engagement (41:49) - How Does Finch Connect to Lima? (42:45) - Potential Lima Conflicts with Finch (46:38) - Getting Started wtih Finch You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Neil Cresswell, CEO and co-founder of Portainer, dives into the impressive capabilities of Portainer for managing container workloads. He discusses how Portainer simplifies deployments from Docker to Kubernetes, emphasizing its support for IoT and edge computing. Exciting updates include GitOps functionality and the introduction of AI capabilities. Neil also shares insights on Portainer's evolution, cluster provisioning, and how it streamlines Kubernetes adoption, making container management accessible for all.

Bret and Nirmal are joined by Ivan Burazin and Chad Metcalf to debut Daytona, an open source "codespaces equivalent."Daytona is a development environment manager designed to automate all the tedious steps a developer needs to perform to set up their development environment. "Essentially, it transforms any machine into a codespaces equivalent."Where Daytona is actually starting in the enterprise is focusing on large dev environment solutions and management of those, and then trickling down to individual developers. So there are two very similar solutions to a problem of many developers and their varying ways that they set up their environments for development, but they're coming at it from two ends of the spectrum. Watch the video version on YouTube. ★Topics★Daytona websiteDaytona on GitHubWhy Daytona OSS'dDIY GuideCreators & Guests Ivan Burazin - Guest Chad Metcalf - Guest Bret Fisher - Host Nirmal Mehta - Host Beth Fisher - Producer Cristi Cotovan - Editor (00:00) - Intro (06:33) - CodeAnywhere (07:50) - Introducing Daytona: Revolutionizing Dev Environments (13:54) - Demo (21:07) - Daytona's Automation Magic (22:49) - Comparing Daytona with DevPod (25:15) - Daytona's Roadmap and Beyond (27:01) - Dev Environments and IDEs (39:52) - AI with Daytona (44:05) - Getting Started with Daytona (44:35) - Getting Involved in Daytona (47:00) - Features About to Ship in Daytona You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Bret and Nirmal are joined by Lukas Fittl of pganalyze to dive into Postgres in containers, in production, and in CI.Lukas is an expert and founder of pganalyze, and I invited him on the show to explain a lot of this to us and catch us up with what's going on in the Postgres community, particularly when it comes to containers and production.We dive into everything around containers with Postgres, some of the new stuff going on in Postgres Land, including tuning and stuff I didn't even know about Postgres, including storing NoSQL data, vector databases for AI and more.Be sure to check out the live recording of the complete show from February 15, 2024 on YouTube (Ep. #254).★Topics★pganalyze websitepganalyze YouTube channel pgvector cloudnative-pg Crunch Postgres for Kubernetes CockroachDBCreators & Guests Bret Fisher - Host Lukas Fittl - Guest Nirmal Mehta - Host Cristi Cotovan - Editor Beth Fisher - Producer (00:00) - Intro (01:59) - Is Postgres Underrated? (04:18) - What is pgAnalyze? (05:02) - Database Performance Tuning (11:11) - Postgres in Containers (19:44) - Opinion on kubegres and other operators in managing HA (25:03) - The role of Database Administrators and Data Engineers (31:54) - Running Postgres HA across multi-cluster (39:23) - What does pgnalyze do? (44:45) - The hardest operational problem running Postgres in containers You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Three Docker captains share insights on favorite tools for DevOps in 2023, including Dive, SlimToolkit, OpenTelemetry, and eBPF. They discuss image optimization, CDEvents, MLOps, Ollama, Inspektor Gadget, and Arc Browser. Future trends like WebAssembly and Digestabot are also explored.

Bret is joined by Matan Mishan & Roy Razon of Livecycle to discuss developer platforms and how to improve developer collaboration and speeding up feedback and previews.We talk about the various delays encountered in pull requests due to feedback processes, and how Lifecycle's tools aim to shorten this feedback loop in Docker Desktop, local CLI with Preevy, and automated CI workflows. I like how Lifecycle provides multiple locations and ways to get access to people in the preview environments that really lets you just fit the different parts of the tool into your workflow, as opposed to one way to do everything. It's great for getting feedback quickly during the PR process, rather than making people set up their own environments to test their changes. I also liked their ideas around how the feedback loops can be improved.This episode contains great demos so be sure to also check out the live recording of the complete show from December 21, 2023 on YouTube (Ep. #246). ★Topics★Livecycle's WebsitePreevy RepositoryLivecycle Docker ExtensionCreators & Guests Bret Fisher - Host Matan Mishan - Guest Roy Razon - Guest Beth Fisher - Producer Cristi Cotovan - Editor (00:00) - Intro (01:57) - Internal Developer Platform: a self-service solution (06:38) - Lifecycle and the Docker Extension (24:10) - Using GitHub Environments (27:46) - First Steps and What's Next You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Bret and Nirmal are joined by Michael Irwin, DevRel at Docker, to talk about all the products and features Docker shipped in 2023 and what's coming in early 2024. They discuss updates in Docker Engine, performance improvements, Docker Extensions, dashboard and GUI updates, Docker init, what's new in Compose, Docker Scout, Docker and AI/Machine Learning, and upcoming features like Docker Debug.

Bret interviews Alex Kretzschmar from Tailscale about their universal VPN tool. They talk about the benefits of Tailscale, including easy device-to-device connections and seamless network experience. They also discuss the use cases of Tailscale in Kubernetes and the challenges of managing VPN connections. Additionally, they touch on networking products, Magic DNS, key exchange process, and the 'swarm fans' community.

In this podcast, Beth Fisher, the producer, and Bret Fisher, the host, discuss the evolution of Dockerfiles and the importance of versioning. They explain the benefits of using the latest Dockerfile parser and Docker front ends, highlight the challenges of Docker engine versions, and explore new features in Docker file front ends. They also talk about the significance of the syntax line, Dockerfile versions, and efficient image updates with the 'ad' command.