DevOps and Docker Talk: Cloud Native Interviews and Tooling

Brian Douglas of OpenSauced joins the show to discuss the impact of open source and finding mentors, the significance of stars on GitHub, establishing trust and making meaningful contributions, pitching ideas and naming projects, and the Open Source/Pizza CLI experience and 100 Days of Open Source program.

Idit Levine, Founder/CEO Solo.io, talks about Istio, Ambient Mesh, Envoy, Zero-Trust Security, Cilium, eBPF, and Multi-Cloud. They discuss how Solo's new product, Ambient Mesh, simplifies the install and infrastructure costs of running Istio, making it more accessible to implement. The podcast also covers the origins of solo.io, the benefits of using Mesh Backplane Network (MBN), the future of service mesh, TOC members and relationships, teaching challenges, and the adoption of uni kernels and WebAssembly.

Bret and Matt welcome special guest Brendan Burns, CVP Azure Cloud Native & Resource Management, and also a founding member of the Kubernetes project.Because Brendan is one of the three original co-founders of the Kubernetes project back in 2013 at Google, he's a little bit internet famous in open source and Cloud Native. So I was a little nervous going into this because I had so many questions. We took some live questions as we always do from YouTube live, and I thought it was a really great episode of a little mix of talking about Azure and some of the things you can do with containers, some of the things they're working on, some of the things that he's focused on that we haven't seen yet. We talk about AI and how that relates to some of these things. We even talk about WASM or WebAssembly, one of my favorite topics of the last year, because that's important so it was great to get his perspective. And I think my favorite part of the show is where we really talk about the next layers of abstraction, or maybe even the ways that we can deploy to Kubernetes or make it simpler to manage and deploy to. And that's been a real challenge for the community ever since Kubernetes was created in making it more accessible to more people, without it being so complex to manage and deal with underneath. And Brendan has some really great views on what it's going to take it to get us there.Live recording of the complete show from June 15, 2023 is on YouTube (Ep. #221).★Topics★Ways to run containers on AzureDaprWebAssembly on Azure KubernetesWasmtimeTwelve-Factor AppYou can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.comCreators & Guests Bret Fisher - Host Cristi Cotovan - Editor Beth Fisher - Producer Matt Williams - Host Brendan Burns - Guest (00:00) - Intro (03:10) - Introducing Brendan (08:47) - Advice for starting to run containers (30:30) - Reducing complexity with AI (34:41) - Addressing DevOps fatigue (42:38) - Running WebAssembly on Kubernetes (54:23) - LTS Linux Distributions (59:28) - What's next after containers and orchestration?

Bret and Matt welcome Michael Cade, the field CTO at Kasten by Veeam. If you've been around servers for a while, you probably have heard of Veeam. It made its debut back in the late 2000's when virtual machines and implementations of VMs were big. I first found out about them back in those days, because it was a great free product for small virtual machine environments and data centers. They've made tons of additional backup and recovery products over those years, and now they have Kasten K10, which is a Kubernetes backup and restore/recovery product. Michael discussed with us the origins of K10 and some of the major features. We get into some demos, which you can check out in the original YouTube live show. Live recording of the complete show from June 1, 2023 is on YouTube (Ep. #219). Includes demos.★Topics★Kasten K10 websiteK10 free for 5 nodesKanisterKasten K10 Walkthough Project on GitHubKasten K10 install configKastenByVeeam YouTube channel You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.comCreators & Guests Bret Fisher - Host Cristi Cotovan - Editor Beth Fisher - Producer Matt Williams - Host Michael Cade - Guest (00:00) - Intro (02:23) - Introducing Michael Cade (03:30) - Veeam: then and now (07:38) - How Kasten came to be (14:11) - Complexity and Recovery (19:04) - Backup litmus test (23:02) - Demo (24:26) - Navig8: an open source visualizer for Helm Chart (28:44) - Kanister: an open source project for data management on Kubernetes (31:39) - Incremental backups (36:44) - Label-based backup policies (41:39) - Location profiles (43:56) - Infrastructure profiles (49:52) - Integrate your backup into you GitOps pipeline (51:43) - What about security? (54:57) - Getting started (01:02:13) - Miami conference

Bret and Matt welcome Jake Warner back to the show to talk about LowOps. What does LowOps mean? What can Cycle offer us as an alternative to Swarm and Kubernetes?Jake Warner is the CEO and founder of Cycle.io. And I had him on the show a few years ago when I first heard about Cycle and I wanted to get an update on their platform offering. On this show we generally talk about Docker and Kubernetes but I'm also interested in any container tooling that can help us deploy and manage container based applications. Cycles' platform is an alternative container orchestrator as a service. In fact, they go beyond what you would provide normally with a container orchestrator and they provide OS updates, networking, the container runtime, and the orchestrator all in a single offering as a way to reduce the complexity that we're typically faced with when we're deploying Kubernetes. While I'm a fan of Docker swarm due to its simplicity, it still requires you to manage the OS underneath, to configure networking sometimes, and the feature releases have slowed down in recent years. But I still have a soft spot for those solutions that are removing the grunt work of OS and update management and helping smaller teams get more work done. I think Cycle has the potential to do that for a lot of teams that aren't all in on the Kubernetes way, but still value the container abstraction as the way to deploy software to servers.Live recording of the complete show from May 18, 2023 is on YouTube (Ep. #217). Includes demos.★Topics★Cycle.io website@cycleplatform on YouTube You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.comCreators & Guests Bret Fisher - Host Cristi Cotovan - Editor Beth Fisher - Producer Matt Williams - Host Jake Warner @ Cycle.io - Guest (00:00) - Intro (02:25) - Introducing the guests (03:17) - What is Cycle? (12:33) - Deploying and staying up to date with Cycle (14:21) - Cycle's own OS and updates (17:12) - Core OS vs Cycle (22:10) - Use multiple providers with Cycle (22:52) - Run Cycle anywhere with infrastructure abstraction layer (24:33) - No latency requirement for the nodes (28:28) - DNS for container-to-container resolution (29:54) - Migration from one cloud provider to another? (31:17) - Roll back and telemetry (32:48) - Full-featured API (37:12) - Cycle data volumes (38:35) - Backups (40:24) - Autoscaling (43:00) - Getting started (44:40) - Control plane and self-hosting (44:58) - Question about moving to Reno (45:59) - Built from revenue and angels; no VC funding

Bret and Matt are joined by Corey Quinn to talk about AWS and containers.Corey Quinn is the Chief Cloud Economist at the Duckbill Group. You may have seen or heard some of his in-depth AWS content, including his Last Week in AWS newsletter and blog, Corey's podcast Screaming in the Cloud and the AWS Morning Brief, or his highly produced YouTube videos on the Last Week in AWS channel. Corey runs the Duckbill Group, a company of people focused on helping clients understand and manage their cloud spend. If I had to describe Corey in a sentence, he's a quick thinking AWS expert who is one part cloud strategist, and one part sarcasm. The inspiration for this show came from his blog series, focused on all the ways to run containers on AWS, which is to say there's a lot. Dozens of ways, in fact, which I took as a testament to how containers have won the cloud as the primary way to package and deploy software to servers. Now, the hard part for us is to figure out which method we're going to choose for running those containers. We go on lots of tangents, but overall it was a fun conversation and I hope you enjoy this episode.Live recording of the complete show from May 4, 2023 is on YouTube (Ep. #214).★Topics★The Cloud Resume ChallengeLast Week in AWS17 ways to run containers on AWS17 MORE ways to run containers on AWSYou can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.comCreators & Guests Bret Fisher - Host Cristi Cotovan - Editor Beth Fisher - Producer Matt Williams - Host Corey Quinn - Guest (00:00) - Intro (07:19) - 17 Ways to Run Containers on AWS (09:57) - If you're using the cloud, use the cloud! (13:32) - Data loss and it's only on the internet forever (17:58) - Recommended ways to run containers on AWS (22:49) - Biggest burn on people's AWS bills (29:33) - Docker Desktop on top of AWS EC2 in Windows and do you need bare metal? (30:13) - Bare metal required for Hyper-V (32:39) - AWS App Runner (40:26) - Services AWS has dropped (41:39) - Workloads inside the container; where the container should run (44:13) - Building experience...hands-on projects vs getting certifications (55:31) - Migrating. Leaving Kubernetes. (01:00:57) - Chat GPT Star Wars jokes

Bret and Matt are joined by Brent Baude and Dan Walsh from Red Hat to talk about the latest with Podman, Quadlet, Podman Desktop and Podman machine, and how it all works with Kubernetes.Dan Walsh, a Senior Distinguished Engineer at Red Hat, has been working with containers since the beginning. He's a contributor to Docker, Project Atomic, SELinux, and a lot more. He literally wrote the book on Podman. Brent Baude, is a Senior Principal Software Engineer at Red Hat and an architect and a primary maintainer of Podman, and contributes to many of its associated technologies like CRI-O, Buildah, and Skopeo. We go through a lot of tooling in this episode because Red Hat has taken a different stance than Docker in how it delivers its container tooling. You might say they take the approach of the Unix philosophy of every program does one thing well. Most of us know Docker and how it bundles many things related to containers into a single command line and daemon, yet some would prefer to isolate pieces of container management functionality into discreet, smaller programs - one for building images, one for running containers, one for communicating with registries, one for adding a GUI to your container manager, and one for managing the container VM. It's just sort of how I would break down the Podman ecosystem.And while that may seem like a lot of things, it's basically what Docker does for you in a single tool, yet the isolation of these tools is what can make them purpose-fit when you only need a fraction of the functionality of Docker. For example, one of Podman's core tenants is that it tells systemd to run your pods, which is the initialization process on most Linux distributions. In this way, your containers become more like standard system processes, rather than the Docker way of running all containers under the Docker Daemon process itself. Now many of us have heard of the other two original Red Hat container projects, Skopeo and Buildah, but there's now an increasing number of things the Podman ecosystem can do. So I'm grateful to Dan and Brent for coming on to break down the new parts of this toolkit and how we might use them.Live recording of the complete show from April 20, 2023 is on YouTube (Ep. #212).★Topics★Podman WebsitePodman Desktop WebsiteDan Walsh's book, Podman in ActionPodman Machine referenceQuadlet Blog PostPodman and Quadlet Blog PostYou can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.comCreators & Guests Bret Fisher - Host Cristi Cotovan - Editor Beth Fisher - Producer Matt Williams - Host Brent Baude - Guest Dan Walsh - Guest (00:00) - Intro (04:26) - Dan's history with containers (10:52) - The recommended way to get Podman (11:55) - Podman Machine (13:27) - How is Podman Machine installed (16:43) - How is Podman organised (19:22) - Podman Compose explained (25:21) - Podman Desktop (28:52) - Podman and Docker extensions (30:16) - Support for Kubernetes YAML (36:54) - Podman and systemd workloads (42:44) - How to get started with Podman (51:38) - Overlaying networks with Podman

Bret and his co-host, Matt, are joined by Jason Dellaluce and Luca Guerra from Sysdig to talk about Falco, a tool I recommend for production clusters and knowing about any bad behavior on your servers. Falco is a security tool I've mentioned multiple times on this show, because I mostly think that a low level security focused logging product is something that every production server needs. The ability to log unexpected events and behaviors on your Linux host is powerful and necessary to be able to audit what's really happening on your infrastructure outside of your app itself. Falco has been a CNCF incubating project for over four years, and I was immediately drawn to it in its early days, because it was container and Kubernetes aware and it could log and alert with default rules for everything, from someone starting a shell inside a container, to a bash history file being deleted, to a container trying to talk to the Kubernetes API. This episode will be useful for those of you new to tools like Falco and for those familiar with its basics, but also wanting to learn about newer features and use cases, which I did some learning on myself in this episode.Live recording of the complete show from April 6, 2023 is on YouTube (Ep. #210).★Topics★Falco websiteFalco on CNCFYou can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.comCreators & Guests Bret Fisher - Host Cristi Cotovan - Editor Beth Fisher - Producer Matt Williams - Host Jason Dellaluce - Guest Luca Guerra - Guest (00:00) - Intro (02:24) - Introducing the guests (05:25) - What is Falco? Why do we need it? (08:00) - What can Falco monitor? (17:11) - How are events logged? (30:59) - Does Falco classify alerts by severity?

Bret is joined by Lukas Gentele and Rich Burroughs from Loft Labs to look at a new project called DevPod, that supports dev containers and VMs. It works with local Docker instances and AWS, GCP, Azure, and several other cloud providers. The project is compatible with Microsoft's DevContainer standard, which means it works with the VC Code standalone app and VS Code in the browser.Lukas and Rich were on this show last year, showing off vcluster, which allows you to run a full Kubernetes cluster inside an existing Kubernetes namespace. In this episode, we announce the release of DevPod and also go through some demos. I'm already thinking of how I might use it in my own developer workflow.Live recording of the complete show from May 16, 2023 is on YouTube (Ep. #216). Includes demos.★Topics★DevPod websiteDevPod on TwitterYou can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.comCreators & Guests Bret Fisher - Host Beth Fisher - Producer Lukas Gentele - Guest Ruch Burroughs - Guest Cristi Cotovan - Editor (00:00) - Intro (02:49) - Introducing the guests (03:39) - Loft Labs and VCluster (05:46) - Introducing DevPod (10:39) - Why CLI plus GUI? (13:16) - DevPod use case (15:30) - Options for IDEs and port forwarding (18:20) - Using the Microsoft VS Code dev containers features (21:14) - Create dev environments locally or remotely (27:47) - Turning it on and off without having to go to the infrastructure (49:13) - How to get DevPod (50:00) - What's next? Share feedback. (57:12) - This is not a production deployment tool (01:01:27) - Wrap-up

Bret and Matt are joined by two engineers in Docker's leadership - Chief Technology Officer Justin Cormack and Senior Manager of Developer Relations Michael Irwin, to talk about recent Docker Hub changes, as well as their latest product releases.We touch on Docker's latest updates and announcements, focusing on the early releases of Docker Scout, Docker plus WebAssembly, and the Telepresence extension for Docker Desktop. We also look at Docker's version 23 release, its first major update in three years, with key changes including BuildKit becoming the default builder, the ability to run alternate containerd shims, and a return to semantic versioning. Other updates include new Swarm features and deprecation of older features, specifically older storage drivers.In the show we also cover Docker's recent announcement and subsequent retraction of a plan to require free Docker Hub organizations to move to different plans.Live recording of the complete show from March 23, 2023 is on YouTube (Ep. #208).★Topics★Docker v23 releaseDocker Hub org changesDocker ScoutTechnical preview of Docker+WasmTelepresence for Docker announcementYou can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.comCreators & Guests Justin Cormack - Guest Bret Fisher - Host Cristi Cotovan - Editor Beth Fisher - Producer Michael Irwin 🇺🇦 🕊 - Guest Matt Williams - Host (00:00) - Intro (02:56) - Docker version 23 release (05:37) - Docker's Hub Announcement and Retraction (07:40) - What does telepresence mean with Docker (10:18) - Should I switch to Kubernetes for development? (12:35) - Telepresence elevator pitch (20:30) - Telepresence connection scenarios (23:30) - How to connect with Telepresence? (31:05) - Bret's Jekyll Story (33:12) - What is available free in Scout? (35:15) - Scout is not a point-in-time scan (39:45) - James Buren's Scout Video (40:03) - Anyone can make an extension (42:04) - Favorite extensions (43:19) - Wasm technical preview (45:33) - Bret's interview with Nigel Poulton (48:27) - Question (52:31) - Docker 23 defaults to BuildKit (53:27) - Happy Birthday Docker (55:06) - Wrapping up